Loading...
Phở Studio

Privacy Policy

Last updated: February 2, 2026

At Phở Video, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI video generation platform.

We are committed to complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Information We Collect

1.1 Information You Provide

  • Account Information: Email address, name, password (hashed), and profile picture when you sign up via Clerk authentication.
  • Payment Information: Billing address and payment method details processed through our payment provider (Polar). We do not store your full credit card number.
  • User Content: Prompts, uploaded images, and generated videos/images you create using our Service.
  • Communications: Messages you send to our support team.

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, generation history, and interaction patterns.
  • Device Information: Browser type, operating system, device identifiers, and IP address.
  • Cookies: We use essential cookies for authentication and optional analytics cookies (with your consent).

2. How We Use Your Information

  • Provide the Service: Process your prompts, generate AI content, and deliver features you request.
  • Account Management: Create and manage your account, process payments, and manage subscriptions.
  • Service Improvement: Analyze usage patterns to improve our AI models and user experience (aggregated, anonymized data).
  • Communication: Send transactional emails, service updates, and (with your consent) marketing communications.
  • Security: Detect and prevent fraud, abuse, and policy violations.
  • Legal Compliance: Comply with applicable laws and respond to legal requests.

3. Information Sharing

We do NOT sell your personal information. We may share information with:

  • Service Providers: Third-party vendors who assist in operating our Service:
    • Clerk (Authentication)
    • Polar (Payments)
    • Fal.AI, WaveSpeedAI (AI model providers)
    • Vercel (Hosting)
    • Supabase/Neon (Database)
  • Legal Requirements: When required by law, subpoena, or government request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • With Your Consent: When you explicitly authorize us to share information.

4. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (HTTPS/TLS) and at rest
  • Secure authentication via Clerk with multi-factor authentication options
  • Regular security audits and vulnerability assessments
  • Access controls limiting employee access to personal data

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

5. Data Retention

  • Account Data: Retained while your account is active. Deleted within 30 days of account deletion request.
  • Generated Content: Stored for your access until you delete it or close your account.
  • Usage Logs: Retained for up to 12 months for analytics and security purposes.
  • Payment Records: Retained as required by tax and accounting laws (typically 7 years).

6. Your Rights

🇪🇺 For EU/EEA Residents (GDPR)

  • • Right to Access: Request a copy of your personal data
  • • Right to Rectification: Correct inaccurate personal data
  • • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • • Right to Data Portability: Receive your data in a machine-readable format
  • • Right to Object: Object to processing for direct marketing
  • • Right to Restrict Processing: Limit how we use your data

🇺🇸 For California Residents (CCPA)

  • • Right to Know: What personal information we collect and how we use it
  • • Right to Delete: Request deletion of your personal information
  • • Right to Opt-Out: We do not sell personal information
  • • Right to Non-Discrimination: Equal service regardless of privacy choices

To exercise any of these rights, please contact us at privacy@pho.video. We will respond within 30 days.

7. Cookies & Tracking

We use the following types of cookies:

TypePurposeRequired
EssentialAuthentication, session managementYes
AnalyticsUsage patterns, feature engagementOptional
PreferencesLanguage, theme settingsOptional

You can control non-essential cookies through your browser settings or our cookie consent banner.

8. International Transfers

Your information may be transferred to and processed in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses for EU data transfers.

9. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a notice on our Service. Your continued use after changes take effect constitutes acceptance.

Contact Our Privacy Team

For privacy-related inquiries, data requests, or concerns:

privacy@pho.video

Data Protection Officer available for EU inquiries.