Privacy Policy

Last Updated: January 2026

1. Introduction

Vidtreo LLC ("Vidtreo," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our video recording platform and services.

This Privacy Policy applies to our website at vidtreo.com, our dashboard at dashboard.vidtreo.com, our APIs and SDKs, our documentation at docs.vidtreo.com, and any other services we provide.

2. Our Role in Data Processing

2.1 Dual Role Notice

Vidtreo operates in two distinct roles depending on the context:

Data Controller

When you create an account, visit our website, or interact with us directly. We determine the purposes and means of processing your personal data.

Data Processor

When Customers use our SDK to record video from their End Users. We process data on behalf of our Customers according to their instructions.

2.2 For End Users

If you are an End User interacting with a Vidtreo-powered recording feature within a third-party application, the Customer (the business operating that application) is the Data Controller for your data. Please refer to their privacy policy.

3. Information We Collect

3.1 Information You Provide Directly

  • Name and email address
  • Company or organization name
  • Password (stored securely hashed)
  • Billing address and payment information (processed via Stripe)
  • Support tickets, emails, and feedback

3.2 Information Collected Automatically

  • API calls and usage metrics
  • Video recording statistics (count, duration, quality)
  • IP address and approximate location
  • Browser type, operating system, device information

3.3 Video Content Data

When Customers use our SDK, we process video recordings as instructed by the Customer. We generate technical metadata (duration, resolution, file size). We do NOT access or view the content of video recordings. Video Content is owned and controlled by the Customer.

4. How We Use Your Information

To Provide Services

  • Create and manage your account
  • Process video recordings
  • Process payments and send invoices
  • Provide customer support

For Security

  • Detect and prevent fraud
  • Protect against security threats
  • Enforce our Terms of Service
  • Comply with legal obligations

5. How We Share Information

We share information with third-party providers who perform services on our behalf:

Provider Purpose
Stripe Payment processing
Cloudflare Infrastructure and content delivery
Resend Email delivery

What We Do NOT Do:

  • We do NOT sell your personal information
  • We do NOT share data with third parties for their marketing
  • We do NOT access the content of video recordings

6. Data Security

Technical Safeguards

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Secure API authentication
  • Regular security assessments

Organizational Safeguards

  • Access controls and authentication
  • Employee training on data protection
  • Incident response procedures
  • Regular security audits

7. Data Retention

Data Type Retention Period
Account Information Duration of account + 30 days after deletion
Video Content Until deleted by Customer or account termination
Usage Logs 90 days
Payment Records 7 years (legal requirement)

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data (subject to legal retention requirements)
  • Export your data in a portable format
  • Withdraw consent where processing is based on consent

Additional Rights for EEA/UK Users (GDPR)

  • Right to restrict processing
  • Right to object to processing based on legitimate interests
  • Right to lodge a complaint with a supervisory authority

California Privacy Rights (CCPA/CPRA)

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising privacy rights

9. International Data Transfers

Your data may be processed in the United States (primary infrastructure) and our globally distributed edge network.

For transfers from the EEA/UK to countries without adequate data protection, we rely on Standard Contractual Clauses (SCCs).

10. Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website, sending an email to registered users, and displaying a notice in the dashboard.

12. Contact Us

Vidtreo LLC

privacy@vidtreo.com

Data Protection Officer (for EEA/UK inquiries): dpo@vidtreo.com

We will respond to your request within 30 days (or as required by applicable law).