Effective Date: January 1, 2025
Last Updated: August 7, 2025
Quick Summary
We protect your privacy by storing your main data in the EU, using trusted services for platform features, and never selling your information. You control your data and can delete it anytime. We use AI to enhance your content but don't train models on your data. [Read the full policy below for complete details.]
1. Introduction
Vision Cinex Inc. ("Company", "we", "us", or "our") is committed to protecting your privacy and creative rights. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information and creative content when you use our Vision platform, including Vision Library and Vision Cinex applications, and visit our website at visioncinex.com.
Built for Creative Professionals: Our privacy practices are specifically designed to protect filmmakers, creative professionals, and production teams. We understand the unique importance of intellectual property protection in the creative industry.
Key Points:
Your primary data is stored in EU data centers
US services operate with comprehensive Data Processing Agreements (DPAs)
AI services are contractually prohibited from training on your data
We never sell your personal information
You have full control over your data
This Privacy Policy focuses exclusively on data processing practices. For information about service terms, user obligations, and platform functionality, please see our Terms of Service.
2. Information We Collect
2.1 Information You Provide Directly
Account Information:
Full name, email address, and password
Phone number (for account verification)
Birthday (for production and collaboration purposes)
Professional information (company, role, industry)
Billing and payment information
Profile pictures and professional details
User Content:
Scripts, production files, and creative assets you upload
Project information, notes, and annotations
Team collaboration data and communications
File metadata and organizational tags
Communications:
Waitlist signups and marketing preferences
Support requests and feedback
Survey responses
2.2 Information We Collect Automatically
Usage Analytics:
Platform interactions and feature usage patterns
File access and collaboration activity
Performance metrics and session data
User journey analytics for platform improvement
Technical Information:
IP address and device identifiers
Browser type, operating system, and device specifications
Network connection data
Application error logs and debugging information
Age Requirements: Our services are intended for users 18 and older as stated in our Terms of Service.
3. How We Use Your Information
3.1 Core Platform Services
Account creation and management
Content storage and processing as directed by you
Collaboration and sharing features
Customer support and technical assistance
Legal Basis (GDPR): Contract performance
3.2 AI-Powered Features
Script analysis and intelligent breakdowns
Automated file organization and metadata extraction
Smart search and content categorization
Project element identification and suggestions
AI-generated images based on your prompts and project needs
Legal Basis (GDPR): Contract performance and legitimate business interests
3.3 Platform Improvement
Usage analytics to enhance functionality
Performance optimization and error resolution
New feature development and testing
User experience research
Legal Basis (GDPR): Legitimate business interests (with opt-out options)
3.4 Communications
Account notifications and security alerts
Customer support responses
Product updates and feature announcements
Marketing communications (opt-in only)
Legal Basis (GDPR): Contract performance for service communications; consent for marketing
3.5 Automated Decision Making
We use automated systems for:
Content organization and tagging suggestions
Basic security screening (spam, abuse detection)
Performance optimization recommendations
Your Rights: You can request human review of any automated decision affecting you by contacting privacy@visioncinex.com.
4. Data Processing Locations and Services
We use trusted third-party services to provide platform functionality, with appropriate data protection agreements in place.
