Privacy Policy

Effective Date: October 10, 2025

1. Introduction

AllVideoModels AI ("AllVideoModels", "we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI video generation platform at allvideomodels.com (the "Service").

Important Note on AI Services: Our Service uses third-party AI model providers (including Runway, Pika Labs, Volcano Engine, Luma AI, and others). When you use our Service, your Input content (images, videos, prompts) may be transmitted to and processed by these third-party providers. Please review this policy carefully to understand how your data is handled.

By using our Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

Account and Profile Information

When you create an account or use our Service, we collect:

  • Name and email address
  • Account credentials (username, password)
  • Profile preferences (language, default settings)
  • Account type and subscription status

Payment and Billing Information

To process subscriptions and credit purchases, we collect:

  • Payment method information (processed through Creem payment processor)
  • Billing address and transaction history
  • Invoice records and purchase history
  • Credit card tokens (we do not store full card numbers)

Input Content (User-Generated Media)

When you use our Service to generate videos, we collect and process:

  • Images and videos you upload (source material for video generation)
  • Text prompts and descriptions you provide
  • Generation parameters and settings (resolution, duration, effects)
  • All such content is referred to as "Input Content" in this policy

AI-Generated Output

Following video generation, we store and manage:

  • Generated video files produced by AI models
  • Metadata about generation tasks (timestamps, model used, processing time)
  • Video generation history and results
  • All such content is referred to as "Output Content" in this policy

Usage and Analytics Data

We automatically collect information about how you interact with our Service:

  • Device information (IP address, browser type, operating system, device model)
  • Usage patterns (pages visited, features used, generation attempts)
  • Performance data (load times, error rates, video processing metrics)
  • Click streams and navigation patterns
  • Timestamps and session duration

Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain session authentication
  • Remember user preferences (language, theme)
  • Track analytics (PostHog, Google Analytics, Microsoft Clarity)
  • Identify usage patterns and trends
  • Improve user experience

Third-Party Authentication

If you authenticate via Google OAuth or other providers, we receive:

  • Name and email address
  • Profile picture
  • Account verification status
  • Authentication tokens

Communication Data

When you contact us, we collect:

  • Support tickets and messages
  • Email correspondence
  • Feedback and suggestions
  • Customer service interactions

3. How We Use Your Information

Service Delivery

We use your information to:

  • Create and manage your account
  • Provide video generation services
  • Process and generate AI videos based on your Input Content
  • Store and deliver generated Output Content
  • Track generation history and task status
  • Manage your subscription and credits

Payment Processing

We use information to:

  • Process subscription purchases and renewals
  • Handle credit package purchases
  • Manage billing and invoicing
  • Detect and prevent payment fraud
  • Maintain financial records

Service Improvement and Development

We use data to:

  • Analyze usage patterns and trends
  • Improve Service features and performance
  • Develop new features and AI models
  • Personalize your experience
  • Troubleshoot technical issues
  • Conduct A/B testing and optimization

Analytics and Business Intelligence

We use analytics to:

  • Monitor Service performance and reliability
  • Track user engagement metrics
  • Generate aggregated statistical reports
  • Identify usage trends
  • Optimize resource allocation

Communications

We use your information to:

  • Send account notifications and updates
  • Respond to support requests and inquiries
  • Send service announcements
  • Provide customer support
  • Send marketing communications (with your opt-in consent)

Security and Compliance

We use information to:

  • Prevent, detect, and address fraud and security incidents
  • Enforce our Terms of Service and other agreements
  • Protect the rights, property, and safety of users and the Service
  • Comply with legal obligations and regulatory requirements
  • Investigate and resolve disputes

4. How We Share Your Information

With Third-Party AI Video Providers

Important: To generate AI videos, we transmit your Input Content (images, videos, and text prompts) to third-party AI model providers. These providers are:

  • Runway AI - For Runway Gen-3 video generation
  • Pika Labs - For Pika video generation
  • Volcano Engine (ByteDance) - For Doubao AI video generation
  • Luma AI - For Luma Dream Machine video generation
  • Evolink AI - For Evolink Veo3 video generation

Each provider processes your Input Content according to their own privacy policies. We recommend reviewing their privacy policies to understand how they handle your data.

