On this page
1. Who we are & scope
CineCLI (“CineCLI”, “we”, “us”, “our”) provides an AI short-drama video generation platform built on Amazon Bedrock. This policy applies to the personal data we process when you visit our website, create an account, or use the service. It does not cover third-party sites or services that we link to but do not control.
For the purposes of the EU and UK General Data Protection Regulation (GDPR), CineCLI is the data controller for the personal data described here, except where we act as a processor handling content you submit on behalf of your own end users.
2. Information we collect
We collect the following categories of information:
| Category | Examples |
|---|---|
| Account information | Name, email address, organization, role, login credentials and account settings. |
| Content you submit | Prompts, scripts, reference uploads (images, audio, video) and other inputs you provide to generate output. |
| Generated output | The video, image, audio and text assets the service produces from your inputs, together with provenance metadata. |
| Usage & log data | Feature usage, generation requests, timestamps, IP address, and safety/moderation events. |
| Device & cookies | Browser type, device identifiers, and cookie or similar technology data. See our Cookie Notice. |
| Payment information | Billing details processed by our payment processor. We do not store full card numbers ourselves. |
| Support communications | Messages, attachments and metadata you send when you contact support or report abuse. |
3. How we use information
We use personal data to:
- Provide & improve the service — operate generation, deliver output, maintain your account, and develop new features.
- Safety & content moderation — screen inputs and outputs, enforce our Acceptable Use Policy and Responsible AI Policy, and investigate abuse.
- Security & fraud prevention — detect, prevent and respond to unauthorized access, abuse and security incidents.
- Billing — process subscriptions, payments and invoices.
- Legal compliance — meet our legal obligations and respond to lawful requests.
- Communications — send service, security and (where permitted) marketing messages you can opt out of.
4. AI processing & foundation models
The content you submit is processed by foundation models accessed through Amazon Bedrock. We apply the following protections:
- In-region processing. Customer content is processed within the AWS Region you select and is not moved outside it for inference.
- Encryption. Content is encrypted in transit and at rest.
- No model training on your content. Your prompts, uploads and generated output are not used to train or fine-tune foundation models, by us or by the model providers, when accessed through Amazon Bedrock.
- Restricted access. Access to customer content is limited, logged and used only for legitimate operational and safety purposes.
5. Legal bases (GDPR)
Where the GDPR applies, we rely on the following legal bases:
| Purpose | Legal basis |
|---|---|
| Providing the service and managing your account | Performance of a contract. |
| Security, fraud prevention, safety, and service improvement | Legitimate interests. |
| Optional cookies and marketing communications | Consent. |
| Tax, accounting and responding to lawful requests | Legal obligation. |
Where we rely on legitimate interests, we balance those interests against your rights and freedoms. You may object as described in Your rights.
6. Sharing & sub-processors
We do not sell personal data. We share personal data only with service providers acting on our instructions, including:
- AWS / Amazon Bedrock — cloud infrastructure and foundation-model provider.
- Payment processor — to process subscriptions and payments.
- Analytics — to understand and improve usage of the service.
- Email & communications providers — to send service and account messages.
A current list is maintained on our Sub-processors page. We may also disclose data where required by law or to protect rights, safety and the integrity of the service.
7. International transfers
Where personal data is transferred outside your country or region, we put appropriate safeguards in place, such as the European Commission’s Standard Contractual Clauses (SCCs) and, where applicable, the UK International Data Transfer Agreement, together with supplementary measures.
8. Data retention
We retain personal data for as long as your account is active and as needed to provide the service. Specifically:
- Account & content — retained while your account is active and deleted or anonymized after closure, subject to legal requirements.
- Logs & safety records — retained for limited periods to support security, abuse investigation and legal obligations.
- Deletion on request — you may request deletion of your personal data as described in Your rights, subject to records we must keep by law.
9. Security
We apply technical and organizational measures to protect personal data, including encryption, access controls and monitoring. No system is perfectly secure, but we work to reduce risk and respond promptly to incidents. Learn more on our Security page.
10. Your rights
Subject to applicable law, you have the right to access, correct, delete, and port your personal data, and to object to or request restriction of certain processing. Where we rely on consent, you may withdraw it at any time.
If you are a California resident, the CCPA/CPRA gives you the right to know what personal information we collect, to delete it, to correct it, and to opt out of sale or sharing (note: we do not sell personal data), and the right to non-discrimination for exercising these rights.
To exercise any right, contact us using the details in Contact. You may also have the right to lodge a complaint with a supervisory authority.
11. Children
The service is not directed to children and is not intended for use by anyone under the minimum age set out in our Terms of Service. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us so we can delete it.
12. Cookies
We use cookies and similar technologies for essential functionality, preferences and analytics. You can manage your choices as described in our Cookie Notice.
13. Changes to this policy
We may update this policy from time to time. We will revise the “Last updated” date above and, where changes are material, provide additional notice. Continued use of the service after an update means you accept the revised policy.
14. Contact
For privacy questions or to exercise your rights, contact us at privacy@cinecli.com. This policy works together with our Terms of Service, Acceptable Use Policy and Responsible AI Policy.