1. What we collect
Account information. When you sign up we store your email address, display name, and hashed password (or Google identity token if you use Google Sign-In). We also store a Stripe customer ID when you make a purchase.
Video metadata. When you create a job we record technical metadata about your source video — duration, resolution, codec, frame rate, and audio format. This helps us stitch your intro correctly.
Generated content. We temporarily store the extracted thumbnail frame, the AI-generated intro clip, and (for server-side stitching) the final stitched output in Cloudflare R2 object storage.
Payment data. All payment processing is handled by Stripe. We store the transaction amount, currency, product name, and Stripe session ID. We never see or store your full card number.
BYOK keys. If you use Bring Your Own Key mode, your fal.ai API key is encrypted with AES-256-GCM before being stored. We cannot read your key in plain text.
2. What we do not collect
Your source video. Your video file never leaves your browser. We extract a single still frame on the client side and send only that frame to our AI provider. When you choose client-side stitching, the final assembly also happens entirely in your browser.
We do not use analytics trackers, advertising pixels, or third-party cookies. The only cookies on IntroGenie are essential session cookies managed by Supabase Auth.
3. How we use your data
- Authenticate you and manage your account.
- Generate AI intros and stitch them onto your videos.
- Process payments and manage your credit balance.
- Monitor service health and debug failed jobs (aggregated statistics only — we do not review individual video content).
- Protect against abuse via rate limiting and Cloudflare Turnstile CAPTCHA verification.
4. Third-party services
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Authentication & database | Email, hashed password, profile data, job records |
| Stripe | Payment processing | Email, purchase amount, Stripe customer ID |
| fal.ai | AI video generation | Source frame image, text prompt, duration |
| Cloudflare R2 | File storage & CDN | Frames, generated intro clips, stitched outputs |
| Cloudflare Turnstile | Bot protection | Browser fingerprint for CAPTCHA verification |
| Google Identity | OAuth sign-in | Email, name, profile picture (if you choose Google login) |
5. Data retention
Generated files. Thumbnail frames are deleted after your job completes. Intro clips and stitched outputs are available for download for up to 7 days, after which they are automatically removed from storage. Download links expire after 1 hour and are re-generated on demand.
Job records. We retain job metadata (status, timestamps, video specs) for service reliability and debugging. These records do not contain video content.
Account data. Your account information is kept for as long as your account exists. Credits never expire.
Stale jobs. Jobs that remain in a pending or generating state for more than 1 hour are automatically marked as failed, and any credits charged are refunded.
6. Security
All connections to IntroGenie are encrypted with TLS. Session cookies are HTTP-only and secure. BYOK fal.ai keys are encrypted at rest with AES-256-GCM.
We enforce rate limits on all endpoints and require Cloudflare Turnstile verification on sign-up and login to prevent automated abuse.
7. Your rights
You may request a copy of the personal data we hold about you, ask us to correct inaccurate data, or request deletion of your account and associated data by emailing us at the address below.
If you are located in the European Economic Area, you have additional rights under the GDPR, including the right to data portability and the right to object to processing.
8. Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify you by updating the “Last updated” date at the top of this page. Continued use of IntroGenie after a change constitutes acceptance.
9. Contact
Questions about this policy? Reach us at [email protected].