YourAIClips | Privacy Policy

1. Controller Identification
The data controller responsible for the processing of personal data on this Platform is DCX TRADE s.r.o., a company duly incorporated and existing under the laws of the Czech Republic, with its registered office at Lidická 700/19, Veveří, 602 00 Brno, Czech Republic, and registered in the Commercial Register maintained by the Regional Court in Brno under File No. C 101692, Company Identification Number (IČ) 06368247.

2. Contact Details
For any questions, concerns, or requests regarding the processing of personal data on the Platform, users may contact the data controller directly via the email address youraiclips@proton.me. For official communications or legal notices from public authorities within the Czech Republic, the Operator maintains an official Data Box with the ID 2gcpxqr, which serves as the legally recognized channel for such communications.

3. Data Protection Officer (DPO)
The Operator has not appointed a Data Protection Officer, as it is not required under Article 37 GDPR. The Operator has designated a contact point for data protection matters, reachable at youraiclips@proton.me.

4. Legal Basis Statement
The processing of personal data by the Operator on the Platform is based on the legal requirements set forth in the General Data Protection Regulation (GDPR) and applicable Czech law. As the data controller, DCX TRADE s.r.o. ensures that all personal data are processed lawfully, fairly, and transparently. The legal basis for processing personal data includes the necessity for the performance of a contract, such as the creation and management of user accounts, the provision of services, and the facilitation of transactions. Processing is also based on the legitimate interests of the controller, including maintaining the security, functionality, and integrity of the Platform, preventing fraud or abuse, and improving the user experience. Where applicable, processing may rely on explicit user consent, for example in the use of marketing communications, newsletters, or certain cookies. Additionally, processing may be necessary to comply with legal obligations, including accounting, tax, and reporting requirements under Czech and EU law. By using the Platform, users acknowledge that their personal data will be processed in accordance with these legal bases, ensuring that all data handling meets the standards of transparency, accountability, and compliance mandated by the GDPR.

1. Account Registration and Management
When you register for a User Account on the Platform, we collect and process certain personal data, including your email address and any information provided during the registration process. This data is used solely for the purpose of creating and managing your account, verifying your identity, enabling access to Platform features, and ensuring that you can securely log in and use the services. The processing of this data is necessary for the performance of the contract between you and the Operator, as outlined in Articles 6(1)(b) of the GDPR. By registering an account, you consent to the collection and use of your personal data for these purposes, and you acknowledge that your information will be processed lawfully, fairly, and transparently in accordance with GDPR requirements.

2. Service Provision (AI Tools and Platform Features)
The Platform provides registered users with access to AI-powered tools that enable the creation, upload, publication, organization, sharing, and, where applicable, monetization of synthetic AI-generated content. To facilitate these services, we process personal data, including account information, content metadata, and usage data, to ensure proper functioning of the Platform and its features. This data processing is necessary for the performance of the contract between the user and the Operator, as defined in Articles 6(1)(b) GDPR. By using the Platform’s tools and features, users acknowledge and consent to the processing of their personal data for the purpose of delivering and maintaining these services, ensuring system functionality, and providing a seamless and secure user experience.

3. Payments and Monetization
For users who activate a Vendor Account or engage in transactions on the Platform, we process personal and financial data, including bank account details, payment information, and transaction history, to facilitate payments, manage vendor balances, and process purchases or monetization of content. This processing is necessary for the performance of the contract between the user and the Operator, and to comply with applicable legal obligations such as accounting, tax reporting, and financial regulations, in accordance with Articles 6(1)(b) and 6(1)(c) GDPR. Users acknowledge and agree that their personal and financial data will be processed to ensure accurate, secure, and lawful handling of all transactions, and to enable the Operator to meet its contractual and regulatory responsibilities.

4. Platform Security and Fraud Prevention
To protect the Platform, its users, and their data, we process personal data for security purposes and to prevent fraud or unauthorized access. This includes monitoring login attempts, account activity, and interactions with the Platform to detect suspicious, malicious, or potentially harmful behavior. The processing of such data is based on the legitimate interests of the Operator, as outlined in Article 6(1)(f) GDPR, specifically to ensure the integrity, availability, and safe operation of the Platform. Users acknowledge that these security and fraud prevention measures are essential for maintaining a trustworthy and secure environment, and consent to the processing of personal data for these purposes.

