Privacy Policy

1. Data We Collect

Account information such as name, email address, workspace metadata, and billing details provided during signup.

Usage information including prompts, reference images, uploads, generated videos, render metadata (model version, duration, success/error codes), client IP address, and device/browser characteristics.

Operational telemetry gathered through logs, queue metrics, and support correspondence necessary to secure and maintain the platform.

2. How We Use Data

To authenticate users, fulfill generation requests, provide customer support, train operations staff, and improve model routing and UI performance.

To enforce acceptable use policies, investigate abuse, and satisfy legal obligations, including responding to lawful requests from authorities.

To analyze aggregate trends (through anonymized statistics) that help prioritize roadmap investments without directly identifying individuals.

3. Processing Locations and Transfers

By default, prompts, inference settings, and monitoring data flow from Stitcher.video (hosted on Vercel in the United States) through an encrypted tunnel to the Stitcher relay you run on your own GPU hardware. The underlying video generation executes locally; rendered frames only leave your environment if you explicitly sync them back to Stitcher for preview, download, or support.

If you later opt into managed cloud GPUs, Stitcher will provision RunPod clusters located in the United States. Prompts, uploads, and resulting frames for those specific jobs will then be processed within Stitcher’s RunPod tenancy under these same protections.

Ancillary application data (account metadata, audit logs, cached renders) is stored in US-based infrastructure operated by Stitcher and its storage/CDN vendors. We apply contractual safeguards, DPAs, and encryption in transit and at rest for every transfer.

4. Retention and Security

Prompt text, uploads, and finished videos are retained for up to 30 days by default so customers can re-download files, unless a longer retention period is required by law or contract. Billing and transactional records are retained for at least 7 years for compliance reasons.

We implement role-based access controls, audit logging, least-privilege access, and encryption to protect customer data. No security program is infallible, so please contact us immediately if you suspect unauthorized access.

5. Subprocessors

Current subprocessors include: (a) Vercel (hosting stitcher.video and related APIs); (b) cloud object storage/CDN providers that deliver synced renders; (c) customer support and analytics tooling limited to operational metadata; and (d) RunPod once you elect to use the managed GPU option. We update this list as vendors change and will provide notice before materially expanding processing.

6. Your Choices and Rights

You may access, correct, or delete certain account data from within the workspace settings. Requests for data export, deletion, or limitation beyond self-service controls can be sent to privacy@stitcher.video and will be honored consistent with applicable law.

Where mandated (e.g., GDPR, CCPA), you have the right to know what personal data we hold, to object to certain processing, and to lodge a complaint with your supervisory authority. Exercising these rights will not result in discriminatory treatment.

7. Contact

Email privacy@stitcher.video for privacy inquiries, incident reports, or DPA execution. Please include your workspace ID and jurisdiction so we can respond quickly.