Privacy Policy

This Privacy Policy explains how Ceptory collects, uses, stores, and discloses personal information in connection with its websites, account access flows, demos, APIs, and enterprise video intelligence services.

The exact processing relationship for production customers may also be governed by a data processing agreement, security addendum, or master services agreement where applicable.

Ceptory may collect account and identity information such as name, work email address, organization details, login metadata, and account verification status.

We may also collect service usage information such as audit logs, device or browser metadata, IP-derived session information, support communications, and operational telemetry necessary to maintain service performance and security.

We use personal information to provide and secure the service, authenticate users, send transactional emails such as verification and password reset messages, respond to support requests, improve product performance, and meet legal or contractual obligations.

We may also use limited administrative and usage information to investigate abuse, enforce platform rules, troubleshoot incidents, and maintain enterprise-grade auditability.

Where Ceptory processes video, transcripts, prompts, or related materials on behalf of an enterprise customer, that customer remains responsible for the lawfulness of the content and the instructions given to Ceptory.

In those situations, Ceptory generally acts as a service provider or processor for customer content, while acting as an independent controller for business operations such as account administration, billing, marketing communications where permitted, and security logging.

Ceptory does not sell personal information. We may share information with infrastructure providers, authentication providers, email delivery vendors, analytics or security vendors, and professional advisers where reasonably necessary to operate the service or comply with legal obligations.

We may also disclose information where required by law, court order, government request, or where disclosure is necessary to protect Ceptory, its customers, users, or the public from fraud, abuse, or security threats.

We retain personal information for as long as reasonably necessary to provide the service, comply with contractual commitments, maintain security records, resolve disputes, and satisfy legal obligations.

Retention periods may vary depending on the type of data, customer configuration, regulatory requirements, and whether the data is tied to an active account, pilot deployment, or support matter.

Ceptory uses administrative, technical, and organizational safeguards intended to protect personal information against unauthorized access, misuse, disclosure, alteration, and destruction.

No system can be guaranteed perfectly secure, so users should also protect credentials, limit account sharing, and notify Ceptory promptly if suspicious activity is detected.

Depending on the deployment model and vendors in use, information may be processed in jurisdictions outside the one in which it was originally collected. Where required, Ceptory will rely on appropriate safeguards or contractual mechanisms for such transfers.

Subject to applicable law, individuals may have rights to access, correct, delete, restrict, or object to certain processing of their personal information, and in some cases to request portability.

Requests related to enterprise customer-managed data may need to be directed through the relevant customer organization so that Ceptory can act consistently with customer instructions and contractual commitments.