5. Analytics and Platform Improvement
We process personal data, including usage data, interaction patterns, and engagement metrics, to analyze how users interact with the Platform and its features. This information is used to monitor performance, optimize functionality, enhance user experience, and develop new features. The processing is based on the legitimate interests of the Operator, as specified in Article 6(1)(f) GDPR, to continuously improve the Platform while ensuring its reliable and efficient operation. Users acknowledge and agree that such data processing is essential for maintaining and enhancing the quality and functionality of the Platform, and that all analyses are conducted in a manner compliant with applicable data protection laws.

6. Communication and Support
We process personal data, including your email address and account information, to respond to inquiries, provide customer support, and deliver important notifications regarding the Platform, its services, or updates to terms and policies. This processing is necessary for the performance of the contract with the user and, in some cases, based on the legitimate interests of the Operator, as defined in Articles 6(1)(b) and 6(1)(f) GDPR. Users acknowledge that by contacting the Operator or using support channels, their personal data may be used to address their requests efficiently, provide guidance, and ensure proper communication regarding their account and Platform activities.

7. Marketing and Newsletters
If you opt in to receive promotional communications, newsletters, or marketing materials from the Platform, we process your personal data, such as your email address and preferences, to deliver these messages. This processing is based on your explicit consent, as required under Article 6(1)(a) GDPR. You have the right to withdraw your consent at any time by following the unsubscribe instructions provided in each communication or by contacting the Operator directly. Users acknowledge that their personal data will only be used for the purposes for which consent has been granted and that the Operator respects all rights related to consent withdrawal and marketing communications.

8. Compliance with Legal Obligations
We process personal data to comply with applicable laws, regulations, and legal obligations, including accounting, tax reporting, anti-fraud measures, and responding to lawful requests from public authorities. This processing is necessary for compliance with legal obligations imposed on the Operator under Articles 6(1)(c) GDPR. Users acknowledge that certain personal data may be retained and processed to fulfill statutory requirements and to enable the Operator to meet its obligations under Czech and European Union law. Such processing is conducted in a lawful, transparent, and proportionate manner, ensuring that data is only used for the purposes required by applicable legal frameworks.

1. Account Information
We process personal data provided by users during account registration and management, including email addresses, usernames, and encrypted passwords. This information is collected to create, maintain, and secure user accounts, enable login and access to Platform services, and facilitate communication with users regarding their accounts. Users may also provide optional profile information, which is processed to enhance the user experience, personalize content, and allow participation in Platform features such as AI tools, commenting, and interactions. The processing of account information is necessary for the performance of the contract between the user and the Operator, and it is handled in accordance with the principles of lawfulness, fairness, transparency, data minimization, and security as required by the GDPR.

2. Profile and Publicly Shared Information
Users may voluntarily provide personal information in their public profiles, including but not limited to age, gender, sexual orientation, biography, interests, or links to social media accounts. This data is processed to display user profiles, enable social interactions, personalize user experience, and facilitate engagement with other users on the Platform. Processing of publicly shared profile information is based on the performance of the contract, legitimate interests of the Operator, and, where applicable, explicit user consent. Users acknowledge that information they provide in public profiles will be visible to other users and may be processed accordingly in compliance with GDPR principles.

3. Content Metadata
When users create, upload, publish, or share content on the Platform, certain metadata associated with the content may be processed. This includes, but is not limited to, the content creation date and time, file names, tags, descriptions, categories, usage patterns, and technical information about the device or software used to generate or upload the content. Processing of content metadata is necessary to manage, organize, display, and provide functionality for user-generated content, to enable search and recommendation features, and to ensure proper operation of the Platform.

4. Usage Data
We may process data related to your interactions with the Platform, including login times, session duration, pages visited, features used, clicks, navigation patterns, and engagement with content such as Clips, Stories, Posts, or other user-generated material. Processing of usage data is necessary to operate and improve the Platform, analyze trends, optimize performance, ensure security, and provide a personalized user experience.

5. Communication Data
We may process personal data that you provide when communicating with the Operator or other users on the Platform. This includes, but is not limited to, messages sent via support channels, emails, comments, inquiries, or feedback submitted through the Platform. Processing of communication data is necessary to respond to user requests, provide support, address complaints, ensure proper account management, and maintain the integrity and functionality of the Platform.

6. Device and Technical Data
We may process information about the devices and technical environments you use to access the Platform. This includes, without limitation, device type, operating system, browser type and version, IP address, device identifiers, screen resolution, language preferences, system settings, and information collected via cookies or similar technologies. Processing of device and technical data is necessary to ensure the secure and proper operation of the Platform, detect and prevent fraud, optimize performance, maintain compatibility with various devices, and improve the overall user experience.

7. Marketing Preferences
We may process personal data related to your preferences for receiving marketing communications, newsletters, promotional offers, or other information from the Platform. This includes, for example, your opt-in status, selected topics of interest, frequency preferences, and any changes you make to your marketing settings.

8. Legal and Compliance Data
We process personal data necessary to comply with legal and regulatory obligations, including identity verification, anti-fraud measures, tax and accounting requirements, and other statutory reporting obligations. This may include government-issued identification, proof of address, bank account information, tax identification numbers, and any other documentation required to meet applicable Czech and European Union laws.

9. Processing data of minors
The Platform is intended for users aged 18 or older. Personal data of children under 18 are not processed.

1. Internal Recipients
Personal data may be accessed by employees, contractors, or affiliated entities of the Operator who require such data to perform their duties related to account management, customer support, platform operation, or compliance with legal obligations. Access is granted on a strict need-to-know basis, and all internal recipients are bound by confidentiality obligations.

2. Service Providers and Third-Party Vendors
Personal data may be shared with third-party service providers engaged by the Operator to facilitate platform functionality, including payment processors, cloud hosting providers, AI tool providers, analytics services, email delivery services, and other technical or operational services. Such providers process personal data only for the purposes instructed by the Operator and are required to comply with GDPR and confidentiality standards. Some of these services, including cloud hosting, may involve the transfer of personal data outside the European Economic Area (EEA). All such transfers are carried out in accordance with the GDPR and are protected by appropriate legal mechanisms, including Standard Contractual Clauses, to ensure the security and confidentiality of personal data.

3. Legal and Regulatory Authorities
The Operator may disclose personal data to public authorities, regulators, law enforcement, or other governmental bodies when required by law, regulation, or legal process, including for tax reporting, anti-fraud measures, or investigations. Such disclosures are strictly limited to the data necessary to comply with legal obligations.

4. User Interactions
Certain personal data, such as information contained in public profiles, comments, Stories, Posts, or other content explicitly shared on the Platform, may be visible to other users. Users acknowledge that such data is voluntarily shared and accessible according to the settings and privacy controls provided by the Platform.

5. Anonymized and Aggregated Data
Personal data may be processed in anonymized or aggregated form for analytics, research, reporting, or platform improvement purposes. Once anonymized, such data no longer constitutes personal data and may be shared or published without restriction.

1. Account Data Retention
Personal data provided during registration, including email address and account credentials, are retained for as long as the user maintains an active account on the Platform. Upon deletion or deactivation of the account, personal data may be retained for a limited period to comply with legal obligations, prevent fraud, or resolve disputes.

2. Content and Metadata Retention
Data associated with content created, uploaded, or shared by users, including Clips, Stories, Posts, and related metadata, are retained for as long as the content remains on the Platform. Deletion of content by the user or the Operator will remove associated personal data, except where retention is required for marketing, legal, regulatory, or compliance purposes.

3. Transaction and Payment Data
Personal and financial data related to transactions, monetization, or payments are retained for periods required by applicable accounting, tax, and financial regulations. This ensures compliance with Czech and EU legal obligations, including auditing and reporting requirements.

4. Communication and Support Data
Records of communications between users and the Operator, including support requests, inquiries, and notifications, are retained for as long as necessary to provide effective customer support, maintain a service history, or comply with legal obligations.

