Last updated 2026-04-27
Pre-launch draft
This document is being reviewed by legal counsel before public launch and may change. Questions: legal@otthstudios.com
This Privacy Policy explains how Over The Top Hat Studios (“OTTH Studios,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you use ReFrame. We aim to be plain about what we do with data so you can make an informed decision about using the service.
When you create an account, we collect your email address and an authentication record managed by our auth provider. We do not collect your password directly; it is hashed and stored by the auth provider.
When you upload videos, images, or audio, we store those files temporarily so the service can process them. We refer to these as “source files.”
Processing source files produces transcripts, clip candidates, reframe metadata, suggested titles and descriptions, and similar derived outputs. We store these so you can review and export them.
We collect basic information about how the service is used, including page views, performance metrics, and error reports. This helps us find and fix problems and understand what is working.
We use the information described above to provide and operate the service, process your uploads, generate the outputs you request, communicate with you about your account and any support requests, monitor performance and reliability, investigate abuse or security incidents, and improve the service over time. We do not sell your personal information, and we do not use your User Content to train third-party general-purpose AI models outside the scope of providing the service to you.
ReFrame relies on a small set of third-party providers (“subprocessors”) to deliver the service. Each subprocessor receives only the data needed for its role.
We aim to keep this list current. If we add or remove a subprocessor, we will update this policy.
Source files are treated as ephemeral. Cleanup runs before each new upload batch and removes prior source files from storage. This is part of how the service is designed: we do not keep your raw uploads around longer than needed to produce the outputs you asked for.
Outputs (clips, reframed images, transcripts, generated metadata) persist in your account until you clear them manually. Account records persist until you delete your account.
Backups and operational logs may retain data for a short period after deletion as part of normal service operation. We aim to purge data from those secondary copies within thirty days.
You can access and review your data inside the service. You can correct your account email through account settings. You can delete individual outputs from the library, and you can request account deletion by contacting legal@otthstudios.com. Account deletion removes your account record and outputs from primary systems; backups and operational logs are purged on the schedule described above.
You can request a copy of the data associated with your account by emailing the address above. We aim to respond to requests within thirty days. Self-serve export tooling is on the roadmap.
We use Supabase row-level security (RLS) to scope database and storage access to the account that owns the relevant rows and files. Access to private storage is granted through short-lived signed URLs. Data is encrypted in transit using HTTPS. We aim to follow industry-standard practices for secret handling and dependency hygiene. No service can promise perfect security; we encourage you to use a strong, unique password and to notify us immediately if you suspect compromise of your account.
ReFrame uses cookies and browser local storage for two main purposes:
We do not use third-party advertising cookies. Vercel Analytics uses privacy-respecting measurement that does not rely on cross-site tracking.
ReFrame uses machine learning models to suggest clip boundaries, generate transcripts, propose titles and descriptions, and recommend reframing. These outputs are suggestions. They can be inaccurate, miss context, or misinterpret content. You should review outputs before publishing them, and you remain responsible for what you choose to use. Outputs are not professional advice of any kind.
Transcripts and other text-based context derived from your uploads are sent to our AI subprocessors (AssemblyAI and Anthropic) only for the purpose of producing the requested output. We do not use your User Content to train external general-purpose AI models, and we have configured these subprocessors with that constraint where their products offer the option.
In addition to the rights described in section 5, you can limit what data is collected by:
We aim to honor data requests for any user, regardless of location, on the timeline described in section 5. State and country-specific privacy rights frameworks (such as the California Consumer Privacy Act and the EU General Data Protection Regulation) may give residents of those jurisdictions additional rights. We will work in good faith to honor valid requests under those frameworks; we do not currently certify compliance with any specific framework and will update this section as our compliance posture matures.
ReFrame is not intended for children under the age of 13, and we do not knowingly collect information from children under 13. If you believe a child under 13 has created an account, contact legal@otthstudios.com and we will remove the account.
ReFrame is operated from the United States, and all data is stored on infrastructure located in the United States. If you access the service from outside the United States, you understand and consent to the transfer of your information to the United States, where data protection laws may differ from those of your country.
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above. For material changes, we will provide notice through the service or by email before the changes take effect.
Privacy questions, data requests, and account deletion requests can be sent to legal@otthstudios.com.