Legal

Privacy Policy

Last updated: April 11, 2026

1. Overview

This Privacy Policy explains what personal information Klamdo (“Klamdo,” “we,” “us”) collects when you use klamdo.app, how we use it, who we share it with, and the rights you have over it. If any section conflicts with our Terms of Service, this policy controls for the subject of data handling.

2. Information we collect

Account data: your email address, display name, chosen plan, Stripe customer ID, and authentication identifier issued by Clerk.

Payment data: subscription status, plan tier, credit balance, invoice history. Full card numbers and bank details are never seen or stored by Klamdo — they are handled by Stripe, which is PCI-DSS certified.

User Input: text prompts, uploaded reference images, start/end frames, voice clones, and any files you attach to a package job.

Generated outputs: images, videos, audio, and text produced for your account, plus associated metadata (duration, model used, dimensions).

Usage data: IP address, browser and device identifiers, pages visited, timestamps, referrer, session duration, and diagnostic logs (error traces, request IDs).

Communications: support tickets, feedback forms, and emails you send us.

3. How we use it

  • Authenticate accounts and process payments.
  • Deliver generation requests to upstream AI providers and store the resulting assets in your library.
  • Enforce acceptable use, detect abuse, and moderate content.
  • Send transactional emails (welcome, job completed, receipt, credit warnings) and rare service announcements.
  • Debug errors and improve reliability.
  • Comply with legal obligations and enforce our Terms.

We do not sell personal information to advertisers. We do not use your User Input or generated outputs to train public foundation models.

4. Service providers (sub-processors)

We share the minimum data necessary with the following sub-processors:

  • Cloudflare — hosting, DNS, asset storage (R2), database (D1), workflow orchestration. Data is stored in Cloudflare’s global network.
  • Stripe — billing, payment processing, subscription management, tax calculation.
  • Clerk — authentication, session management, and multi-factor authentication.
  • Resend — transactional email delivery.
  • AI model providers — fal.ai, OpenAI, ElevenLabs, and Replicate process prompts and assets for generation requests. We send only the data needed to complete each request.

5. Data retention

We keep account and billing records for the life of your account and for a period afterward to meet tax, audit, and legal retention requirements (generally seven years for financial records). Generated assets remain in your library until you delete them or cancel your account. Error logs are rotated after thirty days.

You may request deletion of your account and associated personal data by emailing privacy@klamdo.app. Some data may be retained where required by law, to resolve disputes, or to enforce agreements.

6. Your rights

Depending on where you live, you may have the right to access, correct, delete, restrict, or receive a copy of your personal data. California residents have additional rights under the CCPA and CPRA, including the right to opt out of the sale or sharing of personal information (Klamdo does not sell or share personal information in the statutory sense). EU and UK residents have rights under GDPR / UK GDPR.

To exercise any of these rights, email privacy@klamdo.app from the address associated with your account. We respond within thirty days.

7. Children

Klamdo is not directed at anyone under the age of 18. We do not knowingly collect information from minors. If you believe a minor has created an account, contact us immediately and we will delete the account.

8. Security

We use TLS for data in transit, Cloudflare’s encrypted R2 storage for assets, signed URLs for media delivery, and short-lived session tokens. No system is perfectly secure. In the event of a breach that affects your personal data, we will notify you and the relevant regulator as required by applicable law.

9. International transfers

Klamdo operates globally via Cloudflare’s edge network. By using the service you consent to your data being processed in the United States and in the regions where our sub-processors operate. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

10. Changes to this policy

We may update this policy occasionally. Material changes will be announced by in-app notice or email. Continued use of Klamdo after changes take effect constitutes acceptance.

11. Contact

Privacy questions: privacy@klamdo.app.