Psage
Try for freeLog in
← Back to Psage

Privacy Policy

Legal information for Psage users. For questions, contact support@psage.app.

Effective Date: April 19, 2026 Last Updated: April 19, 2026

This Privacy Policy explains how Psage ("we", "us", "our"), collects, uses, discloses, and protects personal data from users of the service available at psage.app and api.psage.app (the "Service").

Please read this Privacy Policy carefully. By using the Service, you acknowledge that you have read this Privacy Policy and understand how we process your personal data. If you do not agree, please do not use the Service.

1. Data Controller

The data controller responsible for your personal data is:

Psage Support Email: support@psage.app

2. Data We Collect

2.1 Account Data

When you register an account, we collect:

  • Email address;
  • Hashed password (if you register with email/password);
  • Google account identifier (name, email, profile picture) if you sign in with Google;
  • Display name and language preference;
  • IP address and user agent at the time of registration and login.

2.2 Product Data You Submit

When you use the Service to generate videos, you may submit:

  • Product URLs (e.g., Shopify product pages);
  • Product images, titles, descriptions, and pricing information;
  • Custom text, scripts, and brand assets you upload.

This data is collected only for the purpose of generating videos you request.

2.3 Generated Videos

The Service produces video files from the product data you submit. These videos are stored in our cloud storage (Supabase) for up to 90 days, after which they may be automatically deleted.

2.4 Billing Data

Payments are processed by an authorized third-party payment processor acting as Merchant of Record. We do not receive or store your full payment card details. We may receive only limited billing-related data from the payment processor, such as:

  • Subscription status;
  • Plan tier;
  • Billing email;
  • Invoice identifiers;
  • Country of purchase (for VAT/tax purposes).

The payment processor's processing of your payment data is governed by the applicable privacy documentation of the payment processor used at checkout.

2.5 Usage and Technical Data

We automatically collect certain technical data when you use the Service:

  • IP address;
  • Browser type and version;
  • Device and operating system;
  • Referrer URL;
  • Pages visited and actions performed within the Service;
  • Timestamps and duration of sessions;
  • Errors and diagnostic information.

2.6 Cookies and Similar Technologies

The Service uses:

  • Strictly necessary cookies for authentication (session cookie storing your signed session token);
  • Google reCAPTCHA to protect signup and login from automated abuse, which may set cookies controlled by Google.

We do not currently use third-party advertising cookies or tracking pixels.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To provide the Service: authenticate your account, generate videos from the data you submit, store and deliver Generated Videos to you;
  • To manage subscriptions: process payments and manage subscriptions through the payment processor, track quota usage, enforce plan limits, issue invoices;
  • To secure the Service: detect and prevent fraud, abuse, unauthorized access, and attacks;
  • To improve the Service: analyze aggregated usage patterns to identify and fix bugs, improve template quality, and develop new features;
  • To communicate with you: send transactional emails (account confirmations, billing receipts, security alerts), respond to support requests, and β€” only if you explicitly opt in β€” send product updates and marketing emails;
  • To comply with legal obligations: respond to lawful requests, enforce our Terms of Service, and comply with applicable laws in Ukraine and, where relevant, in your jurisdiction.

We do not use your User Content (product data, images, videos) to train AI models.

Where User Content is sent to AI or cloud providers, it is processed only to provide the requested Service functionality, such as generating scripts, hooks, captions, speech, rendered assets, or related outputs requested by you.

4. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with similar data protection laws, we process your personal data based on the following legal bases:

  • Contract performance (Art. 6(1)(b) GDPR) β€” to provide the Service you requested;
  • Legitimate interests (Art. 6(1)(f) GDPR) β€” to secure the Service, prevent abuse, and improve our product in aggregated form;
  • Legal obligation (Art. 6(1)(c) GDPR) β€” to comply with tax, accounting, and regulatory requirements;
  • Consent (Art. 6(1)(a) GDPR) β€” for marketing communications or any optional data processing we introduce in the future; you may withdraw consent at any time.

5. How We Share Your Data

We share your personal data only with the following categories of recipients, and only as necessary to provide the Service:

5.1 Service Providers (Processors)

ProviderPurposeLocation
SupabaseDatabase and file storageEU
EU-based VPS providerBackend infrastructureEU
VercelFrontend hosting and CDNGlobal
Google CloudText-to-speech, OAuth authenticationGlobal
OpenAIAI text generation for video scriptsUnited States
Authorized payment processorPayment processing, subscriptions, tax/VAT handling, and Merchant of RecordGlobal

Each provider processes data only on our instructions and under a data processing agreement where required.

5.2 Legal and Safety

We may disclose personal data if required by law, court order, or legitimate request from a competent authority, or if necessary to protect the rights, property, or safety of Psage, our users, or third parties.

5.3 Business Transfers

If Psage or its assets are acquired, merged, or transferred, personal data may be transferred as part of that transaction. We will notify you of any such change and of any choices you may have regarding your data.

5.4 No Sale of Personal Data

We do not sell your personal data to third parties for advertising or other commercial purposes.

6. International Data Transfers

Some of our service providers (notably OpenAI and Google Cloud) are located in the United States or process data globally. Where personal data is transferred outside the EEA, we rely on Standard Contractual Clauses approved by the European Commission, or other valid transfer mechanisms, to ensure adequate protection.

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy:

  • Account data: while your account is active, and up to 30 days after deletion, except where longer retention is required by law (e.g., billing records are retained for at least 3 years for Ukrainian tax compliance);
  • Generated Videos and source assets: up to 90 days from generation, then automatically deleted;
  • Billing records: retained for 3 years from the date of transaction, for tax and accounting compliance;
  • Log and security data: up to 90 days, unless required longer for security investigations;
  • Support correspondence: up to 2 years from the last contact.

8. Security

We take reasonable technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (HTTPS / TLS);
  • Encryption at rest for backend databases where supported by our providers;
  • Password hashing using industry-standard algorithms;
  • Access controls and least-privilege principles for our systems;
  • Regular dependency audits and security updates.

No system is 100% secure. You are responsible for keeping your password confidential and for notifying us of any suspected unauthorized access to your account.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access β€” request a copy of the personal data we hold about you;
  • Rectification β€” request correction of inaccurate or incomplete data;
  • Erasure β€” request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations;
  • Restriction β€” request that we limit the processing of your data;
  • Portability β€” request a copy of your data in a structured, machine-readable format;
  • Objection β€” object to processing based on legitimate interests or for direct marketing;
  • Withdraw consent β€” at any time, where processing is based on consent;
  • Complain β€” lodge a complaint with a supervisory authority (in Ukraine, the Ombudsman for Human Rights; in the EU, your local Data Protection Authority).

To exercise any of these rights, contact us at support@psage.app. We will respond within 30 days.

10. Children's Privacy

The Service is not intended for anyone under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided personal data to us, please contact us at support@psage.app and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on psage.app/privacy with a new "Last Updated" date. Material changes will be communicated by email or in-product notice. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact

For any questions, requests, or complaints regarding this Privacy Policy or your personal data, please contact:

Psage Support Email: support@psage.app