← Back

Privacy Policy

Shorts Control (“we,” “us,” “our”) operates the website and service available at shortscontrol.website (the “Service”).

Effective date: April 21, 2026

1. Who this applies to

This Policy describes how we handle personal information when you use the Service. If you do not agree, please do not use the Service.

2. Information we collect

We collect information you provide, information generated through your use of the Service, and limited technical data needed to run the Service.

  • Account data. When you sign up or sign in, our authentication provider (Supabase Auth) processes your email address and credentials (for example password or magic-link sign-in). We store your Supabase user identifier to associate your workspace with you.
  • Channel and creative workspace data. You may store channel profiles (name, description, themes, audience notes, visual style preferences), series metadata, upload schedules, AI-assisted profile blurbs, and related settings in our database.
  • Chat and ideation content. We store messages you send in channel chat and in the pre-channel ideation workspace, plus assistant replies, so the features work and your history is available when you return.
  • Video plans and production data. Short titles, overviews, scene prompts, voiceover scripts, captions for social platforms (including YouTube, TikTok, and Instagram fields), cover art metadata, scheduling fields, and links you set between a plan and a YouTube upload.
  • Media references. The Service may store URLs or identifiers for images and videos produced by integrated providers or uploaded by you (for example scene stills, cover backgrounds, or generated clips), and paths or status for assembly jobs on our servers.
  • YouTube connection (optional). If you connect a YouTube channel, we store OAuth tokens and metadata needed to keep that connection working (for example refresh token, channel id and title, thumbnail URL, connection time). Uploading uses Google’s YouTube Data API under your authorization.
  • Technical and security data. Standard server and HTTP logs (for example IP address, user agent, timestamps, routes), error logs, and cookies or similar technologies used to maintain your session (Supabase session cookies).

3. How we use information

We use the information above to:

  • Provide, operate, and improve the Service;
  • Authenticate you and secure your account;
  • Run AI-assisted features (for example planning, chat, captions, scheduling suggestions) when enabled;
  • Call third-party media and AI providers you trigger in the product (for example video or image generation, text-to-speech, uploads);
  • Debug, prevent abuse, and comply with law;
  • Communicate with you about the Service when necessary.

4. AI and third-party processing

To provide AI and media features, we send relevant content from your workspace to providers we integrate with. Depending on your use of the Service, this may include:

  • Google — Gemini (and related Google AI) for chat, planning, captions, and optional video generation; YouTube Data API for OAuth and uploads when you connect YouTube.
  • Supabase — authentication and hosted database for your account and workspace data.
  • ElevenLabs — text-to-speech when you generate voiceover audio.
  • fal.ai — text-to-video and related media generation when you use those features.
  • Kie.ai — image and video generation when configured; may retrieve public URLs you supply (for example reference images hosted at your site URL).

Those providers process data under their own terms and privacy policies. We do not control their practices.

Outputs from AI systems can be inaccurate or inappropriate. You are responsible for reviewing content before publishing it to any platform.

5. Legal bases (EEA, UK, Switzerland)

Where GDPR or similar laws apply, we rely on: performance of a contract (to provide the Service); legitimate interests (security, improvement, fraud prevention), balanced against your rights; consent where required (for example certain cookies or marketing, if we offer them); and legal obligation where applicable.

6. Retention

We keep information for as long as your account exists and as needed to provide the Service, comply with law, resolve disputes, and enforce our terms. You may delete individual channels or content in the product where those features exist. To request deletion of your account and associated workspace data, contact us using the details below.

7. Sharing

We share information with service providers who help us run the Service (hosting, database, AI, media APIs, authentication), when required by law, or to protect rights and safety. We do not sell your personal information.

8. International transfers

We may process and store information in countries other than your own, including the United States, where our providers operate. Where required, we use appropriate safeguards (such as standard contractual clauses).

9. Security

We use administrative, technical, and organizational measures designed to protect your information. No method of transmission or storage is completely secure.

10. Your rights

Depending on where you live, you may have rights to access, correct, delete, or export personal information, or to object to or restrict certain processing. You may also have the right to lodge a complaint with a supervisory authority. To exercise rights, contact us below. We may need to verify your request.

11. Children

The Service is not intended for children under 13 (or the digital consent age in your jurisdiction). We do not knowingly collect personal information from children.

12. Changes

We may update this Policy from time to time. We will post the updated version on this page and update the effective date above.

13. Contact

Questions about this Policy or your data: set NEXT_PUBLIC_LEGAL_CONTACT_EMAIL in your deployment environment and redeploy, or reach out through the contact method published on https://shortscontrol.website.

PrivacyTerms