Creaa Privacy Policy

Effective Date: January 1, 2025 | Last Updated: January 1, 2025

1. Information Collection

1.1 Account Information

To access certain features of our service, you may need to create an account. The information we collect includes:

  • Username and email address
  • Password (stored as a secure hash)
  • IP address and device information (for security verification)

1.2 Service Usage Information

When you use our service, we collect:

  • Uploaded videos, audio, images, and other files (temporarily stored)
  • Service usage records and operation logs
  • Credit balance and transaction records
  • Communication content with customer support

1.3 Payment Information

All payments are securely processed by Paddle. We do not store your credit card or payment information. We only store:

  • Transaction records and order information
  • Subscription status and validity period
  • Information required for invoicing

2. Information Use

We use the collected information to:

  • Provide, maintain, and improve our services
  • Process transactions and manage your account
  • Send service notifications, billing information, and technical support
  • Prevent fraud and protect account security
  • Comply with legal and regulatory requirements
  • Analyze service usage to optimize user experience

Important Statement: We do not sell, rent, or otherwise share your personal information with third parties for marketing purposes.

3. Information Storage and Security

3.1 Storage Period

  • Account Information: Retained during your use of the service and for 6 months after account closure
  • Transaction Records: Retained for 7 years as required by tax regulations
  • Service Logs: Retained for 30 days for troubleshooting and security analysis
  • Uploaded Content: Automatically deleted within 24 hours after processing
  • Communication Records: Retained for 2 years for customer support purposes

3.2 Security Measures

We take the following measures to protect your information:

  • Use SSL/TLS to encrypt all data transmission
  • Store sensitive information with strong encryption
  • Implement strict access control and permission management
  • Conduct regular security audits and vulnerability scans
  • Establish data backup and disaster recovery mechanisms

4. Third-Party Services

4.1 Payment Processing

We use Paddle as our payment processor. Paddle will process your payment information, and their privacy policy applies to their data processing activities. Visit Paddle's Privacy Policy for more information.

4.2 AI Service Providers

Our service may use multiple third-party AI service providers to offer intelligent analysis, content generation, and processing capabilities. These providers process relevant data based on your requests, and we ensure that all selected providers meet strict data protection standards.

4.3 Cloud Storage Services

We use professional cloud storage services for temporary file storage. All files are encrypted and automatically deleted within the specified time to ensure your data security.

5. Your Rights

5.1 Right to Access

You have the right to request a copy of the personal information we hold about you.

5.2 Right to Rectification

If you find that the personal information we hold about you is inaccurate, you have the right to request that we correct it.

5.3 Right to Erasure

In certain circumstances, you have the right to request that we delete your personal information.

5.4 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format.

5.5 Right to Withdraw Consent

If you have authorized us to process your personal information based on consent, you have the right to withdraw your consent at any time.

6. Cookie Policy

We only use necessary cookies to:

  • Maintain your login session
  • Remember your preferences
  • Provide security protection

We do not use tracking cookies or advertising cookies. You can manage your cookie preferences through your browser settings.

7. International Data Transfers

As our service uses international AI service providers, your information may be transferred to countries or regions outside of where you reside. We ensure that all data transfers comply with applicable data protection laws and regulations.

8. Children's Privacy Protection

  • Our service is not directed to children under the age of 13
  • We do not knowingly collect personal information from children under 13
  • If we discover that we have collected children's personal information, we will delete it immediately

9. Data Breach Notification

In the event of a data breach that may affect the security of your personal information, we will:

  • Notify relevant regulatory authorities within the time frame required by law
  • Notify affected users within a reasonable time
  • Take necessary measures to mitigate potential harm

10. Policy Updates

  • We may update this privacy policy from time to time
  • Significant changes will be notified through website announcements or email
  • The updated policy will take effect upon publication
  • Continued use of the service indicates acceptance of the updated policy

11. Contact Us

If you have any questions, comments, or suggestions about this privacy policy, please contact us through:

Domain: creaa.ai | Privacy Email: privacy@creaa.ai