Privacy Policy

Effective Date: May 4, 2025

Welcome to Copilo.io. Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our chat-based media generation services.

1. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Usage Data: Information collected automatically about how you access and use Copilo.io.
  • Service Providers: Third‑party companies or individuals who process data on our behalf.

2. Information We Collect

2.1 Account & Contact Data

Name and email address.

2.2 User‑Generated Content

Prompts you submit to generate images/videos and any assets you generate (images, videos, audio files).

2.3 Usage & Diagnostics

IP address, device type, browser version, interaction logs (model queries, timestamps, error reports).

3. How We Use Your Information

  • Provide & Improve Services: Process prompts, generate media, and refine algorithms.
  • Process Payments & Prevent Fraud: Validate transactions and monitor for suspicious activity.
  • Communicate with You: Account confirmations, support replies, and product updates (with unsubscribe).
  • Compliance & Legal Obligations: Respond to lawful requests and enforce our Terms of Service.

4. Sharing & Disclosure

We share only what’s necessary with our trusted service providers under strict confidentiality:

  • OpenAI API (model inference)
  • AWS S3 (asset storage)
  • Stripe/PayPal (payment processing)
  • Google Analytics (usage analytics)

We may also disclose Personal Data to comply with legal obligations or in connection with a business transfer (e.g., merger or acquisition).

5. Data Retention & Deletion

  • Account Data: Retained until account closure + 90 days.
  • Usage Logs: Retained up to 12 months for analytics and troubleshooting.
  • User‑Generated Content: Stored until you delete it; export or delete via your dashboard.

To request deletion or export of your data, contact us at support@copilo.io.

6. Security Measures

  • TLS encryption in transit; AES‑256 at rest.
  • Role-based access controls and periodic security audits.
  • Incident response: notify affected users within 72 hours of confirmed breach.

7. International Data Transfers

Hosted on AWS in Canada & the U.S. When transferring data outside your jurisdiction, we rely on Standard Contractual Clauses and compliant safeguards under GDPR and PIPEDA.

8. Your Rights & Choices

  • Access & Portability: Request a copy of your data.
  • Correction: Update inaccurate information.
  • Deletion: Erase your personal data.
  • Objection & Restriction: Limit processing.
  • Consent Withdrawal: Revoke marketing consents anytime.

Submit requests at support@copilo.io.

9. Children’s Privacy

Copilo.io is not intended for children under 13 years old. We do not knowingly collect Personal Data from minors. If notified, we will promptly delete such data.

10. Changes to This Policy

We may update this policy. We’ll update the Effective Date and notify you via email or in-app banner if changes are material.

11. Contact Information

If you have questions or requests regarding your privacy, please contact our team: