This Privacy Statement explains how personal information and creative content about our (potential) customers and other individuals using our services is collected, used, and disclosed by Vision Cine X Inc. (“Vision Cine X,” “Company,” “we,” “us,” or “our”).

It describes our privacy practices in connection with the use of our websites (including visioncinex.com), our platform (Vision Cine X), Vision Library, and other applications, tools, and related services, including research and marketing activities (collectively, the “Services”). It also explains your choices regarding the collection, use, access, storage, and correction of your information.

By signing up for or using our Services — and by agreeing to our Terms of Service where required — you consent to the collection, use, storage, and disclosure of information described in this Privacy Statement.

Our Services may contain links to other websites or services. Their privacy practices are governed by their own statements, not this one.

We may update this Privacy Statement from time to time. If we make material changes, we will revise the “Effective Date” above and notify you by email, in-app notification, or other reasonable means. We encourage you to review this Statement regularly to stay informed about how we protect your information and creative rights.

This Privacy Statement focuses on our data practices. For service terms and user obligations, see our Terms of Service.

Personal Information We Collect

We collect personal information to operate our Services, provide you with creative collaboration tools, and ensure compliance with legal obligations.

Information You Provide to Us

When you interact with Vision Cine X, you may provide personal details such as your name, email address, password, phone number (for verification), birthday, company information, role, billing information, or profile photo. You may also provide creative materials including scripts, production files, creative assets, notes, annotations, team communications, and project metadata.

We also collect information when you sign up for waitlists, contact us for support, respond to surveys, or set your communication and marketing preferences.

With respect to any documents or information you choose to upload, we take the privacy and confidentiality of such materials seriously. We employ industry-standard techniques to protect against unauthorized access to data you store with us, including personal information and creative content.

We do not collect or store payment card details. All payments are processed securely by third-party providers such as Stripe, whose privacy practices govern your payment information.

Information Collected Automatically

When you use our Services, we automatically collect information including:

• Usage details, such as features used, collaboration activity, performance metrics, and session data.

• Technical details, such as IP address, device identifiers, browser/operating system type, and error logs.

• Cookie and tracking information to provide essential functionality, improve performance, and remember preferences. For more details, see our Cookie Policy.

Information From Third Parties

We may receive personal information from third-party sources, such as analytics, error monitoring, or communication providers, as well as publicly available information.

How We Use Personal Information

We use the information we collect to:

• Provide, operate, and support the Services, including account setup, content storage, collaboration tools, and customer support.

• Enable AI-powered features such as script analysis, metadata tagging, smart search, and image generation. We contractually prohibit AI providers from training their models on your creative content.

• Monitor, test, and improve the performance and security of our Services.

• Communicate with you, including service notifications, security alerts, support responses, product updates, and — where you have consented — marketing and promotional messages.

• Protect our platform and users against fraud, abuse, and security threats.

• Comply with applicable laws and regulatory requirements.

Our legal bases for processing include performance of our contract with you, legitimate interests (balanced with your rights), compliance with law, and consent where required.

How We Share Personal Information

We do not sell your personal information. We may share information only in limited circumstances:

• With service providers who perform services on our behalf, such as hosting, analytics, communications, payments, CRM, and AI services.

• At your direction, for example when you enable sharing, exports, or public links within the platform.

• To comply with legal obligations, enforce our Terms of Service, or respond to lawful requests.

• As part of a business transaction, such as a merger or acquisition, where protections remain in place.

Where our Services link to external websites, their privacy practices are governed by their own statements.

Service Providers and Sub-processors

We rely on trusted third-party service providers to help us operate, secure, and improve our Services. These providers only process personal information on our behalf and under strict contractual obligations, including confidentiality, security, and data protection terms.

The current categories of service providers we use include:

• Hosting & Infrastructure (for example, MongoDB, Digital Ocean, Cloudflare R2)

• Analytics & Monitoring (for example, PostHog, Sentry)

• Communications & Email/SMS (for example, AWS SES, Twilio, Mailchimp)

• Payments & Billing (for example, Stripe)

• Customer Relationship Management (for example, Bigin)

• AI & Creative Tools (for example, OpenAI and other image-generation APIs)

These vendors may process data in the United States or other jurisdictions. Whenever personal information is transferred internationally, we apply the safeguards described in Data Processing and International Transfers.

In the future, we will maintain a separate, always-updated Sub-processors page for easier reference.

Data Processing and International Transfers

Your personal information is primarily stored in secure EU data centers. Supporting services may operate in the United States or other regions. Whenever personal information is transferred internationally, we rely on Standard Contractual Clauses (SCCs), the EU-U.S. Data Privacy Framework (DPF) where applicable, or equivalent safeguards.

Security

The security of your information and creative content is a top priority. We apply industry-standard technical and organizational measures, including encryption in transit and at rest, role-based access controls, multi-factor authentication, continuous monitoring, and security audits.

In the event of a personal data breach that may affect you, we will notify you and the relevant authorities without undue delay, consistent with applicable law.

Data Retention

We retain personal information only as long as necessary to provide the Services or comply with legal obligations. Retention periods include:

• Account information: while active and up to 120 days after closure.

• Creative content: deleted upon account termination or as directed by you.

• Analytics data: up to 24 months, then anonymized.

• Support logs: 2 years.

• Payment records: 7 years (for tax and compliance).

• Technical logs: 1 year.

After retention periods, information is securely deleted or anonymized.

Your Rights

Depending on your location, you may have the right to:

• Access, correct, or delete your personal data.

• Restrict or object to certain processing.

• Receive a copy of your data in machine-readable format.

• Withdraw consent where processing relies on it.

• Not be subject to decisions based solely on automated processing that have significant effects.

To exercise these rights, contact us at privacy@visioncinex.com.

We respond to EU/EEA requests within one month (extendable by two months where lawful) and to California requests within 45 days (extendable once by 45 days where reasonably necessary). We may request proof of identity to verify your request. California consumers may also use an authorized agent to submit requests on their behalf.

Regional Rights

EU/EEA (GDPR)

If you are located in the European Union or European Economic Area, you have specific rights under the GDPR, including the right to lodge a complaint with your local supervisory authority. You may also contact our EU representative at eu-representative@visioncinex.com.

California (CCPA/CPRA)

If you are a California resident, you have additional rights under the CCPA/CPRA, including the right to know what personal information we collect, request correction or deletion, opt out of the “sale” or “sharing” of personal information (we do not sell information for money, but analytics or service sharing may qualify under California law), and limit the use of sensitive personal information.

You may exercise these rights by contacting us at privacy@visioncinex.com with the subject “Do Not Sell or Share My Personal Information,” or by visiting our Do Not Sell or Share My Personal Information page. We will not discriminate against you for exercising your rights.

Children’s Privacy

Our Services are not intended for individuals under 18. We do not knowingly collect or process personal data from minors. If we become aware that such data has been collected, we will delete it promptly.

Changes to This Statement

We may revise this Privacy Statement from time to time for legal, technical, or business reasons. Material changes will be communicated in advance via email or in-app notice, and you will be given at least 30 days’ notice where feasible. Continued use of the Services after changes take effect constitutes your acceptance of the updated Statement.

Contact

Privacy Questions: privacy@visioncinex.com

DPO: dpo@visioncinex.com

EU Representative: eu-representative@visioncinex.com

Security Issues: security@visioncinex.com

Company:

Vision Cine X Inc.
166 Geary St STE 1500, Suite #586
San Francisco, CA 94108, United States

© 2025 Vision Cine X Inc. All rights reserved.