4.1 EU-Based Processing (Primary Data Storage)
Location: European Union Services: Primary database (MongoDB), file storage (CloudFlare), access controls (Neo4j) Data: User accounts, content files, project data, access permissions
4.2 US-Based Processing (Supporting Services)
Location: United States Services: Analytics (PostHog), error monitoring (Sentry), communications (AWS SES, Twilio), payment processing (Stripe), CRM (Bigin), email communications (Mailchimp - onboarding sequences and marketing for subscribers), AI services (OpenAI, image generation APIs) Data: Usage analytics, technical diagnostics, communications, payment data, onboarding and marketing emails, content excerpts for AI analysis, image generation prompts
Data Protection Agreements: We maintain Data Processing Agreements (DPAs) with service providers that handle personal data, including:
AI Service Guarantees: Contractual prohibitions on using your data for model training or improvement
Data Use Restrictions: Strict limitations on how providers can access and process your information
Security Requirements: Mandatory technical and organizational security measures
Deletion Obligations: Required data deletion when services are no longer needed
Audit Rights: Our ability to monitor compliance with data protection requirements
International Transfer Protections:
Standard Contractual Clauses with all US processors
Technical safeguards for data in transit and at rest
Regular compliance monitoring and audits
4.3 Session Management
Service: Digital Ocean (United States) Data: Session tokens and temporary processing data Purpose: Platform performance and user authentication
Complete service details available upon request to privacy@visioncinex.com
5. AI Processing and Data Protection for Creatives
5.1 Proprietary AI Models
Our core script analysis features use proprietary AI models hosted on our secure servers:
IP Protection Design:
Publicly Trained Only: Models trained exclusively on publicly available scripts, never on user content
Technical Safeguards: Engineered with protections to minimize risks of reproducing your intellectual property
Local Processing: Your content is processed on our servers without external transmission to third parties
Content Protection: Designed to avoid reproducing dialogue, scenes, or substantial portions of your scripts
5.2 Beta Period Third-Party AI Usage
During development and beta testing, we may use third-party AI services for enhanced features with comprehensive protections:
Data Protection Measures:
Content Anonymization: All content is anonymized and stripped of identifying information before any external processing
Partial Processing Only: We send only script elements (character names, scene types) never complete scripts, dialogue, or full scenes
Project Privacy: Production titles, company names, and project identifiers are excluded from all processing
Contractual Safeguards: Written agreements prohibit third-party services from retaining, storing, or training on your data
Technical Safeguards:
No Full Script Transmission: Complete scripts and substantial content portions never leave our secure environment
Analysis-Only Focus: Processing limited to structural analysis, not content generation or reproduction
IP Isolation: No training data can be used to generate content that reproduces your intellectual property
Limited Scope: Third-party services used only for essential functionality during platform development
5.3 Current AI Processing Features
We process your content to provide:
Script Structure Analysis: Scene breakdowns, character identification, and story structure mapping
Intelligent File Organization: Automated categorization and metadata extraction
Smart Search and Tagging: Content discovery and organizational tools
Project Element Suggestions: Non-generative recommendations based on industry standards
AI-Generated Images: Visual assets created from your text prompts for storyboarding and production planning
5.4 Training Data and User Content
Current Policy: We do not use your scripts, content, or creative work for AI model training or development.
Our Proprietary Models: Developed using only publicly available scripts and industry-standard formatting guides.
Future Changes: Any use of user content for model improvement would require:
Explicit advance notice and policy updates
User consent mechanisms with clear opt-out options
Full compliance with intellectual property and privacy laws
Industry consultation on creative rights protection
5.5 Third-Party AI Service Protections
When using external AI services during beta development, we maintain industry-leading protections:
Creative Industry Safeguards:
No Training Clauses: Written contractual prohibitions on using your creative content to train or improve AI models
Data Isolation: Your anonymized content is processed separately and never mixed with other users' data
Immediate Deletion: All anonymized content excerpts are deleted from third-party systems immediately after processing
No Human Review: Restrictions on manual review of your creative content by external service staff
IP Protection: Specific clauses protecting against reproduction or derivative use of your intellectual property
Services Used:
Text Analysis: Script structure and formatting analysis (anonymized excerpts only)
Image Generation: Visual assets created from your text prompts and project specifications
Content Enhancement: Non-generative suggestions based on industry standards and formatting guides
Your Creative Rights: We maintain the same strict IP protection standards for all AI services as we do for your primary content storage.
6. Data Sharing and Disclosure
6.1 We Never Sell Your Data
We do not sell, rent, or trade your personal information or content to third parties.
6.2 Authorized Sharing
We share data only for:
Service Providers: Platform operation and functionality (Section 4)
User Direction: Features you configure (team sharing, public links, exports)
Legal Requirements: Valid legal process, law enforcement, regulatory compliance
Business Transfers: Mergers or acquisitions (with same privacy protections)
6.3 Third-Party Links
Our platform may contain links to external websites. We are not responsible for the privacy practices of third-party sites. Always review their privacy policies before sharing information.
