Privacy Policy

Last updated: 31 May 2026

1. Information We Collect

When you create an AIVE ONE Beta account, we collect your email address and display name. We also collect basic usage data such as feature usage frequency, session duration, and crash reports to improve the product. Device information including operating system version and hardware class may be collected for compatibility purposes. We do not collect biometric data, and we never sell your personal information to third parties.

Data Collection Summary

Data Category Examples Purpose Legal Basis (DPDP Act)
Account Data Email, display name, username Account creation, authentication Consent / Contract
Usage Data Feature usage, session duration, crash logs Product improvement, stability Legitimate Use
Device Data OS version, hardware class, screen resolution Compatibility, optimisation Legitimate Use
Payment Data Transaction ID, plan type (handled by Razorpay) Billing, subscription management Contract
AI Interaction Data Command Bar queries, timeline context summaries AI feature delivery Consent (opt-in)
Voice / Call Data Audio recordings, transcriptions Transcription features Explicit Consent

2. How We Use Your Information

Your information is used for account management, authentication, and delivering the AIVE ONE Beta service. We use aggregated, anonymized usage data to improve product performance and develop new features. If you opt in to AI model training, anonymized editing patterns may be used to improve our AI suggestions. This is strictly opt-in and can be disabled at any time from your account settings.

3. Data Storage & Security

All user data is encrypted at rest using AES-256 and in transit using TLS 1.3. Our primary data infrastructure is hosted in India to comply with Indian data residency requirements. We implement industry-standard security practices including regular audits, access controls, and intrusion detection. Cloud render jobs and exported files are stored temporarily and purged after delivery.

Data Retention Schedule

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by applicable law (including the DPDP Act 2023). Below is our data retention schedule:

Data Type Retention Period After Expiry
Account data (email, name, username) Duration of account + 30 days Permanently deleted
Usage and analytics data 24 months (rolling) Anonymised or deleted
Cloud render outputs 7 days after delivery Permanently purged
Voice / call recordings 30 days from call date Permanently deleted
Payment and billing records 7 years (Indian tax law) Permanently deleted
Support tickets and correspondence 3 years from resolution Permanently deleted

You may request early deletion of your personal data at any time by contacting privacy@aive.one, subject to any legal retention obligations.

4. Third-Party Services

We integrate with the following third-party services to deliver AIVE ONE Beta:

  • Razorpay — Payment processing. Your payment information is handled directly by Razorpay under their own privacy policy.
  • Anthropic (Claude API) — Natural-language command parsing. When you use the AI Command Bar, your text query and a brief timeline context summary may be sent to Anthropic's API for intent classification. No media files, project data, or personal information beyond the query text is transmitted. You may disable cloud-assisted parsing in Settings > AI > Privacy.
  • YouTube Data API v3 — Channel reference and style analysis. When you use the Channel Learner feature, public channel metadata and video statistics are retrieved via the YouTube Data API. This data is processed in accordance with YouTube's Terms of Service and Google's Privacy Policy. No YouTube account credentials are stored.
  • Deepgram, Inc. (United States) — Audio transcription. If you enable call transcription in the Chat feature and your administrator has configured Deepgram as the transcription provider, audio from calls you participate in may be transmitted to Deepgram's API for speech-to-text conversion. Transcription is an opt-in feature and requires explicit consent as described in Section 6. Deepgram's data processing is governed by their privacy policy and AIVE's data processing agreement with Deepgram.
  • OpenAI, LLC (United States) — Audio transcription (Whisper API). If your administrator has configured OpenAI Whisper as the transcription provider, audio from calls may be transmitted to OpenAI's API for speech-to-text conversion. The same opt-in consent requirement applies. OpenAI's data processing is governed by their privacy policy and AIVE's data processing agreement with OpenAI.
  • Google LLC (United States) — WebRTC STUN — When you participate in a voice or video call through AIVE ONE Beta's Chat feature, your device may connect to Google's public STUN servers (stun.l.google.com) to discover its public IP address for peer-to-peer media routing. Only your device's public IP address and UDP port are exposed to the STUN server during this NAT traversal process; no call content or personal data is transmitted to Google. AIVE may replace this with a self-hosted STUN server in future. You may configure an alternative STUN server in your workspace admin settings if required by your organization's policy.