With Payment Processors

We share payment and billing information with:

  • Creem (payment processing)
  • Payment networks and financial institutions

Payment information is processed according to PCI DSS standards. We do not store full credit card numbers.

With Analytics and Tracking Services

We share usage data with:

  • PostHog (product analytics)
  • Google Analytics (usage tracking)
  • Microsoft Clarity (session recording and analytics)

These services collect anonymized usage data to help us understand how users interact with our Service.

With Cloud Storage Providers

Your Input Content and Output Content are stored on cloud servers managed by:

  • Amazon Web Services (AWS S3)
  • Cloudflare R2

Data is encrypted in transit and at rest on these platforms.

With Email Service Providers

We share email addresses with Resend to send:

  • Account notifications and confirmations
  • Support responses
  • Marketing communications (only with your consent)

For Legal and Compliance Purposes

We may disclose your information when required by law or to:

  • Comply with legal obligations and regulatory requirements
  • Respond to lawful requests from courts or government authorities
  • Protect against fraud, security threats, or malicious activity
  • Enforce our Terms of Service and other agreements
  • Protect the rights, property, and safety of All Video Models, users, or the public

Business Transfers

In the event of a merger, acquisition, bankruptcy, reorganization, or sale of assets, your information may be transferred as part of that transaction. You will be notified of any such change and any choices you may have regarding your information.

With Your Explicit Consent

We may share your information for purposes not listed above only with your explicit, informed consent.

Aggregated and De-Identified Information

We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other purposes without restriction.

4a. Important Notice: AI Model Training

Critical Disclosure: Third-party AI video providers may use your Input Content (images, videos, and prompts) and Output Content (generated videos) to train, improve, and refine their AI models.

This means that:

  • Your Input Content may be retained by third-party providers for model training purposes
  • Generated Output Content may be used to improve AI model accuracy and capabilities
  • Such usage may occur even after your account is deleted
  • You should not upload confidential, proprietary, or sensitive content unless you are comfortable with this potential use
  • We recommend reviewing each AI provider's privacy policy to understand their specific data usage terms

If you do not consent to your Input Content and Output Content being used by third-party providers for AI training, please do not use our Service.

All Video Models does not control or restrict how third-party AI providers use data for model training purposes. We encourage you to contact these providers directly if you have concerns about your data usage.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

Technical Safeguards

  • SSL/TLS encryption for data in transit
  • AES-256 encryption for sensitive data at rest
  • Secure API connections to third-party providers
  • Regular security audits and vulnerability assessments
  • Web Application Firewall (WAF) protection
  • DDoS protection and rate limiting

Organizational Safeguards

  • Role-based access controls (RBAC)
  • Principle of least privilege for employees and systems
  • Multi-factor authentication (MFA) for employee accounts
  • Employee training on data protection and privacy
  • Confidentiality agreements with employees and contractors
  • Regular data protection compliance audits

Data Storage Security and Privacy-First Policies

  • Automatic 7-Day Video Deletion: All generated videos are automatically and permanently deleted after 7 days, significantly reducing long-term data exposure and privacy risks
  • Uploaded files (Input Content) encrypted at rest using AES-256 encryption on cloud storage
  • Generated videos (Output Content) encrypted at rest during the 7-day retention window
  • Immediate deletion of temporary processing files after video generation completes
  • Encrypted backups stored securely with restricted access
  • Cloud storage providers (AWS S3, Cloudflare R2) comply with industry standards (ISO 27001, SOC 2 Type II)
  • Minimized Data Retention: By automatically deleting videos after 7 days, we minimize the amount of user data stored on our servers, reducing potential exposure in the unlikely event of a security breach

Privacy Benefit: Our 7-day automatic deletion policy means that even if our servers were compromised, attackers would only gain access to videos generated within the past 7 days - not your entire historical output. This significantly limits potential privacy exposure.

Payment Security

  • Compliance with Payment Card Industry Data Security Standard (PCI DSS)
  • Payment processing handled by certified payment processors
  • No storage of full credit card numbers on our servers
  • Use of payment tokens for repeat transactions

Incident Response

  • Documented incident response procedures
  • 24/7 security monitoring and alerting
  • Rapid containment and remediation protocols
  • User notification in case of data breaches (as required by law)

Important Limitation: No method of transmission over the Internet or electronic storage is 100% secure. While we implement robust security measures, we cannot guarantee absolute security or protection against all possible cyberattacks. You use our Service at your own risk, and you are responsible for maintaining the confidentiality of your account credentials.

6. Data Retention

We retain your personal information for different periods depending on the type of data and purpose:

Account Information

  • Retained while your account is active
  • Deleted or anonymized within 90 days after account deletion (unless legally required to retain)

Input Content and Output Content

Privacy-First Approach: We implement an automatic 7-day deletion policy for all generated videos to protect your privacy. Once videos are generated, you have 7 days to download them before they are permanently and automatically deleted from our cloud storage.

  • Input Content (Uploaded Files): Images and videos you upload are retained for 30 days after upload to allow for regeneration or reference, then automatically deleted. You may request earlier deletion at any time.
  • Output Content (Generated Videos):
    • Automatic 7-Day Deletion: All generated videos are automatically and permanently deleted from our cloud storage 7 days after generation
    • This applies to ALL users regardless of subscription plan
    • You are responsible for downloading and backing up videos you wish to keep before the 7-day window expires
    • After 7 days, videos cannot be recovered - no exceptions
    • This policy ensures your generated content is not retained indefinitely on our servers
  • Third-Party AI Providers: May retain copies of Input/Output for model training purposes beyond our deletion timeline (see Section 4a)

Why 7 days? This policy balances user convenience (enough time to download) with privacy protection (minimizing long-term data retention). We believe in not keeping your creative work longer than necessary.

Payment and Transaction Records

  • Retained for 7 years for tax and legal compliance
  • Processing records retained per PCI DSS requirements

Analytics and Usage Data

  • Aggregated usage data retained indefinitely
  • Personally identifiable analytics data retained for 12 months
  • Session logs retained for 30 days

Support and Communication Records

  • Support tickets retained for 3 years
  • Email communications retained for 2 years
  • Feedback and suggestions retained indefinitely (unless personally identifiable)

Cookies and Tracking Data

  • Session cookies deleted when you close your browser
  • Persistent cookies retained for up to 2 years
  • Third-party analytics cookies subject to their retention policies

Legal Hold and Exceptions

Notwithstanding the above, we may retain personal information for longer periods if:

  • Required by law or legal process
  • Necessary to resolve disputes or enforce agreements
  • Related to ongoing investigations or litigation
  • Required for security or fraud prevention

When we no longer need your information, it will be securely deleted or anonymized in accordance with our data retention and secure deletion policies. Deletion is performed through cryptographic erasure, overwriting, or physical destruction of storage media.

7. Your Rights and Choices

Depending on your location, you may have specific rights regarding your personal information. We respect these rights and provide mechanisms to exercise them. To submit a privacy request, email us at zhiming.zhao.apply@gmail.com with "Privacy Request" in the subject line.

Right to Access (Data Subject Access Request)

You have the right to request access to your personal information that we hold. We will provide you with a copy of your data in a structured, commonly used, and machine-readable format (CSV or JSON) within 30 days of verification.

Right to Data Portability

You can request your personal information in a portable format suitable for transfer to another service provider. This includes account data, usage history, and generated videos (Output Content).

Right to Correction and Update

You can correct inaccurate or incomplete information in your account. You may do this directly through your account settings or by requesting our assistance.

Right to Deletion (Right to Be Forgotten)

You can request deletion of your personal information, including:

  • Your account and profile information
  • Your uploaded Input Content
  • Your generated Output Content
  • Your usage history and analytics

Exceptions to deletion requests include information required for legal compliance, fraud prevention, or to resolve disputes. Third-party AI providers may retain copies of content they processed (see Section 4a).

Right to Restrict Processing

You can request that we restrict how we process your personal information. For example, you can limit processing to storage only while disputing accuracy.

Right to Object

You can object to processing of your personal information for direct marketing, analytics, or other non-essential purposes. This does not affect processing necessary to provide our Service.

Right to Withdraw Consent

If we process your information based on your consent, you can withdraw that consent at any time. This does not affect the lawfulness of processing based on consent before withdrawal.

Marketing Communications and Preferences

You can manage your marketing communication preferences by:

  • Clicking "Unsubscribe" in any marketing email
  • Managing email preferences in your account settings
  • Contacting us at zhiming.zhao.apply@gmail.com

Opting out of marketing emails will not affect transactional communications (account notifications, payment confirmations, support responses).

Cookie Management

You can control cookies through:

  • Browser settings (enable/disable cookies, delete stored cookies)
  • Browser privacy modes to block tracking
  • Browser extensions for additional tracking prevention
  • Our cookie consent banner (when available)

Disabling cookies may affect the functionality and user experience of our Service.

Do Not Track (DNT) Signals

Our Service recognizes browser Do Not Track (DNT) signals. If you enable DNT, we will limit our tracking of your activity. However, third-party analytics services may continue tracking unless they independently honor DNT signals.

Exercise Your Rights

To exercise any of these rights, please contact us at:

  • Email: zhiming.zhao.apply@gmail.com
  • Subject line: "Privacy Request - Access" (replace "Access" with the specific right you are exercising)

Please include your account email and a clear description of your request. We will verify your identity and respond within 30 days (or as required by applicable law). In some cases, we may require additional information to verify your identity or locate your data.

No Discrimination

We will not discriminate against you for exercising your privacy rights. You will not be denied access to services, charged different prices, or provided different quality of service based on exercising your rights.

8. International Data Transfers

Our Service is operated globally, and your personal information may be transferred to, stored in, and processed in countries other than your country of residence. This includes:

  • Cloud servers operated in multiple geographic regions
  • Third-party AI video providers operating internationally
  • Payment processors and financial service providers
  • Analytics and customer support platforms

Data Transfer Safeguards

Countries outside your country of residence may have different data protection laws. We implement appropriate safeguards for international transfers:

  • Standard Contractual Clauses (SCCs) with service providers
  • Data Processing Agreements (DPAs) ensuring GDPR compliance
  • Binding Corporate Rules (BCRs) where applicable
  • End-to-end encryption for sensitive data
  • Regular audit and compliance reviews

EU-U.S. Data Transfers

For users in the European Economic Area (EEA), we note that the U.S. does not have a data protection regime deemed adequate by the European Commission. We rely on Standard Contractual Clauses and supplementary measures to ensure adequate protection of your data when transferred to the U.S.

Your Responsibility

By using our Service, you acknowledge that personal information may be transferred internationally and consent to such transfers. If you do not wish your information transferred internationally, please do not use our Service.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). We comply with these laws and provide the following disclosures:

Right to Know

You have the right to know what personal information we collect, how we use it, and with whom we share it. You can request:

  • The categories of personal information we have collected about you
  • The sources from which we collected this information
  • Our business purposes for collecting and using this information
  • The categories of third parties with whom we share this information
  • A copy of the specific personal information we have collected (with some exceptions)

Right to Delete

You can request deletion of personal information we have collected, subject to exceptions. We may retain information necessary for:

  • Completing the transaction for which it was collected
  • Detecting security incidents
  • Complying with legal obligations
  • Enabling internal uses reasonably aligned with your expectations

Right to Correct

You can request that we correct inaccurate personal information, taking into account the nature of the information and the purposes of processing.

Right to Opt-Out of Sale and Sharing

We do not sell or share personal information for targeted advertising, cross-context behavioral advertising, or other commercial purposes as defined by the CCPA/CPRA. Therefore, this right does not apply to our Service.

Right to Limit Use and Disclosure

You can request that we limit our use and disclosure of your sensitive personal information (such as financial information or social security numbers) to what is necessary to provide the services requested.

Right to Data Portability

You can request a copy of your personal information in a portable and, to the extent technically feasible, readily usable format (CSV, JSON, etc.).

Right to Opt-Out of Automated Decision-Making

You can opt-out of decisions made solely by automated means that produce legal or similarly significant effects concerning you (CPRA only).

Right to Non-Discrimination

We will not discriminate against you for exercising your rights. You will not receive different prices or service quality, or be denied access, based on your exercise of privacy rights.

Verification of Requests

To verify your California privacy request, you must provide sufficient information to allow us to reasonably verify you are the person about whom we collected personal information or an authorized representative. We may request additional information as permitted by law.

Personal Information Categories (CCPA Disclosure)

Under CCPA, we collect the following categories of personal information:

  • Identifiers (name, email, phone, IP address)
  • Commercial information (account type, subscription, purchase history)
  • Audio/video information (uploaded images, videos, prompts)
  • Internet activity (browsing history, search history, interaction with content)
  • Geolocation data (based on IP address)
  • Inferences drawn from your activity (preferences, interests, characteristics)

Exercise Your California Rights

To submit a California privacy request, contact us at:

  • Email: zhiming.zhao.apply@gmail.com
  • Include: "California Privacy Request" and specify the right you're exercising

We will respond to verifiable requests within 45 days (or 90 days if more time is needed). You can make requests twice per calendar year.

10. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have enhanced rights under the General Data Protection Regulation (GDPR) and similar laws. We comply with these regulations and provide the following information:

Lawful Basis for Processing

We process your personal information on the following lawful bases:

  • Performance of a Contract: To provide our Service and process payments
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Compliance with Legal Obligations: To comply with tax, financial, and legal requirements
  • Consent: For marketing communications and optional analytics (after obtaining your explicit opt-in)

Data Controller and Processor

All Video Models is the data controller for your personal information. We use processors (such as cloud providers and payment processors) to process data on our behalf, all under strict Data Processing Agreements.

Right to Be Informed

We provide transparent information about how we collect, use, and protect your data through this Privacy Policy and privacy notices.

Right of Access

You can request a copy of your personal information in a structured, commonly used, machine-readable format within 30 days of your request.

Right to Rectification

You can request correction of inaccurate or incomplete personal information at any time.

Right to Erasure (Right to Be Forgotten)

You can request deletion of your personal information in certain circumstances, including:

  • The data is no longer necessary for the purpose collected
  • You withdraw consent for processing based on consent
  • You object to processing and there is no overriding legitimate interest
  • The data was unlawfully processed

Exceptions apply where data must be retained for legal compliance, contractual obligations, or other lawful purposes.

Right to Restrict Processing

You can request restriction of processing in certain situations, such as:

  • While you dispute the accuracy of your data
  • When processing is unlawful but you request restriction instead of deletion
  • When we no longer need the data but you require it for legal claims

Right to Data Portability

You can receive a copy of your personal information and transmit it to another organization in a structured, commonly used, machine-readable format.

Right to Object

You can object to processing of your personal information for:

  • Direct marketing purposes
  • Analytics and profiling for targeted purposes
  • Processing based on legitimate interests

Rights Related to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. Currently, we do not employ fully automated decision-making, but we can discuss our processes upon request.

Right to Withdraw Consent

If we process your information based on your consent, you can withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with your national data protection authority if you believe we have violated your rights. Key authorities include:

  • Ireland: Data Protection Commission (DPC)
  • Germany: State Data Protection Authorities
  • France: Commission Nationale de l'Informatique et des Libertés (CNIL)
  • United Kingdom: Information Commissioner's Office (ICO)
  • Other EU member states: See your national authority website

Exercise Your GDPR Rights

To submit a GDPR data subject request, contact us at:

  • Email: zhiming.zhao.apply@gmail.com
  • Subject: "GDPR Data Subject Request - Access" (replace "Access" with the specific right you are exercising)

We will respond to verifiable requests within 30 days (or 60 days for complex requests). You have the right to lodge a complaint if you are not satisfied with our response.

Data Protection Officer

If you have questions about our GDPR compliance or data processing practices, you may contact our Data Protection Officer at: zhiming.zhao.apply@gmail.com

11. Children's Privacy (COPPA Compliance)

Our Service is designed for users 18 years of age and older. We do not knowingly collect or solicit personal information from children under 13 years of age or knowingly permit children under 13 to use our Service. We also do not market to or collect information from users under 18 without appropriate parental consent.

Age Restrictions

By using All Video Models, you represent and warrant that you are:

  • At least 18 years of age, or
  • Between 13 and 18 years old with verifiable parental consent, or
  • Authorized to use the Service on behalf of a minor with appropriate parental consent

COPPA Compliance (Children's Online Privacy Protection Act)

We comply with the Children's Online Privacy Protection Act (COPPA). We do not:

  • Knowingly collect personal information from children under 13
  • Provide marketing or advertising directed at children
  • Share children's information with third parties for marketing purposes
  • Allow children to post personally identifiable information in public areas

Parental Consent and Control

If a parent or guardian believes their child has provided information to us, they can:

  • Contact us immediately at zhiming.zhao.apply@gmail.com to request deletion
  • Request that we provide information we have collected about the child
  • Request that we restrict further collection or use of the child's information

Unauthorized Use by Minors

If we discover that a user is under the required age and has used our Service without proper parental consent, we will:

  • Immediately cease collection of personal information from that user
  • Delete all personal information collected from the minor
  • Contact the parent or guardian if contact information is available

Report Violations

If you believe we have violated COPPA or are collecting information from children inappropriately, you can report this to:

  • Email us: zhiming.zhao.apply@gmail.com
  • Federal Trade Commission (FTC): www.ftccomplaintassistant.gov
  • Your state attorney general's office

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We encourage you to review this policy regularly to stay informed about how we protect your information.

How We Notify Changes

  • Minor changes will be posted on this page with an updated "Last Updated" date
  • Significant changes will be communicated via email to your registered address
  • We may display a prominent notice on our Service for material changes
  • Changes requiring user consent will require your explicit agreement

Effective Date

Your continued use of our Service after changes become effective constitutes your acceptance of the updated Privacy Policy. If you disagree with any changes, you may delete your account and cease using our Service.

Version History

We maintain a version history of significant policy changes. For previous versions of our Privacy Policy, please contact us at zhiming.zhao.apply@gmail.com.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or your personal information, please contact us:

  • Email: zhiming.zhao.apply@gmail.com
  • Website: https://allvideomodels.com

Response Times

  • General inquiries: 5-7 business days
  • Data subject access requests: 30 days (or 60 days for complex requests)
  • Privacy rights requests: As required by applicable law

Disclaimer

This is a template for informational purposes only. While we have endeavored to make this Privacy Policy comprehensive and compliant with applicable laws, it should not be construed as legal advice. We recommend consulting with a qualified attorney for legal advice specific to your situation or jurisdiction.

AllVideoModels AI
Copyright © 2025 AllVideoModels AI
All rights reserved
Contact us:
zhiming.zhao.apply@gmail.com
Subscribe to Newsletter
PricingBlog
Terms of ServicePrivacy PolicyCookie PolicyRefund Policy

AllVideoModels AI