Privacy

The short version

• Your service videos are never used to train AI models.
• Transcription and speaker recognition run on our hosted infrastructure (see Third parties below). Your videos and transcripts are not shared with any third party for the purpose of training their AI models.
• Source video files are deleted from our storage after publishing completes (default 7 days; configurable).
• When you connect a YouTube, Vimeo, or Google Drive account, we store encrypted OAuth tokens and request only the minimum scopes needed for upload or folder watch.
• We do not sell your data. Ever.

What we collect

Your name and email when you sign in via magic link. The name of your organization. The metadata of each upload (filename, size, duration, the destinations you chose). Transcripts and speaker labels you create. Logs of which destination publishes succeeded or failed.

What we don’t collect

Full video bodies after publishing. Personal information about people named in your sermons. Anything from a Google Drive folder beyond the specific file IDs and modification timestamps we need to detect new uploads.

Third parties

Cloudflare R2 (object storage), Supabase (database, auth, realtime), Vercel (hosting), Mailgun (transactional email — magic-link OTPs, upload notifications), Stripe (billing, post-MVP). YouTube, Vimeo, and Google Drive are connected only when you authorize them.

Your rights

Email hello@uploads.run to request a copy of your data or to delete your organization. We respond within 30 days.

This is a placeholder privacy policy required for OAuth verification. We will replace it with a final, lawyer-reviewed version before public launch.