Back to Placon

Privacy Policy

Last updated: January 2025

1. Data Controller

Placon ("we", "us") is the data controller for personal data processed through the Placon platform at placon.ai.

2. Personal Data We Collect

  • Account data: name, email address, and password hash when you register
  • OAuth data: profile information from Google when you sign in via social login
  • Payment data: processed and stored by Stripe; we only retain your Stripe customer ID
  • Usage data: videos created, templates used, export history
  • Technical data: IP address, browser type, and device information from server logs

3. Legal Basis for Processing (GDPR Art. 6)

  • Contract performance: processing necessary to provide the Service
  • Legitimate interest: analytics, fraud prevention, security
  • Consent: marketing communications (opt-in only)

4. How We Use Your Data

  • Provide and improve the Service
  • Process payments and manage subscriptions
  • Send transactional emails (account, billing)
  • Monitor security and prevent abuse
  • Generate anonymized usage analytics

5. Data Sharing

We share personal data only with:

  • Stripe: payment processing
  • AWS: cloud infrastructure and video storage (S3, Lambda)
  • Google: OAuth authentication (when you choose social login)

We do not sell your personal data to third parties.

6. Data Retention

We retain your personal data for as long as your account is active. Upon account deletion, your data is permanently deleted after a 30-day grace period. Billing records are retained for 7 years as required by law.

7. Your Rights (GDPR Art. 15–22)

As an EU/EEA resident, you have the right to:

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate data
  • Erasure: request deletion of your data
  • Data portability: receive your data in a machine-readable format
  • Restriction: limit how we process your data
  • Object: opt out of processing based on legitimate interest

You can exercise these rights from your account settings or by contacting us at privacy@placon.ai.

8. Data Security

We implement industry-standard measures including encrypted connections (TLS), hashed passwords (bcrypt), and regular security audits.

9. Cookies

We use essential cookies for authentication and session management. See our Cookie Policy for details.

10. International Transfers

Your data may be transferred to servers located in the EU and US (AWS). Transfers to the US are covered by the EU-US Data Privacy Framework.

11. Changes

We will notify you of material changes to this policy via email. Continued use of the Service constitutes acceptance.

12. Contact

For privacy inquiries, contact us at privacy@placon.ai.