5. Analytics and Usage Data
Aggregated or anonymized analytics and usage data may be retained indefinitely for platform improvement, research, and operational optimization. Personal identifiers are removed from anonymized datasets to ensure GDPR compliance.

6. Legal Compliance and Retention Limits
The Operator retains personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, enforce agreements, resolve disputes, and ensure the security and integrity of the Platform. Retention periods are reviewed regularly to ensure compliance with GDPR and other applicable laws.

1. Right of Access (Article 15 GDPR)
Users have the right to obtain confirmation from the Operator as to whether their personal data is being processed. Upon request, users may receive a copy of all personal data held about them, along with information regarding the purposes of processing, categories of data, data recipients, retention periods, and their rights under the GDPR.

2. Right to Rectification (Article 16 GDPR)
Users have the right to request correction of any inaccurate or incomplete personal data held by the Operator. This ensures that all personal data processed is accurate and up-to-date.

3. Right to Erasure (“Right to be Forgotten”, Article 17 GDPR)
Users may request the deletion of their personal data when it is no longer necessary for the purposes it was collected, or if consent is withdrawn, unless retention is required by law for legal, regulatory, or compliance reasons. This includes account data, content metadata, and, where applicable, communication records.

4. Right to Restrict Processing (Article 18 GDPR)
Users may request that the processing of their personal data be restricted in certain circumstances, for example when contesting the accuracy of the data, objecting to processing, or during the assessment of a deletion request. Restricted data may still be stored but cannot be processed for other purposes without explicit consent.

5. Right to Data Portability (Article 20 GDPR)
Users have the right to receive their personal data in a structured, commonly used, and machine-readable format. They may also request the transfer of their personal data to another data controller, where technically feasible, without hindrance.

6. Right to Object (Article 21 GDPR)
Users may object to the processing of their personal data for reasons related to their specific situation, particularly when processing is based on legitimate interests. The Operator will review and assess objections and may continue processing only if legally justified.

7. Right to Withdraw Consent
Where processing is based on consent, users may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing performed prior to consent withdrawal. Users may withdraw consent by contacting the Operator at youraiclips@proton.me.

8. Right to Lodge a Complaint (Article 77 GDPR)
Users have the right to lodge a complaint with a supervisory authority, such as the Czech Office for Personal Data Protection, if they believe that their data protection rights have been violated. Users are encouraged to contact the Operator first to resolve any concerns directly.

9. Exercising Rights
To exercise any of the rights described above, users can contact the Operator via email at youraiclips@proton.me. Requests will be handled promptly, in accordance with GDPR timelines and requirements. The Operator may require verification of identity to ensure that requests are legitimate and secure.

1. Organizational and Technical Measures
Personal data is protected using appropriate organizational, technical, and security measures, proportional to the risks of processing. This includes access controls, data encryption, secure servers, software updates, and antivirus protection.

2. Data Encryption
Sensitive data, such as passwords, payment information, or personal identifiers, is encrypted both at rest and during transmission using secure protocols (e.g., TLS, AES).

3. Access Control
Access to personal data is strictly limited to authorized personnel who require such data to perform their duties. All employees and contractors are bound by confidentiality obligations.

4. User Account Security
The Platform provides features to protect user accounts, including secure password management, and monitoring of suspicious activity.

5. Incident Detection and Prevention
The Operator continuously monitors systems to detect unauthorized access, attacks, data breaches, or other security incidents and takes immediate action to mitigate risks.

6. Data Backups
Personal data is regularly backed up to ensure restoration in case of system failure, data loss, or corruption.

7. Protection in Data Sharing with Third Parties
When personal data is shared with service providers or partners, it is protected through contractual guarantees and security measures to ensure confidentiality and integrity.

8. Risk Assessment and Security Updates
Security measures are regularly reviewed and updated in line with evolving threats and technological advancements to ensure effective protection of personal data.

9. Data Breach Response
In the event of a personal data breach, the Operator will take immediate steps to minimize risks and, where required by law, notify the supervisory authority and affected individuals in accordance with GDPR