7. Data Security
We implement comprehensive security measures:
Technical Safeguards:
Encryption for data transmission and storage
Access controls and multi-factor authentication
Regular security monitoring and threat detection
Secure, certified hosting infrastructure
Organizational Measures:
Employee privacy training and access limitations
Regular security audits and compliance reviews
Incident response procedures
Vendor security assessments
Data Breach Response:
User notification within 72 hours where feasible
Regulatory notification as required by law
Immediate containment and remediation measures
Full cooperation with investigations
8. Data Retention and Your Control
8.1 Retention Periods
Account Data: Active account duration + 30 days after closure
User Content: Per your settings; deleted 60 days after account termination
Analytics Data: Aggregated data up to 5 years for service improvement
Support Records: 2 years for quality assurance
Payment Records: As required by law (typically 7 years)
Technical Logs: 1 year unless needed for ongoing investigations
8.2 Data Minimization
We collect and retain only data necessary for platform functionality and legal compliance, regularly reviewing and purging unnecessary information.
8.3 Your Deletion Rights
Real-time: Delete content and close account anytime through platform settings
Complete Removal: All personal data deleted within 60 days across all services
Backup Cleanup: Full removal from backup systems within 90 days
Exceptions: Data retained where legally required
9. Your Privacy Rights and Controls
9.1 Universal Rights
Access: Download and review your personal data
Correction: Update inaccurate information
Deletion: Request account and data removal
Portability: Export data in standard formats
Communication Control: Manage email preferences
9.2 Platform Controls
Privacy Settings: Control profile visibility
Sharing Controls: Manage team access and collaboration
Analytics Preferences: Opt-out of certain tracking where available
9.3 Exercise Your Rights
Contact privacy@visioncinex.com with:
Your account email address
Specific request type
Identity verification (for security)
Response Time: 30 days (may extend to 60 days for complex requests)
10. Regional Privacy Compliance
10.1 European Union (GDPR)
EU users have additional rights including objection to processing, restriction of processing, and protection against automated decision-making.
Complaints: Contact your local data protection authority EU Representative: eu-representative@visioncinex.com
10.2 California (CCPA/CPRA)
California residents have rights to know, delete, correct personal information, and opt-out of sales (which we don't conduct).
10.3 Other Jurisdictions
We comply with applicable privacy laws globally and provide similar rights where required.
11. Cookies and Tracking
11.1 Cookie Types
Essential: Platform functionality and security
Preferences: User settings and customization
Analytics: Usage patterns and performance (PostHog)
Session Management: Authentication and platform state
11.2 Cookie Controls
Browser Settings: Block or delete cookies
Platform Settings: Manage analytics preferences where available
Third-Party Opt-Outs: Available through service providers
Cookie Banner: We display cookie notices and obtain consent as required by applicable law.
12. Children's Privacy
Age Requirement: 18+ only as stated in our Terms of Service. Our services are not intended for minors.
No Active Age Collection: We do not collect age information during registration.
Accidental Use by Minors: If we become aware that someone under 18 is using our services, we will terminate their account and delete their data.
Accidental Collection: If we discover we've collected data from someone under 18, we immediately delete it across all systems.
Parental Notification: Parents who believe we've collected their child's data should contact privacy@visioncinex.com immediately.
13. International Data Transfers
13.1 Multi-Region Architecture
Your data is processed in both EU and US locations:
Primary Storage: EU data centers for core platform data
Supporting Services: US data centers for analytics, communications, and specialized features
13.2 Transfer Protections
Standard Contractual Clauses with all international processors
Additional Technical Safeguards for data security
Contractual Restrictions on data use and access
Regular Compliance Monitoring and audits
13.3 Your Rights
Object to Transfers: May limit some functionality
File Complaints: With supervisory authorities
Receive Information: About transfer safeguards and risks
14. Policy Updates
We may update this policy for legal changes, new features, or improved practices.
Change Notification:
Email notice for material changes
Platform announcement for significant updates
30-day notice period where feasible
Updated version posted at visioncinex.com/privacy
Your Options: If you disagree with changes, you may close your account before they take effect.
15. Contact Information
15.1 Privacy Questions
General: privacy@visioncinex.com
Data Protection Officer: dpo@visioncinex.com
GDPR Inquiries: eu-representative@visioncinex.com
Security Issues: security@visioncinex.com
15.2 Company Details
Vision Cinex Inc.
166 Geary St STE 1500, Suite #586
San Francisco, California 94108
United States
Website: https://visioncinex.com
General Contact: hello@visioncinex.com
© 2025 Vision Cinex Inc. All rights reserved.
This Privacy Policy was last updated on August 7, 2025. For service terms and user responsibilities, see our Terms of Service.