Privacy Policy
Last updated: April 20, 2025
Important: YourVision processes your facial image using AI technology. This Privacy Policy explains exactly what data we collect, how we use it, who we share it with, and how you can request its deletion.
1. Who We Are
YourVision ("we," "us," or "our") operates the YourVision service at yourvision.video. We are responsible for the personal data you provide when using our platform.
Contact: hello@yourvision.video
2. Data We Collect
We collect the following categories of personal data:
| Data Type | Details |
|---|---|
| Account data | Email address, name, profile picture (from Google OAuth) |
| Facial image | The selfie you upload for video generation (biometric data) |
| Creative input | Your dream life description, goals, and aspirations |
| Generated content | AI-generated images and videos produced for your project |
| Payment data | Processed by Stripe. We do not store card numbers. We receive confirmation of successful payment only. |
| Usage data | Page visits, feature usage, error logs (for debugging) |
| Device data | Browser type, OS, IP address (standard web server logs) |
3. How We Use Your Data
We use your personal data for the following purposes:
- Service delivery: To generate your personalized vision video using AI tools.
- Account management: To create and maintain your account and authenticate you.
- Payment processing: To process your payment via Stripe.
- Notifications: To send you an email when your video is ready.
- Support: To respond to your inquiries and resolve issues.
- Security: To detect and prevent fraud, abuse, or unauthorized access.
- Improvement: To analyze aggregate usage patterns and improve the Service. We do not use your personal video or facial image to train AI models.
4. Biometric & Facial Data — Special Notice
Your facial image is classified as biometric data in many jurisdictions (including under GDPR, CCPA/CPRA, and Turkish KVKK law). We treat it with heightened protection:
- Your photo is collected only to generate your video.
- It is transmitted to our AI processing vendors (see Section 5) solely for face compositing.
- We do not use your facial image to build facial recognition databases.
- We do not sell, license, or share your facial image with any advertising or data broker.
- We do not use your facial image to train AI models without your explicit, separate consent.
- Your uploaded image is retained in secure cloud storage only as long as needed and may be deleted upon request.
By using YourVision, you provide explicit, informed consent to this processing, as acknowledged by the consent checkbox during upload.
5. Third-Party Services We Use
To deliver the Service, we share data with the following trusted third parties. Each is bound by their own privacy policies and data processing agreements:
Supabase
Database, file storage, authentication
Data shared: Account data, uploaded images, generated content
PiAPI
AI image generation and face-swap processing
Data shared: Your uploaded selfie and AI-generated images (for face compositing)
Google Gemini
AI scene prompt generation
Data shared: Your text description of aspirations (no images)
Kling (Kuaishou)
AI video animation
Data shared: AI-generated scene images (for animation)
Shotstack
Video assembly and rendering
Data shared: Generated video clips and audio
Stripe
Payment processing
Data shared: Payment information (processed directly by Stripe)
Resend
Transactional email (video ready notification)
Data shared: Your email address
Vercel
Web hosting and CDN
Data shared: Standard request logs, IP address
We do not sell your personal data to any third party. We do not share your data with advertisers.
6. Data Retention
We retain your data for the following periods:
- Account data: Until you delete your account.
- Uploaded selfie: Stored for the duration of your active projects. Deleted upon request or after 90 days of account inactivity.
- Generated videos and images: Stored for your access until you delete them or close your account.
- Payment records: Retained as required by financial and tax regulations (typically 7 years).
- Server logs: Automatically deleted after 30 days.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data. To exercise any of these rights, contact us at hello@yourvision.video:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data, including your uploaded facial image.
- Portability: Request your data in a structured, machine-readable format (GDPR/KVKK).
- Withdraw consent: Withdraw your consent to biometric data processing at any time. Note that withdrawal prevents future video generation.
- Object to processing: Object to certain types of data processing.
- Opt out of sale (CCPA): We do not sell personal data, so this right is inherently satisfied.
We will respond to all legitimate requests within 30 days.
8. Cookies
YourVision uses essential cookies and browser storage (localStorage) to maintain your login session and store temporary project data. We do not use advertising cookies or third-party tracking pixels.
You can disable cookies in your browser settings, but doing so will prevent you from logging in or using the Service.
9. Security
We implement industry-standard security measures including:
- TLS/HTTPS encryption for all data in transit.
- Secure cloud storage with access controls (Supabase Storage).
- Signed, time-limited URLs for accessing your media files.
- Row-level security on database tables ensuring users can only access their own data.
No system is perfectly secure. In the event of a data breach affecting your personal data, we will notify you as required by applicable law.
10. Children's Privacy
YourVision is not intended for, and does not knowingly collect personal data from, individuals under 18 years of age. If you believe a minor has provided us with personal data, contact us immediately and we will delete it.
11. International Data Transfers
Your data may be processed in countries outside your own, including the United States and the European Union, by the third-party services listed in Section 5. Each of these services is subject to data protection standards appropriate for international transfers (e.g., Standard Contractual Clauses under GDPR, or equivalent frameworks).
12. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes by email or by posting a notice on the Service. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes constitutes acceptance.
13. Contact Us
For any privacy-related questions, data requests, or concerns, contact us at: