Privacy Policy
Version v1-draft-2026-04-20 · last updated 2026-04-20
Beta notice. This policy is a working draft pending Indonesian legal review. The final version may differ in wording, not in substance. If we materially expand what we collect or share, we'll email you 30 days ahead.
Controller
PT AIgnited, Jakarta, Indonesia. Contact: privacy@aignited.id.
What we collect
- Account: email, name, locale, timestamps (via WorkOS Google OAuth).
- Payments: Mayar invoice IDs, amounts, status. We never see card data.
- Content: prompts, generated videos, audio uploads, your meta.ai session cookie (encrypted at rest).
- Usage: project/clip counts, refusals, timestamps.
- Technical: IP (30-day log retention), user-agent, request IDs.
Purposes & legal basis (PDPL Law 27/2022)
- Service delivery + billing — contract performance.
- Abuse prevention and security — legitimate interest.
- Analytics — only with your opt-in consent.
Retention
- Account: until deletion request + 30 days soft-delete.
- Videos: until you delete or close the account + 30 days.
- Cookies: until deleted or marked dead + 7 days.
- Audit log: 12 months. Request logs: 30 days.
Subprocessors
- Cloudflare — hosting, CDN.
- Neon — database (Singapore).
- WorkOS — authentication.
- Mayar — payments (Indonesia).
- Resend — transactional email.
- Meta Platforms — content generation, via your own session (BYOC).
International transfers
Data is stored in Singapore (Neon ap-southeast-1). Cloudflare caches may traverse their global edge.
Your rights under PDPL
Access, rectify, delete, port, object, or withdraw consent any time. Email privacy@aignited.id. We respond within 30 days.
Security
TLS in transit. Your meta.ai cookie is encrypted with XChaCha20-Poly1305 at rest. Decryption keys are split between our Worker and VPS; we never log cookies.
Breach notification
We will notify affected users and regulators within 72 hours of a confirmed high-risk breach (PDPL Art. 46).
Children
Reelo is for users 18+.
Changes
Material changes are emailed 30 days ahead. The version and date at the top of this page reflect the current policy.