Privacy Policy
Effective April 27, 2026
This policy summarizes the data SceneLock needs to run the product, protect provider keys, process payments, and support customer projects.
Data we collect
SceneLock stores account email, authentication sessions, project data, scripts, prompts, generated metadata, uploaded assets, render outputs, ledger events, and usage records needed to operate the service.
When you connect provider keys or OAuth accounts, SceneLock stores encrypted credentials and related status metadata so requested generation and publishing workflows can run.
How data is used
Data is used to authenticate users, enforce plan limits, prepare quotes, run provider workflows, store outputs, provide support, process billing, detect abuse, and improve reliability.
Payment details are handled by Stripe. SceneLock stores Stripe customer, subscription, price, and billing status identifiers, not raw card numbers.
Third-party processors
SceneLock may use infrastructure and service providers such as hosting, database, object storage, email, analytics, error tracking, payment, and AI generation providers.
When you bring provider keys, your project inputs and outputs may be sent to those providers according to the workflow you approve and the provider terms attached to your account.
Security and retention
Provider keys are encrypted at rest. Access to production systems is limited to operational needs, and admin actions should be auditable as the platform matures.
You can request account or project deletion through support. Some billing, security, abuse-prevention, and ledger records may be retained where required for business or legal reasons.