This Privacy Policy explains how PostToVideo (“we”, “us”) collects, uses and shares personal information when you use posttovideo.com (the “Service”). We act as the data controller for personal information processed through the Service.

1. Information we collect

We collect the following categories of information:

• Account data — email address, name, password hash and any profile fields you fill in.
• Content you create — channel settings, scripts, story drafts, uploaded audio or images, generated voice-overs, generated imagery and the final assembled videos.
• Source material you import — Reddit URLs you paste, podcast transcripts you fetch and any other public content you bring into the Service.
• Third-party platform data — when you connect TikTok, YouTube or similar services we store the OAuth access and refresh tokens they issue us, the account identifier (username and a non-PII open ID), and metadata about videos we publish on your behalf (publish status, video ID, upload timestamps, error messages). We do not request followers, message inboxes or other social relationship data.
• Usage & technical data — log lines about which features you use, queue jobs, IP address, browser user agent and timestamps. We use this to diagnose issues and keep the Service stable.
• Billing data — if you purchase a paid plan, our payment processor handles your card details directly; we receive only the transaction metadata (amount, last four digits, country) needed for accounting.

2. How we use information

• to provide, maintain and improve the Service;
• to generate AI voice-overs, images and videos that you request;
• to publish content to third-party platforms when you tell us to;
• to send service announcements and respond to support requests;
• to detect, prevent and respond to abuse, fraud and security incidents;
• to comply with legal obligations.

We do not sell personal information, and we do not use the content you create or the third-party platform data we receive to train our own machine-learning models.

3. Sharing with third-party processors

To run the Service we send specific data to specialised providers, each acting as our processor under data-processing agreements:

• Google Cloud (Gemini, Imagen, Veo, Vertex AI) — script generation, image generation, video generation.
• ElevenLabs — text-to-speech for AI voice-overs.
• OpenAI Whisper — speech-to-text for subtitles and word timing.
• Anthropic Claude — optional alternative script generation.
• TikTok, YouTube, Instagram and similar platforms — when you connect them, we transmit the videos you ask us to publish along with the captions and metadata you provide.
• Cloud hosting and storage — application servers, MySQL database and object storage for media files.
• Reddit and 80,000 Hours — when you import a thread or podcast we fetch public content from them on your behalf.

We may also disclose information when required by law, to enforce our Terms or to protect the rights, property or safety of users and the public.

4. TikTok-specific disclosures

If you authorise PostToVideo to access your TikTok account through TikTok’s OAuth flow, we receive only the scopes you approve on TikTok’s consent screen — typically user.info.basic and video.publish. We use this access solely to:

• identify your TikTok account inside PostToVideo so it stays linked to the right channel;
• upload, schedule or publish videos that you explicitly choose to publish from inside PostToVideo;
• read the publish status of those uploads so we can show you success or failure.

We do not crawl your TikTok feed, comments or messages. You can revoke our access at any time from TikTok’s app permissions page or by disconnecting the account from inside PostToVideo; revocation invalidates our stored tokens.

5. Legal basis (EEA / UK users)

Where the GDPR or UK GDPR applies, our legal bases for processing are: performance of a contract (to deliver the Service), legitimate interests (to keep the Service secure, prevent abuse and improve features), consent (for optional integrations such as connecting a TikTok account) and legal obligation (tax and accounting).

6. Data retention

We retain account data while your account is active and for up to 12 months after deletion to handle disputes and legal obligations. Content you delete from inside the Service is removed from primary storage immediately and from backups within 30 days. OAuth tokens for third-party platforms are deleted as soon as you disconnect the integration.

7. Your rights

Depending on where you live, you may have the right to access, correct, export or delete the personal information we hold about you, to object to or restrict certain processing, and to lodge a complaint with your local data-protection authority. Email support@posttovideo.com to exercise any of these rights. You can also delete your account directly from Settings.

8. International transfers

Our processors operate primarily in the United States and European Union. Where we transfer personal information out of the EEA or UK we rely on Standard Contractual Clauses or another lawful transfer mechanism.

9. Security

We use encryption in transit (TLS), encrypted storage for OAuth tokens, hashed passwords (bcrypt) and least-privilege access controls. No system is perfectly secure; please use a strong, unique password and notify us at support@posttovideo.com if you suspect unauthorised access.

10. Children

The Service is not directed to children under 13 and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.

11. Cookies

We use a small number of strictly necessary cookies to keep you signed in and to protect against CSRF attacks. We do not use third-party advertising or cross-site tracking cookies.

12. Changes to this policy

We may update this policy from time to time. If the changes are material we will give reasonable notice (for example, by email or an in-app banner). The “Last updated” date at the top reflects the current version.

13. Contact

PostToVideo is operated from Denmark. For privacy questions, data-subject requests or any other concern, email support@posttovideo.com.