Privacy Policy

Effective Date
Last Updated

Overview

EasyChroma, operated by Cirrus Inc. ("we," "our," or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our video processing services at easychroma.com.

By using EasyChroma, you agree to the collection and use of information in accordance with this policy. If you do not agree with our practices, please discontinue use of our services.

Data We Collect

Account Information

When you create an account, we collect:

  • Name: Your full name for account identification and personalization
  • Email Address: For authentication, account recovery, and important service communications
  • Password: Securely hashed using industry-standard algorithms; never stored in plain text

Video Content

When you upload videos to our service, we process:

  • Video Files: The media files you upload for MIRAGE processing
  • Metadata: File names, upload timestamps, resolution, duration, codec information
  • Processing Data: Output files, processing logs, and quality metrics

Payment Information

Payment processing is handled securely by Stripe. We do not store complete credit card numbers on our servers. We retain:

  • Last 4 digits of card number (for your reference)
  • Card brand (Visa, Mastercard, etc.) and expiration date
  • Billing address
  • Transaction history and invoices

Usage Data

We automatically collect certain information when you access our service:

  • Log Data: IP address, browser type and version, access times, pages viewed
  • Device Information: Operating system, device type, screen resolution
  • Service Usage: Features accessed, processing jobs initiated, API calls made

How We Use Your Data

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our video processing services
  • Account Management: To create and manage your account, authenticate access, and provide customer support
  • Communication: To send service updates, security alerts, and respond to your inquiries
  • Billing: To process payments, send invoices, and manage subscriptions
  • Security: To detect, prevent, and address technical issues, fraud, and abuse
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

Third-Party Services

We use trusted third-party services to operate EasyChroma. These services may have access to your data as described below:

Google OAuth

If you choose to sign in with Google, we receive your name, email address, and profile picture from Google's authentication service. We use this information solely for account creation and authentication. Please review Google's Privacy Policy.

Stripe Payments

Payment processing is handled by Stripe, a PCI-DSS compliant payment processor. Your payment information is transmitted directly to Stripe's secure servers and is not stored on our systems. Review Stripe's Privacy Policy.

Cloud Infrastructure

We use industry-leading cloud providers to host our services and store your data. These providers maintain strict security standards and compliance certifications.

Data Retention

We retain your data for the following periods:

  • Account Data: Retained while your account is active, plus 30 days after deletion request
  • Video Files: Retained for 90 days after processing, then automatically deleted unless saved to your library
  • Processing Logs: Retained for 1 year for troubleshooting and service improvement
  • Payment Records: Retained for 7 years as required by tax and financial regulations
  • Usage Logs: Retained for 90 days for security and analytics purposes

You may request earlier deletion of your data by contacting us, subject to legal retention requirements.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access and Portability

You can request a copy of your personal data in a structured, machine-readable format.

Correction

You can update or correct inaccurate information through your account settings or by contacting us.

Deletion

You can request deletion of your personal data. Note that some data may be retained for legal compliance or legitimate business purposes.

Restriction and Objection

You can request that we restrict processing of your data or object to certain processing activities.

GDPR Rights (EU/EEA Users)

If you are in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

CCPA Rights (California Users)

California residents have the right to know what personal information is collected, request deletion, and opt-out of the sale of personal information. We do not sell your personal information.

Cookies & Local Storage

We use cookies and browser storage technologies to operate our service. All storage we use is classified as "strictly necessary" for the service to function.

What We Store

  • Authentication Cookies: Session tokens to keep you logged in securely
  • CSRF Tokens: Security tokens to protect against cross-site request forgery
  • Theme Preference: Your light/dark mode selection (localStorage)
  • UI Preferences: Sidebar state, view preferences (localStorage)
  • Feature Flags: Cached feature configuration (localStorage)

No Tracking Cookies

We do not use tracking cookies, advertising cookies, or third-party analytics services that track you across websites. Your privacy is important to us.

Security

We implement industry-standard security measures to protect your data:

  • All data transmitted over HTTPS/TLS encryption
  • Passwords hashed using bcrypt with appropriate cost factors
  • Regular security audits and penetration testing
  • Access controls and audit logging for internal systems
  • Video files encrypted at rest

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. Please use strong, unique passwords and enable multi-factor authentication when available.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with all service providers
  • Compliance with applicable data protection regulations

Children's Privacy

EasyChroma is not intended for children under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

For significant changes, we will provide additional notice, such as an email notification or a prominent notice within our service.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Email: [email protected]
Company: Cirrus Inc.

We will respond to your request within 30 days, or sooner as required by applicable law.