This Privacy Policy explains how Nieri Creative ("we," "us," or "our") collects, uses, and shares information when you visit our website, use our client portal, or engage our subscription video services (together, the "Services"). This page is maintained by Nieri Creative to answer common privacy questions about the Services.
1. Information we collect
Information you provide
- Account details such as your name, email address, and password (stored as a hash).
- Company and project information you submit through onboarding, briefs, and booking forms.
- Files you upload as source material (footage, audio, images, brand assets, documents).
- Messages, notes, revision requests, and other communications you send us through the portal or email.
- Billing details you submit to our payment processor to pay for a subscription.
Information collected automatically
- Basic device and usage data (browser type, IP address, pages visited, timestamps) used to run and secure the Services.
- Authentication events (sign-ins, sign-outs, password resets) used to keep your account safe.
2. How we use information
- Provide, operate, and improve the Services, including producing and delivering your video projects.
- Authenticate you, manage your account and subscription, and process payments.
- Communicate with you about projects, bookings, deliverables, revisions, billing, and support.
- Send service and account notifications (for example, when a deliverable is ready or a booking is confirmed).
- Detect, prevent, and address abuse, fraud, and security issues.
- Comply with legal obligations and enforce our Terms of Service.
3. Legal bases
Where applicable law requires a legal basis, we rely on: performance of a contract with you (delivering the Services), our legitimate interests (operating and securing the Services), your consent (where requested, such as optional marketing), and compliance with legal obligations.
4. Sharing and subprocessors
We do not sell your personal information. We share information only with providers that help us run the Services, and only as needed to perform their function:
- Lovable Cloud (Supabase) — application database, authentication, file storage, and serverless functions.
- Stripe — subscription checkout, payment method storage, and billing. Payment card details are handled by Stripe directly; we do not store full card numbers.
- Google — optional sign-in with Google (OAuth) and, when connected, Google Calendar sync for scheduling.
These providers process information on our behalf under their own security programs and privacy commitments. We may add or replace subprocessors from time to time; material changes will be reflected on this page.
5. Cookies and similar technologies
We use a small number of first-party cookies and browser storage entries that are necessary to keep you signed in, remember your session, and protect against abuse. We do not use third-party advertising cookies. Payment and authentication providers may set their own cookies when you interact with their flows.
6. Data retention
We retain account and project information for as long as your account is active and as needed to provide the Services. After account closure, we retain limited records (such as billing history and files needed to comply with tax, accounting, or legal obligations) for a reasonable period, then delete or anonymize them. Source footage and deliverables are kept while your subscription is active; you can request earlier deletion of specific files by contacting us.
7. Security
We use industry-standard technical and organizational measures to protect your information, including encrypted connections (HTTPS), access controls on the client portal, row-level authorization on the database, and private storage for project files accessible only to authorized users. No online service can be guaranteed 100% secure; we encourage you to use a strong, unique password and to notify us of suspected unauthorized access.
8. Your choices and rights
Depending on where you live, you may have rights to access, correct, delete, export, or restrict processing of your personal information, and to object to certain uses. You can manage most account information directly in the portal, or contact us using the details below to make a request. We will respond within the time required by applicable law.
9. International transfers
Our providers may process information in countries other than yours, including the United States. Where required, we rely on appropriate safeguards (such as standard contractual clauses) provided by those providers.
10. Children
The Services are intended for businesses and individuals aged 18 or older and are not directed to children under 13. We do not knowingly collect personal information from children under 13.
11. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be posted here with an updated "Last updated" date and, where appropriate, communicated through the portal or by email.
12. Contact
For privacy questions or requests, contact admin@niericreative.com.
