Privacy Policy
Last updated: January 20, 2025
Custom One LLC ("Custom One," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (collectively, the "Service").
Please read this Privacy Policy carefully. By using the Service, you acknowledge that you have read and understood this Privacy Policy.
1. Information We Collect
Information You Provide
We collect information you voluntarily provide when using our Service:
- Account Information: Name, email address, and password when you create an account
- Payment Information: Billing details processed securely through Stripe (we do not store your full credit card number)
- Profile Information: Company name, job title, and other details you choose to provide
- User Content: Videos, images, scripts, audio recordings, and other content you upload or create using the Service
- Communications: Messages, feedback, and support requests you send to us
Information Collected Automatically
When you use our Service, we automatically collect certain information:
- Usage Data: Pages visited, features used, actions taken, and time spent on the Service
- Device Information: Device type, operating system, browser type, and unique device identifiers
- Log Data: IP address, access times, and referring website addresses
- Cookies and Similar Technologies: Information collected through cookies, pixels, and similar tracking technologies
Information from Third Parties
We may receive information about you from third parties, including:
- Integration partners when you connect third-party services to your account
- Payment processors regarding transaction status
- Analytics providers about your use of the Service
2. Use of Artificial Intelligence
Our Service uses artificial intelligence (AI) and machine learning technologies to provide personalized video content. Specifically:
- Video Personalization: We use AI to generate and customize video content based on your inputs, templates, and data you provide
- Content Processing: AI may be used to process, analyze, and enhance video and audio content
- Automated Decisions: The Service makes automated decisions about video generation and content customization based on the parameters you set
You are responsible for ensuring that your use of AI-generated content complies with applicable laws and regulations, including any disclosure requirements.
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:
| Purpose | Legal Basis |
|---|---|
| Providing the Service and managing your account | Performance of contract |
| Processing payments | Performance of contract |
| Sending transactional communications | Performance of contract |
| Improving and optimizing the Service | Legitimate interests |
| Analytics and usage analysis | Legitimate interests |
| Preventing fraud and ensuring security | Legitimate interests |
| Marketing communications | Consent |
| Compliance with legal obligations | Legal obligation |
4. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Process transactions and send related information
- Create and manage your account
- Generate personalized video content using AI
- Send you technical notices, updates, and support messages
- Respond to your comments, questions, and requests
- Monitor and analyze trends, usage, and activities
- Detect, prevent, and address technical issues and fraud
- Personalize and improve your experience
- Send promotional communications (with your consent where required)
- Comply with legal obligations
5. How We Share Your Information
We may share your information in the following circumstances:
Service Providers
We share information with third-party vendors who perform services on our behalf:
- Stripe: Payment processing (Privacy Policy)
- Google Analytics: Website analytics and usage tracking (Privacy Policy)
- Cloud hosting providers: Data storage and infrastructure (AWS, Google Cloud, or similar)
- Email service providers: Communication delivery
- AI service providers: Video generation and content processing
Business Transfers
If Custom One is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
Legal Requirements
We may disclose your information if required by law, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
With Your Consent
We may share your information with third parties when you have given us your consent to do so.
We do not sell your personal information to third parties.
6. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect and track information about your activity on our Service:
| Type | Purpose | Examples |
|---|---|---|
| Essential Cookies | Required for the Service to function (authentication, security) | Session cookies, CSRF tokens |
| Analytics Cookies | Help us understand how visitors interact with the Service | Google Analytics |
| Functional Cookies | Remember your preferences and settings | Language preferences, UI settings |
| Marketing Cookies | Track visitors across websites for advertising | Facebook Pixel, Google Ads |
You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service. For Google Analytics, you can opt out using the Google Analytics Opt-out Browser Add-on.
7. Data Retention
We retain your information for as long as your account is active or as needed to provide you the Service. Specific retention periods include:
- Account data: Retained while your account is active and for 90 days after deletion
- User Content: Retained while your account is active and for 30 days after account termination
- Payment records: Retained for 7 years for tax and legal compliance
- Log data: Retained for up to 12 months
We may retain certain information longer as required by law or for legitimate business purposes such as resolving disputes, enforcing agreements, or preventing fraud.
8. Data Security
We implement appropriate technical and organizational measures to protect your information, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure authentication mechanisms
- Regular security assessments and penetration testing
- Access controls limiting employee access to personal data on a need-to-know basis
- Security incident response procedures
However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.
9. Your Rights and Choices
All Users
- Access: You can access and download your personal information through your account settings or by contacting us
- Correction: You can update your account information at any time through your account settings
- Deletion: You can request deletion of your account and personal information
- Marketing Opt-out: You can opt out of marketing emails by clicking "unsubscribe" or adjusting your account settings
Do Not Track
Some browsers have a "Do Not Track" feature. Our Service does not currently respond to Do Not Track signals.
10. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following additional rights:
- Right of Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restrict Processing: Request that we limit how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or for direct marketing
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
- Right to Lodge a Complaint: File a complaint with your local data protection authority
To exercise these rights, contact us at hello@custom.one. We will respond within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.
11. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know: Request information about the categories and specific pieces of personal information we have collected, used, disclosed, or sold
- Right to Delete: Request deletion of your personal information, subject to certain exceptions
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising
- Right to Limit Use of Sensitive Personal Information: If applicable, limit the use of sensitive personal information
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
To exercise these rights, contact us at hello@custom.one. We will verify your identity before processing your request.
12. International Data Transfers
Custom One is based in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States.
For transfers of personal data from the EEA, UK, or Switzerland to the United States, we rely on:
- Standard Contractual Clauses (SCCs): EU Commission-approved contractual clauses that provide appropriate safeguards for data transfers
- Data Processing Agreements: Contracts with our service providers that include appropriate data protection terms
By using the Service, you acknowledge that your data will be processed in the United States, which may have different data protection laws than your country of residence.
13. Data Processing Agreement
For customers who require a Data Processing Agreement (DPA) for GDPR compliance or other regulatory requirements, we offer a standard DPA upon request. Enterprise customers may also request custom data processing terms. Contact us at hello@custom.one to request a DPA.
14. Children's Privacy
The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe we have collected information from a child, please contact us immediately.
15. Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on our website
- Updating the "Last updated" date
- Sending an email notification for significant changes (where required)
Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy. We encourage you to review this Privacy Policy periodically.
17. Contact Us
If you have any questions about this Privacy Policy, our privacy practices, or wish to exercise your privacy rights, please contact us at:
Custom One LLC
Email: hello@custom.one
Website: custom.one
Mailing address available upon written request.
For GDPR-related inquiries, you may also contact your local data protection authority.