Privacy Policy

Last updated: 2025-10-24 (SGT)

This policy explains how Cento AI collects, uses, and protects personal data for membership-based Sora 2 video generation. We operate on the freesora.video domain and rely on Creem for compliant subscription billing.

1. Data We Collect

We collect account identifiers (email, Supabase user ID) during registration, billing metadata supplied via Creem, usage telemetry for rate limiting, and security fingerprints for abuse prevention. We do not permanently store prompts or generated media.

2. How We Use Your Data

Data is used to authenticate members, allocate credits, process payments, detect abuse, and deliver product updates. Aggregated, anonymised analytics help us monitor system performance.

3. Third-Party Processors

We share necessary data with trusted partners: Creem (payments and invoices), Supabase (authentication and storage), Cloudflare (bot protection and CDN), and Google (optional analytics/ads). Each processes data under its own policy.

4. Retention & Security

Billing records are retained to meet financial obligations. Security logs expire automatically within defined windows (typically 5–30 minutes). Access is restricted to authorised personnel and all communication uses TLS encryption.

5. Your Rights

You may request access, correction, or deletion of personal data where legally permitted. Contact us via support to exercise data subject rights. Some data (e.g. billing invoices) may be retained when required by law.

6. Contact

Questions about privacy? Email [email protected]. We respond within three business days.