Sign inGet started

Privacy Policy

Last updated: May 5, 2026

This Privacy Policy explains how AI Ad Generator ("we", "us", or "our") collects, uses, discloses, and safeguards your information when you use our website and the ad-analysis and video-generation services we provide (the "Service"). By using the Service you agree to the practices described here.

1. Information We Collect

a. Account information

When you sign up we collect your email address, hashed password, and (if you sign in with Google) the name and avatar Google returns. This data is stored on Supabase (our authentication and database provider).

b. Content you submit

When you analyze an ad we receive the URL or video file you provide, plus the brand and product details you enter. We temporarily download the source video, transcribe its audio, and sample frames in order to run the analysis. The analysis output, generated scripts, and any rendered videos are stored in your account so you can return to them.

c. Payment information

All payment processing is handled by Stripe. We never see or store your full card number. We retain only the subscription status, the last four digits of the card, and Stripe's customer / subscription identifiers so we can manage billing and credits.

d. Usage and device data

We collect standard server logs (IP address, user-agent, request path, timestamp) and product-analytics events (pages viewed, actions taken). These are used to operate the Service, debug errors, and understand which features are useful.

e. Cookies and similar technologies

We use cookies for authentication (signed-in session), security (CSRF protection), and analytics. You can clear or disable cookies in your browser; the Service will still load but signed-in features will not work.

2. How We Use Information

  • To provide, operate, and improve the Service.
  • To run AI analyses and generate videos at your request.
  • To process payments and manage subscriptions and credits.
  • To send transactional email (sign-in confirmations, password resets, billing notices, run-completion notices).
  • To detect and prevent fraud, abuse, and security incidents.
  • To comply with applicable laws.

3. How We Share Information

We do not sell your personal information. We share the limited data needed to deliver the Service with the following categories of processors:

  • Stripe — payment processing and subscription management.
  • Supabase — database and authentication hosting for account data.
  • Object storage (Amazon S3 / Cloudflare R2) — hosting for uploaded source videos, transcripts, frame samples, and generated outputs.
  • OpenRouter and the underlying LLM providers it routes to — language-model inference for ad analysis, hook-script generation, and recipe drafting. The minimum content needed (transcript, frame descriptions, brand context) is sent with each request.
  • Video generation providers — Seedance 2.0 (WaveSpeedAI), Veo 3 (Google), Kling 2.5, Hailuo 02. The prompts and reference frames you produce in the Service are sent to the provider you select for that run.
  • Inngest — durable job orchestration for long-running analysis and render pipelines.
  • Google Analytics — aggregated, pseudonymous traffic and product analytics.
  • Vercel — application hosting and edge delivery.

Each processor is contractually limited to processing data on our instructions for the purpose of providing their service to us. We may also disclose information when required by law, to enforce our terms, or to protect the rights, safety, or property of users or the public.

4. Data Retention

We retain account data for as long as your account is active. Source videos and frame samples uploaded for analysis are retained in your library until you delete the corresponding analysis or ad. Generated outputs (scripts, hook MP4s, body MP4s, subtitle files) are retained until you delete them. Server logs are retained for up to 90 days; analytics data is retained per the analytics provider's policy. After account deletion we will delete or anonymize your data within 30 days, subject to legal retention obligations (e.g. tax records).

5. Your Rights

Depending on where you live, you may have rights to access, correct, export, or delete your personal data, restrict or object to processing, and lodge a complaint with a supervisory authority. EEA / UK residents have rights under the GDPR; California residents have rights under the CCPA / CPRA. To exercise any of these rights email us at hello@ai-ad-generator.com. We will respond within the time frame required by applicable law.

6. International Data Transfers

We are based in the United States. Your data may be processed in the United States, the European Union, and other countries where our processors operate. Where required, we rely on the European Commission's Standard Contractual Clauses (or equivalent mechanisms) to protect data transferred out of the EEA / UK.

7. Security

We use industry-standard administrative, technical, and physical safeguards (TLS in transit, encryption at rest with our storage providers, principle-of-least-privilege access, audit logs). No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

8. Children

The Service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will delete it.

9. Changes to This Policy

We may update this Policy from time to time. The "Last updated" date at the top reflects the latest revision. For material changes we will provide reasonable notice (e.g. email and / or in-app banner) before the change takes effect.

10. Contact

For questions about this Policy or our privacy practices, email hello@ai-ad-generator.com.