Privacy Policy

Last updated: February 24, 2026

1. Introduction

Progressor ("we", "our", "us") is operated by Start.it. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our video processing service at progressor.startit.agency (the "Service").

We are committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR — EU 2016/679) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

Start.it
Contact: privacy@startit.agency

3. Data We Collect

We collect the following categories of personal data:

3.1 Account Data

  • Email address (required for account creation)
  • Name (if provided via Google OAuth)
  • Authentication identifiers

3.2 Payment Data

  • Stripe customer ID and payment session IDs
  • Purchase history (credit packs, amounts, dates)
  • We do not store credit card numbers — all payment processing is handled by Stripe

3.3 Usage Data

  • Generation history (parameters used, processing times, timestamps)
  • Credit balance and transaction logs

3.4 Uploaded Content

  • Video files and GIF files uploaded for processing
  • Generated output videos
  • Uploaded files are automatically deleted after processing. Output files are stored temporarily for download.

3.5 Technical Data

  • IP address, browser type, device information
  • Cookies and similar technologies (see Section 7)

4. Legal Basis for Processing (GDPR Art. 6)

  • Contract performance (Art. 6(1)(b)): Processing your account data, payments, and uploaded content is necessary to provide the Service.
  • Legitimate interest (Art. 6(1)(f)): Technical data and usage analytics to maintain, secure, and improve the Service.
  • Consent (Art. 6(1)(a)): For optional cookies and marketing communications, where applicable.

5. How We Use Your Data

  • To create and manage your account
  • To process video generation requests
  • To process payments and manage credits
  • To provide customer support
  • To detect and prevent fraud or abuse
  • To improve and maintain the Service

6. Data Sharing & Third Parties

We share your data only with the following third-party processors:

We do not sell, rent, or trade your personal data to any third party. We do not use your data for advertising purposes.

7. Cookies

We use the following types of cookies:

  • Strictly necessary cookies: Authentication session cookies required for the Service to function. These cannot be disabled.
  • Functional cookies: Remember your preferences (e.g., cookie consent choice).
  • Analytics cookies (optional): Help us understand how the Service is used. Only set with your consent.

You can manage your cookie preferences at any time via the cookie banner or your browser settings.

8. Data Retention

  • Account data: Retained as long as your account is active. Deleted within 30 days of account deletion request.
  • Uploaded files: Automatically deleted immediately after processing.
  • Generated videos: Stored for up to 24 hours for download, then automatically deleted.
  • Payment records: Retained for 7 years as required by tax and accounting regulations.
  • Usage logs: Retained for up to 12 months.

9. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right of access (Art. 15): Request a copy of your personal data.
  • Right to rectification (Art. 16): Correct inaccurate personal data.
  • Right to erasure (Art. 17): Request deletion of your personal data.
  • Right to restriction (Art. 18): Restrict processing of your data.
  • Right to data portability (Art. 20): Receive your data in a machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interest.
  • Right to withdraw consent (Art. 7(3)): Withdraw consent at any time for consent-based processing.

To exercise any of these rights, contact us at privacy@startit.agency. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest for database storage
  • Access controls and authentication
  • Regular security reviews

11. International Transfers

Your data may be processed outside the European Economic Area (EEA) by our third-party service providers (Supabase, Stripe). These transfers are protected by appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission.

12. Children

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact & Complaints

For any questions or concerns about this Privacy Policy or our data practices, contact us at privacy@startit.agency.

You have the right to lodge a complaint with your local data protection supervisory authority if you believe your rights under the GDPR have been violated.

Terms of Service