Privacy Policy

We collect the following categories:

• Account information— email, name (first and last), phone number, mailing address, and any optional fields you choose to provide on your account page. Required at signup; you can update or remove most fields later.
• Authentication data— password hash (if you set a password), 2FA seed and backup-code hashes (if enabled), and session identifiers needed to keep you signed in. We never store plaintext passwords.
• Billing information— subscription tier, billing history, and the Stripe customer identifier associated with your account. Payment card numbers are entered directly into Stripe and never touch Sliver servers.
• User Content— the audio, video, transcripts, edit decision lists, and other materials you upload or generate using the Service.
• Usage and device information— IP address, browser/user-agent, pages visited, features used, error logs, and similar diagnostics needed to operate the Service and prevent abuse. We do not currently use third-party advertising or behavioral-tracking cookies.
• Marketing preferences— whether you have opted in to email and/or SMS marketing communications, captured at signup and editable from your account page.

• Provide, maintain, and improve the Service (account creation, authentication, sign-in, billing, rendering, AI clip selection and refinement).
• Process payments and send transactional communications related to your account (receipts, renewal notices, security alerts, service-status updates).
• Send marketing communications by email and SMS if you have not opted out. We use first-party email and SMS providers; we do not sell or share contact data with third-party advertisers.
• Detect and prevent abuse, fraud, and security incidents.
• Comply with legal obligations and respond to lawful requests.
• Aggregate or de-identify data for analytics about how the Service is used in general. Aggregated data does not identify you.

We rely on the following processors to operate the Service. They access information only as needed to perform their function and are contractually required to safeguard it.

• Supabase— database, authentication, and storage. Hosts profile records, authentication identities, and project metadata.
• Stripe— payment processing, customer and subscription records. Stores card data on PCI-compliant infrastructure.
• Resend— transactional and marketing email delivery, using SMTP from a Sliver-owned sending domain.
• Anthropic— AI inference (Claude family of models) for clip selection, transcript analysis, and prompt-based refinement. We submit transcripts and prompt context; outputs are returned to you and discarded server-side once stored in your project.
• OpenAI Whisper (self-hosted or hosted variants) — speech-to-text transcription of uploaded audio.
• Cloud hosting / storage— the production host (e.g., Vercel, Fly.io, or successor) plus content-storage providers (e.g., Cloudflare R2) used for source files and rendered outputs.

We do not sell personal information to third parties. We do not share personal information with third-party advertisers.

If you provide a phone number and opt in to marketing SMS, you consent to receive recurring marketing text messages from Sliver at that number, sent using an automatic dialing system. Consent is not a condition of any purchase. Message and data rates may apply. Message frequency varies. Reply STOP to cancel. Reply HELP for help. You can also opt out at any time from Account → Preferences.

Transactional messages (security alerts, billing notices, account confirmations) may still be sent after you opt out of marketing SMS, as they are required to operate the Service.

We use first-party cookies that are necessary to operate the Service, including the signed authentication cookie that keeps you logged in. We do not use third-party advertising cookies and we do not embed third-party tracking pixels in transactional emails.

Your browser controls (cookie blocking, private browsing) work normally. Blocking the authentication cookie will sign you out; blocking other functional cookies may degrade specific features.

We retain account information for as long as your account is active. After you delete your account, we retain a minimum footprint (subscription history, audit logs, anti-abuse signals) for as long as required by applicable law or to enforce our agreements, then delete or de-identify the rest.

User Content may be deleted any time from the editor. We may retain backup copies for a reasonable period after deletion; backups are encrypted and purged on rotation.

We use industry-standard technical and organizational measures to protect your information: HTTPS in transit, encryption at rest for credentials and content storage, scoped service-role keys server-side, RLS on tenant data, signed cookies with short-lived sessions, and 2FA available to all accounts. No system is perfectly secure; we promptly investigate and notify affected users in the event of a verified incident as required by law.

Depending on where you live, you may have rights to access, correct, delete, or port your personal information; to opt out of certain uses; and to lodge a complaint with a supervisory authority. To exercise these rights, contact privacy@sliver.video. We respond to verified requests within the time period required by applicable law.

California residentshave rights under the California Consumer Privacy Act, including the right to know, the right to delete, the right to correct, and the right to opt out of “sales” or “sharing” of personal information (we do neither). To exercise these rights, use the email address above.

EU/UK residents— we process personal information on the lawful bases of contract performance (account, billing), legitimate interest (security, product improvement), and consent (marketing communications, non-essential analytics). You may withdraw consent for the consent-based bases at any time without affecting the lawfulness of prior processing.

The Service is not intended for, and we do not knowingly collect information from, children under 13 (or the equivalent minimum age in the relevant jurisdiction). If you believe a child has provided us with personal information, contact privacy@sliver.video and we will delete it.

Sliver is based in the United States and our processors are located in the U.S. and other regions. If you access the Service from outside the U.S., you understand that your information is processed in the U.S. and may be transferred to jurisdictions that may not have data-protection laws as comprehensive as those in your country. Where required, we use appropriate transfer mechanisms (e.g., Standard Contractual Clauses).

We may update this Privacy Policy from time to time. Material changes will be announced by email or in-product notice and reflected in the version number above. Continued use of the Service after the effective date constitutes acceptance.

Privacy questions or rights requests: privacy@sliver.video. Security disclosures: security@sliver.video. Mailing address: Sliver, Inc., California (street address to be added).