We do not integrate with advertising networks, and we do not share your data with any ad-tech providers. Analytics data is processed internally and is never sold or shared with third parties.

5. Your Rights

Under the Digital Personal Data Protection Act, 2023 (India), GDPR (EU/EEA), and other applicable data protection laws, you have the following rights regarding your personal data:

  • Right to Access — Request a copy of all personal data we hold about you, including processing activities and data categories, in a structured and readable format.
  • Right to Correction — Request correction of any inaccurate, incomplete, or misleading personal data. We will process correction requests within 15 business days.
  • Right to Deletion (Erasure) — Request permanent deletion of your personal data when it is no longer necessary for the purposes for which it was collected. Upon deletion, your data is irrecoverably removed from all active systems within 30 days and from backups within 90 days.
  • Right to Data Portability — Export your data in a commonly used, machine-readable format (JSON or CSV) from your account settings at any time, at no cost.
  • Right to Withdraw Consent — Withdraw consent for any optional data processing (such as AI model training, cloud-assisted features, or call transcription) at any time via Settings without affecting the core service.
  • Right to Restrict Processing — Request restriction of processing your personal data while a dispute or correction request is pending.
  • Right to Grievance Redressal — If you are not satisfied with our handling of your data rights request, you may escalate to the Data Protection Board of India or your local supervisory authority.

To exercise any of these rights, contact us at privacy@aive.one or use the self-service controls in your account dashboard. We will acknowledge your request within 48 hours and fulfil it within 30 days.

6. AI & Learning Data

AIVE ONE Beta uses a local-first AI architecture. The majority of AI features — including shot detection, pacing analysis, quality scoring, and editing suggestions — process your data entirely on your device. No project media is ever uploaded without your explicit action.

Certain features involve cloud-assisted processing: (a) the AI Command Bar may send natural-language queries to Anthropic's Claude API for intent parsing (see Section 4), and (b) cloud render jobs process timeline data on our servers. These features require your explicit opt-in or action.

Automated decision-making: AIVE ONE Beta uses AI to generate editing suggestions, quality scores, and pacing recommendations. These are advisory only — no automated decisions are made that produce legal or similarly significant effects. You always retain full control over all editing actions.

AI model training on user data is strictly opt-in. If you opt in, only aggregated and anonymized editing patterns are used — never raw media, project files, or personally identifiable information. You may withdraw consent at any time in Settings > AI > Privacy.

Call Recording & Transcription: The AIVE ONE Beta Chat feature may support audio/video call recording and automatic transcription where enabled by your administrator. Recording and transcription are opt-in features. Before any recording or transcription begins, all call participants will receive an in-app notice and must provide explicit consent. You may revoke consent and end your participation in a recorded call at any time.

Biometric & Voice Data (GDPR Art. 9 / BIPA): Voice recordings processed for transcription may constitute biometric data or special-category data under applicable law, including GDPR Article 9 (EU/EEA) and the Illinois Biometric Information Privacy Act (BIPA). AIVE processes this data only where you have given explicit, freely withdrawable consent (GDPR Art. 6(1)(a) and Art. 9(2)(a)). If you are subject to BIPA or analogous state law, AIVE will provide required written notice of the purpose, duration, and storage period of any biometric data before collection. Voice/biometric data collected for transcription is retained for 30 days from the date of the call, after which it is permanently deleted. You may request early deletion at any time from your account settings or by contacting privacy@aive.one.

7. Cookie Policy

We use minimal, session-only cookies required for authentication and basic site functionality. We do not use tracking cookies, third-party advertising cookies, or cross-site tracking mechanisms. No cookie consent banner is necessary as we only use strictly essential cookies.

Cookies We Use

Cookie Name Type Duration Purpose
aive_session Essential Session / 30 days Authentication session management
aive_csrf Essential Session Cross-site request forgery protection
aive_locale Functional 1 year Language and locale preference

We do not use any analytics cookies, advertising cookies, or social media tracking pixels. Local storage (localStorage and sessionStorage) is used to store your authentication token and UI preferences on your device only.

