Privacy Policy

1. Introduction

Northern Algorithm LLC ("we," "our," or "us") operates NeoDiffuse, an AI-powered video creation platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, and authentication credentials you use to sign in
• Billing Details: Information you submit when purchasing a subscription. Payment-card data is handled exclusively by our payment processor and never stored on NeoDiffuse servers.
• Content: Text prompts, generated videos and images, and project metadata
• Communications: Messages you send to our support team

2.2 Information Automatically Collected

• Usage Data: How you interact with the Service, features used, and performance metrics
• Log & Device Information (via service providers): IP address, browser type, operating system, and similar identifiers automatically recorded by our hosting, authentication, and payment partners for security and fraud-prevention. NeoDiffuse does not store this data in its own database.
• Log Data: Access times, pages viewed, and technical error information

3. How We Use Your Information

We use your information to:

• Provide and maintain our AI video generation Service
• Process payments and manage your subscription
• Generate AI content based on your prompts using Replicate and Google AI services
• Store and deliver your generated content via Cloudflare
• Improve Service performance and user experience
• Communicate with you about your account and Service updates
• Provide customer support
• Comply with legal obligations

4. Third-Party Services

We integrate with the following third-party services that may collect and process your data:

• Authentication and user-management providers
• Payment processors
• AI model hosting & computation partners
• Cloud storage / content-delivery networks
• Database and caching infrastructure

Each service has its own Privacy Policy governing its use of your data.

5. Data Sharing & Disclosure

We do not sell your personal information. We may share information:

• Service Providers: With the third-party processors listed above to operate the Service
• Legal Requirements: To comply with law, court order, or protect our rights
• Business Transfers: In connection with a merger, acquisition, or asset sale
• With Consent: When you explicitly authorise it

6. Data Retention

• Account Data: Retained for up to 90 days after you delete your account (to accommodate backups and fraud investigations)
• Generated Content: Stored for 1 year after creation
• Usage Analytics: Retained for 2 years
• Payment Records: Retained per legal requirements (managed by Stripe)

7. Data Security

We implement industry-standard security measures, including:

• Encryption in transit (TLS) and at rest
• Role-based access controls & multi-factor authentication for staff
• Regular security audits, penetration testing, and monitoring
• Secure integrations with third-party processors via API keys & least-privilege principles

8. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access, correct, or delete your personal data
• Restrict or object to processing
• Data portability
• Lodge a complaint with a supervisory authority

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

• Right to know what personal information we collect
• Right to deletion
• Right to opt-out of the sale or sharing of personal information (we do not sell data)
• Right to non-discrimination for exercising CCPA rights

10. Children’s Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.

11. International Data Transfers

Your data may be processed outside your country of residence. Where we transfer personal data internationally, we rely on standard contractual clauses or other legally-recognised mechanisms to ensure adequate protection.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the new policy on this page and update the “Last updated” date above. Material changes will be communicated via email or in-app notification at least 30 days before they take effect.

13. Contact Us