Legal

Privacy Policy

Last updated: 12 May 2026

Chillframe is a small product made by a small team. We collect only what we need to run it, we don't sell your data, and we want this policy to actually be readable.

1. Scope & controller

This Policy explains what personal data we process when you use Chillframe, the web service at chillframe.com that generates lofi YouTube videos with AI and (optionally) publishes them to a YouTube channel you own.

For the purposes of the EU and UK General Data Protection Regulations, the data controller is Chillframe. You can reach us at hi@chillframe.com for any privacy-related question. If you're in the EU/EEA or UK and we can't resolve a complaint, you can lodge it with your local supervisory authority.

2. Data we collect

What you give us directly

  • Account data. Your email address, and (if you sign in with Google) your name and profile image. We don't see your Google password.
  • Workspace data. The workspaces you create, the YouTube channels you connect to them, and the plan tier and subscription status you've chosen.
  • Inputs. The prompts, references, channel presets, and uploaded files you submit to generate videos.
  • Support & feedback. Anything you send us by email or via in-app feedback.

What we collect automatically

  • Usage events. Pages visited, videos generated, credits consumed, sign-in and billing events. We use this to run the product and to debug.
  • Device & log data. IP address, browser type, referrer, and timestamps for requests. These are kept in short-lived server logs.
  • Cookies. Strictly necessary cookies for authentication and security. See section 11.

What we get from third parties

  • Stripe. Billing status and the last four digits of your card. The full card number stays inside Stripe; we never see it.
  • YouTube. If you connect a channel, we receive the OAuth scopes you grant (typically channel ID, upload, and read-only analytics access). We don't read or store your private viewing history.

3. How we use data

We use the data above to:

  • create and operate your account, including signing you in via magic link or Google;
  • run the generative pipeline: turn your prompts into videos, schedule renders, and bill you the credits;
  • publish videos to YouTube channels you've connected, and read back basic performance data so the dashboard can show it;
  • charge subscriptions and trials, handle refunds, and meet our tax and accounting obligations;
  • send transactional emails (magic links, trial-ending notices, billing receipts, breach notifications);
  • monitor for abuse, fraud, and acceptable-use violations and keep the service secure;
  • improve the product: measure which features are used, debug errors, and prioritise new work.

4. Legal bases (EU/UK GDPR)

We rely on the following legal bases under Article 6 GDPR:

Contract
Running the service you signed up for: account, generation, publishing, billing, support.
Legitimate interest
Product analytics, abuse prevention, model and service improvement, and protecting our legal rights. We balance these against your privacy interests and limit what's collected.
Legal obligation
Tax records, fraud-prevention reporting, and responses to valid legal requests.
Consent
Optional marketing communications (if any), and any use of data outside the purposes listed above. You can withdraw consent at any time without affecting prior lawful use.

5. Sub-processors

We don't sell your data. We share it only with vendors that help us run the service, each under a data-processing agreement. Current sub-processors:

Cloudflare
Hosting (Workers + Hyperdrive), edge networking, DDoS protection, transactional email delivery.
PlanetScale
Managed Postgres for the application database.
Stripe
Payment processing, subscription management, billing portal.
Google (YouTube)
Sign-in (OAuth), and, if you connect a channel, uploads and analytics access. Subject to Google's privacy policy.
AI model providers
We use third-party generative models for music, image, and video synthesis. Inputs sent for generation may transit these providers' infrastructure. We contractually require them not to retain your prompts beyond what's needed to return the output and to honour deletion requests.
Error logging
Captures error stack traces and minimal request context. We scrub email and IP from error payloads where reasonably possible.

We disclose data outside these sub-processors only when we're legally required to (court order, lawful police request) or with your explicit instruction.

6. AI training

We do not train foundation models on your prompts or videos. We may use aggregated, de-identified usage data (for example: "the average user generates 4 videos per week") to improve prompt-handling heuristics and product UX.

Where a sub-processor's model would by default retain prompts for its own training, we configure the integration to opt out of training on user content. Where opt-out isn't supported, we don't use that provider.

7. YouTube data

Chillframe uses YouTube API Services. By connecting a channel, you agree to the YouTube Terms of Service and acknowledge the Google Privacy Policy. Specifically:

  • We request only the OAuth scopes needed to upload videos and read basic channel metadata. We don't ask for read access to private playlists, subscriptions, or watch history.
  • We store your channel ID, channel title, and OAuth refresh token so we can upload on your behalf. The refresh token is encrypted at rest.
  • We do not pass YouTube data to AI models for training, and we don't sell it.
  • You can revoke our access at any time from your Google account permissions page; doing so will disable uploads from Chillframe for that channel.

8. International transfers

Chillframe is operated from the United Kingdom, but several of our sub-processors are based in the United States. When personal data is transferred from the EU/EEA or UK to the US or to other countries without an adequacy decision, we rely on the EU Standard Contractual Clauses (and the UK addendum where relevant) and, where applicable, the EU–US Data Privacy Framework certification of the receiving party.

9. Retention

Account & workspace data
While your account exists, plus 30 days after deletion to recover from accidental deletes.
Generated videos
While your subscription is active. Once it ends, they remain downloadable for 30 days, then are deleted.
Billing records
6 years after the transaction, as required by UK tax and accounting law.
Server logs & error reports
30 days.
Backups
Up to 35 days. Deletion requests are honoured in live databases immediately; affected backups age out within this window.

10. Your rights

If you're in the EU/EEA or UK, you have the right to:

  • Access the personal data we hold about you;
  • Correct data that's inaccurate or incomplete;
  • Delete your account and the data tied to it (subject to legal-retention exceptions, such as billing records);
  • Restrict or object to certain processing, especially anything we do under legitimate interest;
  • Portability: receive a machine-readable copy of the data you've provided and have us transmit it elsewhere where technically feasible;
  • Withdraw consent at any time for processing we do under consent;
  • Lodge a complaint with a supervisory authority. In the UK, that's the Information Commissioner's Office (ICO); in the EU/EEA, your local data-protection authority.

To exercise any of these rights, email hi@chillframe.com. We aim to respond within 30 days. We may need to verify your identity before fulfilling certain requests.

If you're in California, you have analogous rights under the CCPA/CPRA. We do not "sell" or "share" personal information in the CCPA sense.

11. Cookies & tracking

We use a small number of strictly-necessary cookies to keep you signed in, to remember the workspace you last used, and to protect the site from CSRF attacks. These are essential for the service to function and don't require a consent banner under UK PECR or the EU ePrivacy Directive.

We don't run third-party advertising cookies, behavioural tracking pixels, or cross-site identifiers. Product analytics, where used, are first-party and aggregated.

12. Security

We take reasonable technical and organisational measures to protect personal data: TLS in transit, encryption at rest for secrets and OAuth tokens, scoped credentials per service, audit logging, and least-privilege access controls. No system is perfectly secure; if a breach affects you, we'll notify you and the relevant supervisory authority within 72 hours of becoming aware of it, as required by GDPR.

13. Children

Chillframe isn't for under-18s. We don't knowingly collect data from minors. If you believe a minor has signed up, contact us and we'll delete the account.

14. Changes

When we change this Policy, we update the "Last updated" date and, for material changes, give you at least 14 days' notice by email or in-product banner before the new version takes effect.

15. Contact

Privacy questions, data-access requests, complaints, or anything you'd want a human to see: hi@chillframe.com. The same address handles general support.