Privacy Policy

Last updated: May 24, 2026 · Effective: May 24, 2026

This Privacy Policy explains how tryugcai ("we", "us", "our") collects, uses, retains, and discloses personal information when you visit tryugcai.com or use our AI video generation service (the "Service"). By using the Service, you agree to this Policy. If you do not agree, do not use the Service.

1. Who we are (Data Controller)

tryugcai operates the Service. For the purposes of the EU/UK GDPR, the data controller is tryugcai. To exercise your rights or ask a privacy question, contact [email protected].

2. Information we collect

We collect only the information needed to operate the Service:

3. How we use your information

We use your information to:

4. Legal bases (GDPR / UK GDPR)

If you are in the EU/EEA or UK, we rely on the following bases:

5. Sharing your information

We do not sell your personal information. We do not share your information for cross-context behavioral advertising. We share information only with:

6. International data transfers

Your information is processed primarily in the United States and in regions selected by our cloud and AI sub-processors (see the sub-processor list for specifics). For transfers from the EEA, UK, or Switzerland we rely on the European Commission's Standard Contractual Clauses (2021/914/EU), the UK International Data Transfer Addendum, or the EU-US Data Privacy Framework where the recipient is certified. A copy of the relevant transfer mechanism is available on request to [email protected].

7. Retention

8. Your rights

Depending on your jurisdiction (EU/UK GDPR, California CCPA/CPRA, and similar) you have the following rights. We honor these requests free of charge unless they are manifestly unfounded or excessive:

To exercise any right, email [email protected] from the address associated with your account. We verify identity before responding.

California residents (CCPA/CPRA)

We do not "sell" or "share" personal information as those terms are defined under the CCPA/CPRA. The categories of personal information we collect are described in Section 2; the purposes in Section 3; the disclosures in Section 5. You have the right to know, delete, correct, and non-discrimination. We do not use sensitive personal information for purposes other than as permitted by law.

9. Cookies

We use a small number of first-party cookies, all strictly necessary or functional:

10. Security

We encrypt your data in transit (TLS 1.2+) and at rest (AES-256 on managed Postgres + S3). Passwords are stored as bcrypt hashes. We enforce rate limits and per-account lockout to deter credential stuffing. Administrative access requires SSO with multi-factor authentication. Vulnerability scans run on every dependency change; incident-response procedures are documented internally. Despite our best efforts, no Internet transmission is 100% secure — please choose a strong, unique password and notify us immediately if you suspect unauthorized account activity.

11. Children

The Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us information, contact [email protected] and we will delete it.

12. Changes to this Policy

We may update this Policy from time to time. Material changes will be notified by email and posted here at least 30 days before they take effect. Continued use after the effective date constitutes acceptance of the updated Policy.

13. Contact

Data Protection Officer / Privacy Contact: [email protected]
General support: [email protected]