8. Children's Privacy

AIVE ONE Beta is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children. If we become aware that a user is under 13, we will promptly delete their account and associated data. If you believe a child has provided us with personal information, please contact us at privacy@aive.one.

9. AI Transparency (EU AI Act)

In accordance with EU Regulation 2024/1689 (the AI Act), we disclose the following about AIVE ONE Beta's AI systems:

  • AI-generated content: Editing suggestions, pacing recommendations, quality scores, caption drafts, music direction, and other AI outputs within AIVE ONE Beta are generated by artificial intelligence. These outputs are always presented as suggestions and clearly labeled in the interface. No AI output is applied without your explicit action.
  • On-device AI: Shot detection, scene analysis, audio level analysis, color matching, and pacing analysis run locally on your device using platform frameworks (Apple Vision, Core ML). These do not transmit data externally.
  • Cloud AI: The AI Command Bar uses Anthropic's Claude API for natural-language command interpretation. Only your text query and a brief timeline context summary are transmitted. You may disable this in Settings > AI > Privacy.
  • No high-risk AI: AIVE ONE Beta does not employ AI systems classified as high-risk under Annex III of the AI Act. All AI features are advisory editing tools under the limited-risk transparency category.

For questions about our AI systems, contact privacy@aive.one.

10. International Data Transfers

AIVE ONE Beta's primary infrastructure is located in India. When you use certain features, limited data may be transferred internationally:

  • Anthropic (United States) — Text queries from the AI Command Bar are processed by Anthropic's API infrastructure in the United States. Only query text and brief context metadata are transmitted; no media files or project data leave your device.
  • Razorpay (India) — Payment processing is handled by Razorpay's infrastructure. Payment data flows directly between your browser and Razorpay and is subject to Razorpay's privacy policy.
  • YouTube Data API (United States) — Public channel metadata retrieved via Google's API infrastructure for the Channel Learner feature.
  • Deepgram, Inc. (United States) — Audio transcription data for call recording features, where enabled and with explicit consent. Transfer relies on Standard Contractual Clauses.
  • OpenAI, LLC (United States) — Audio transcription data via Whisper API, where enabled and with explicit consent. Transfer relies on Standard Contractual Clauses.
  • Google LLC (United States) — STUN — Your device's public IP address is transiently exposed to Google's STUN servers during WebRTC call setup. No call content is transferred. This is a direct device-to-STUN-server connection; AIVE's servers do not participate in this data flow.

For transfers from the European Economic Area, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism under GDPR Chapter V. You may request a copy of applicable SCCs by contacting privacy@aive.one.

11. Data Principal Rights (DPDP Act 2023)

In accordance with the Digital Personal Data Protection Act, 2023 (India), you — as a Data Principal — have the following rights:

  • Right to Access — You have the right to obtain a summary of your personal data being processed by AIVE and the processing activities undertaken with respect to such data.
  • Right to Correction and Erasure — You have the right to request correction of inaccurate or misleading personal data, completion of incomplete personal data, updating of personal data, and erasure of personal data that is no longer necessary for the purpose for which it was collected.
  • Right to Grievance Redressal — You have the right to register a grievance with our Data Protection Officer. We will acknowledge your grievance within 48 hours and resolve it within 30 days. If you are not satisfied with the resolution, you may file a complaint with the Data Protection Board of India.
  • Right to Nominate — You have the right to nominate any individual who shall, in the event of your death or incapacity, exercise your rights as a Data Principal in accordance with applicable law.

To exercise any of these rights, contact our Data Protection Officer:

Data Protection Officer
AIVE ONE LLP
New Delhi, India
Email: privacy@aive.one

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will provide at least 30 days' notice via email or an in-app notification before the changes take effect. Continued use of AIVE ONE Beta after the effective date constitutes acceptance of the updated policy.

13. Contact

If you have any questions about this Privacy Policy or your personal data, contact our privacy team at privacy@aive.one.