popcraftBack to App

Privacy Policy

Last updated: April 7, 2026

popcraft ("we", "our", or "us") operates the popcraft.ai website and the popcraft Chrome Extension. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and profile picture (if you sign in with Google or Discord). If you sign up with email, we collect your email and a hashed password.

Usage Data

We automatically collect information about how you interact with our service, including pages visited, features used, generation history, and device/browser information.

Content You Create

We store the content you create using our service, including images, videos, audio files, and associated metadata such as prompts and settings.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card details. Stripe may collect payment information in accordance with their privacy policy.

Chrome Extension Data

Our Chrome Extension extracts publicly visible product information (name, description, images, category) from e-commerce product pages you visit. This data is sent to our servers only when you explicitly click "Make Video". The extension does not track your browsing history, collect personal data, or run in the background.

2. How We Use Your Information

  • To provide, maintain, and improve our services
  • To process your AI content generations (image, video, audio)
  • To manage your account and subscriptions
  • To send you verification emails and password reset links
  • To respond to your support requests
  • To detect and prevent fraud or abuse
  • To comply with legal obligations

3. Third-Party Services

We use the following third-party services to operate popcraft:

  • Google Cloud — hosting, storage (Google Cloud Storage), and AI services (Gemini)
  • MongoDB — database storage
  • Stripe — payment processing and subscription management
  • Resend — transactional email (OTP verification, password reset)
  • NextAuth — authentication (Google OAuth, Discord OAuth)

Each third-party service has its own privacy policy governing how they handle your data.

4. Data Storage and Security

Your data is stored on Google Cloud infrastructure. We use industry-standard security measures including encryption in transit (HTTPS/TLS), encrypted database connections, and secure authentication (JWT tokens, hashed passwords).

5. Data Retention

We retain your account data and generated content for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or legitimate business purposes.

6. Cookies

We use essential cookies for authentication (session tokens) and locale preferences. We do not use advertising or tracking cookies.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Export your generated content
  • Withdraw consent for data processing

To exercise these rights, contact us at support@popcraft.ai.

8. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at support@popcraft.ai.