Privacy Policy

Last Updated: November 14, 2025

1. Introduction

Welcome to Origma ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered video editing service.

By using Origma, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Information You Provide to Us

  • Account Information: When you create an account, we collect your email address, name, and profile information through third-party OAuth authentication.
  • Video Content: Videos and media files you upload or provide via URL for editing and processing.
  • Project Data: Information about your editing projects, preferences, and settings.
  • Communication Data: Information you provide when contacting our support team.

2.2 Information Collected Automatically

  • Usage Data: Information about how you interact with our service, including features used, time spent, and actions taken.
  • Device Information: Browser type, operating system, IP address, and device identifiers.
  • Log Data: Server logs, error reports, and performance metrics.
  • Cookies and Tracking: We use cookies and similar technologies to maintain your session and improve user experience.

2.3 Information from Third-Party Authentication

When you authenticate using third-party OAuth services, we receive:

  • Your account email address
  • Your name and profile picture
  • Basic profile information

We only request the minimum permissions necessary to authenticate your account and provide our service.

3. How We Use Your Information

We use your information to:

  • Provide and Maintain Our Service: Process your videos, generate edited content, and deliver our core features.
  • Account Management: Create and manage your account, authenticate your identity, and maintain your session.
  • AI Processing: Use AI models to analyze video content, identify highlights, and generate automated edits.
  • Improve Our Service: Analyze usage patterns, troubleshoot issues, and develop new features.
  • Communication: Send service-related notifications, updates, and respond to your inquiries.
  • Security: Detect and prevent fraud, abuse, and security incidents.
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes.

Important: When you use our AI-powered features, your video content may be processed by third-party AI service providers. The way these providers handle your data depends on your subscription tier (see Section 5 for details).

4. Data Storage and Security

4.1 Data Storage

We use third-party cloud infrastructure providers to store and process your data:

  • Video Files: Stored in secure cloud storage with encryption at rest.
  • OAuth Tokens: Authentication tokens encrypted at rest and managed securely.
  • Database: User account and project information stored with encryption and access controls.

4.2 Security Measures

We implement industry-standard security measures:

  • Data encryption in transit (TLS/SSL) and at rest
  • Secure authentication using OAuth 2.0
  • Regular security audits and monitoring
  • Access controls and principle of least privilege
  • Automated backup and disaster recovery procedures

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

4.3 Data Retention

  • Video Content: Stored for the duration of your project and 30 days after completion unless you delete it earlier.
  • Account Data: Retained while your account is active and for 90 days after account deletion.
  • Logs and Analytics: Retained for up to 12 months for security and service improvement.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

5.1 Service Providers

We work with trusted third-party service providers who assist in operating our service:

  • Cloud Infrastructure: For hosting, storage, and compute resources
  • AI Processing: Third-party AI service providers for AI-powered video analysis, transcription, and content generation
  • Authentication: OAuth providers for secure user authentication
  • Payment Processing: Payment processors for subscription billing
  • Content Delivery: CDN providers for video streaming

Important Note on AI Data Processing:

  • Paid Subscriptions: Third-party AI providers do not use your video content or prompts to improve their products or services. Your data is processed according to applicable data processing agreements and logged only for a limited time to detect policy violations.
  • Free Tier/Trial Services: Third-party AI providers may use your submitted content and generated responses to provide, improve, and develop their products and services. Human reviewers may read, annotate, and process your inputs and outputs to help improve AI quality.

These providers have their own terms of service and privacy policies. You should not submit highly sensitive or confidential information, especially when using free tier services.

5.2 Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations or valid legal processes
  • Protect our rights, property, or safety
  • Investigate potential violations of our Terms of Service
  • Respond to emergency situations involving public safety

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data is subject to a different privacy policy.

6. Your Privacy Rights

Depending on your location, you may have the following rights:

6.1 General Rights

  • Access: Request access to your personal information
  • Correction: Update or correct inaccurate data
  • Deletion: Request deletion of your data
  • Export: Receive a copy of your data in a portable format
  • Objection: Object to certain data processing activities

6.2 GDPR Rights (EU/EEA Users)

If you are in the EU/EEA, you have additional rights:

  • Right to restrict processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

6.3 CCPA Rights (California Users)

California residents have the right to:

  • Know what personal information is collected
  • Know if personal information is sold or shared
  • Opt-out of the sale of personal information (we do not sell data)
  • Request deletion of personal information
  • Non-discrimination for exercising privacy rights

6.4 Exercising Your Rights

To exercise any of these rights, please contact us at teamorigma@gmail.com. We will respond to your request within 30 days.

7. Third-Party OAuth and API Usage

Origma's use and transfer of information received from third-party authentication and API services adheres to applicable user data policies, including Limited Use requirements.

  • We only request the minimum scopes necessary for authentication and service functionality
  • OAuth tokens are encrypted at rest and stored securely
  • We do not use user data received from authentication services for advertising purposes
  • We do not transfer or sell user data to third parties like advertising platforms or data brokers
  • We do not use user data to determine creditworthiness or for lending purposes
  • You can revoke access at any time through your third-party account settings

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Data processing agreements with service providers
  • Compliance with applicable data transfer regulations

9. Children's Privacy

Origma is not intended for users under the age of 18. Our Service uses third-party AI capabilities that require users to be 18 years or older. We do not knowingly collect personal information from individuals under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately and we will delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification for significant changes

Your continued use of the service after changes indicates your acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: teamorigma@gmail.com

12. Data Protection Officer

For users in the EU/EEA, if you have concerns about how we process your personal data, you may contact our Data Protection Officer at teamorigma@gmail.com.

This privacy policy is effective as of November 14, 2025. For previous versions, please contact us.