← Back

Privacy Policy

Last updated: 19 February 2026

This Privacy Policy describes how PilotVid (the “Service”), provided by Rabwah-AB (“Company”, “we”, “our”, “us”), collects, uses, and shares personal information, and explains your choices and rights. PilotVid is the product/brand; Rabwah-AB is the data controller for this Service.

Data Controller: Rabwah-AB

Privacy contact: support@vidpilot.app

Scope: This Policy applies to our website, web app, and related services that link to it.

1) Information We Collect

  • Account & Contact: name, email, account identifiers, subscription status, plan type.
  • Project/Content: prompts, scripts, files you upload, and outputs we generate (e.g., images, audio, video), plus settings you save.
  • OAuth: handled under the Google API Services User Data Policy (Limited Use).
  • Usage, Device & Context: IP address (including reverse-proxy headers such as cf-connecting-ip), approximate location derived from IP, user-agent, referrer, request IDs (e.g., Cloudflare Ray ID), pages viewed, actions performed, timestamps, and error/diagnostic logs.
  • Cookies & Local Storage: essential cookies (e.g., authentication token), security/fraud prevention device cookie (first-party identifier), and settings. With consent where required: analytics/measurement cookies and pixels.
  • Payments: processed by payment processors (e.g., Stripe). We receive limited billing metadata (e.g., customer ID, last4) and do not store full card numbers on our servers.

2) How We Use Information (Purposes & Legal Bases)

  • Provide the Service: authenticate you and operate features you request (performance of a contract).
  • Improve & secure: monitor for abuse/fraud and debug (legitimate interests).
  • Communicate: onboarding, transactional notices, support; occasional product updates (legitimate interests; certain marketing — consent where required).
  • Advertising/Measurement: analytics and ad effectiveness with consent where required. We do not share your prompts/outputs with ads partners.
  • Compliance: satisfy legal obligations and enforce Terms & Conditions.
  • Server-side Legal Notice Acceptance: When you proceed past the sign-in/sign-up notice that links to our Privacy Policy, Terms & Conditions, and Refund Policy, we record a one-time consent event in your account.
  • Model Training: If we offer an option to help improve AI models with your inputs/outputs, we will clearly present a control to opt in/out.

3) Advertising, Analytics & Cookies

We may use analytics and advertising technologies to measure performance and improve marketing.

  • What we share: limited identifiers and page/activity events for attribution, security/fraud prevention, and aggregate reporting.
  • Your choices: manage cookies in your browser, our in-app preferences (where available), or use Global Privacy Control (GPC). Where required by law, we seek consent before setting non-essential cookies.

4) How We Share Information

We share personal information only as needed to run the Service or comply with law:

  • Hosting/CDN & storage providers
  • Payments (e.g., Stripe)
  • AI/ML providers to fulfill user-requested generations
  • Analytics/measurement vendors (per your consent choices)
  • Email/support tooling
  • Professional advisors and law enforcement if required
  • Corporate transactions (e.g., merger/sale), with protections

We do not sell personal information for money.

5) International Transfers

Your data may be processed in the UK, EEA, US, and other countries where we and our processors operate. Where required, we use safeguards such as EU Standard Contractual Clauses and the UK Addendum.

6) Data Retention

  • Account data: life of the account and typically up to 24 months after closure.
  • Analytics logs: up to 13 months.
  • Transactional/billing: per tax/audit laws.
  • Consent/audit logs: as needed for compliance.

7) Security

We use appropriate safeguards (encryption in transit, access controls/least-privilege, monitoring, incident response). No method of transmission or storage is 100% secure.

8) Your Rights

UK / EU / EEA / Switzerland (GDPR/UK GDPR):

Rights to access, rectify, erase, restrict, object, portability, and to withdraw consent at any time (without affecting prior processing). You may lodge a complaint with your local authority, or in the UK with the ICO (ico.org.uk).

California & certain US states (CPRA and similar):

Rights to know/access, correct, delete, and to opt out of “sharing” for cross-context behavioral advertising. We do not “sell” personal information. We honor GPC where required.

Verification: We may ask for information to verify your identity and protect your account. Some requests may limit functionality if essential data is deleted.

9) Children

The Service is not intended for children under 13. We do not knowingly collect data from children under 13.

10) Changes to this Policy

We may update this Policy. We'll post the new version here and revise the “Last updated” date above. Material changes may be highlighted in-app or by email.

11) Contact

Questions or requests? Email us at support@vidpilot.app. Please include your account email and any relevant context so we can assist you faster.

PilotVid is a brand of Rabwah-AB.

© 2026 Rabwah-AB. All rights reserved.