Privacy Policy
Last updated: June 10, 2026
1. The short version
- Your pitch videos never leave your browser. They're recorded and played back locally — we don't store them.
- Your transcripts and scores are saved to your account so you can review them later. Only you can see them.
- We use Supabase (auth + database), Anthropic (AI scoring and rewrites), OpenAI (transcribing uploaded videos), Stripe (payments) and Vercel (hosting + analytics).
- We don't sell your data. We don't use your pitches to train AI models.
2. What we collect
When you sign up and use TellrAI, we collect:
- Your email address — used to send your magic-link sign-in and (rarely) important account or service updates. We do not send marketing emails without opt-in.
- Pitch transcripts you record or upload, along with any edits you make. These are stored on your account so your history is available next time you sign in.
- Scoring results generated for each pitch, including the score, written feedback and the AI rewrite.
- AI-written pitch scripts you generate via the Pitch Writer, along with the prompt details (topic, audience, key points, tone) you provided.
- Purchase records — when you buy a credit pack, we store the Stripe checkout session ID, amount paid, pack name and the credits granted. We do not store your card number or any payment details; Stripe handles all of that.
- Usage metadata — your credit balance, when credits were spent or granted, and the kind of action (analysis or generation).
- Anonymous analytics via Vercel Analytics — aggregated page views, country, device class and referrer. No personal identifiers are linked to these events.
3. What we don't collect or store
- Your pitch videos. The video file lives in your browser's memory while you record and review. When you submit a pitch for scoring, only the text transcript is sent to our server.
- Uploaded video files beyond the moment of transcription. If you upload a video, the audio is extracted in your browser and sent to OpenAI's transcription API. The audio is not stored by us; OpenAI processes it transiently to return the transcript.
- Card numbers, CVCs or bank details. Stripe handles all payment processing on its own infrastructure.
- Passwords. We use magic-link authentication, so no passwords ever exist.
4. Where your data goes
We use the following third-party processors. Each one only receives the data needed to do its job:
5. AI model training
We do not use your pitches, transcripts, scores or generated scripts to train any AI model.
Anthropic states that data submitted via the Claude API is not used to train its models by default. OpenAI states that data submitted via its API is not used to train its models by default. We rely on these default settings and do not opt in to any data-sharing programs.
6. Cookies
We use the minimum cookies required to make the service work:
- Authentication cookies set by Supabase to keep you signed in.
- Session storage we use to pass a generated script from the Pitch Writer to the Pitch Studio. This stays in your browser and clears when you close the tab.
We do not use advertising or tracking cookies.
7. Your rights
You can, at any time:
- View your data. Every transcript, score and generated pitch is listed at /history.
- Delete individual records. Each row in your history has a delete button.
- Delete your entire account. Email us (see Contact below) and we'll delete your account and all associated data within 30 days.
- Export your data. Email us and we'll send you a JSON export of everything on your account.
If you're in the EU, UK or California, you also have rights under GDPR / CCPA — including the right to lodge a complaint with your local data-protection authority. We'll honor any valid request.
8. Data retention
We keep your account data — transcripts, scores, generated pitches and purchase records — for as long as your account exists. If you delete your account, we delete this data within 30 days.
Server request logs are retained by Vercel for up to 30 days per Vercel's policies. Stripe retains payment records as required by applicable financial regulations (typically 7 years).
9. Security
Your data sits behind Supabase Postgres with row-level security policies that mean only your account can read your rows. The web app communicates with the database via authenticated server-side requests. All data in transit uses HTTPS.
No system is perfectly secure. If we ever discover a breach affecting your data, we'll notify you by email and on this page within 72 hours.
10. Children
TellrAI is not directed at children under 13, and we don't knowingly collect data from them. If you believe a child has created an account, email us and we'll delete it.
11. International users
TellrAI's servers and processors may be located in the United States or other countries. By using the service, you understand that your data may be transferred to and processed in those countries.
12. Changes to this policy
If we make material changes, we'll update the “Last updated” date above and — for significant changes — email you at the address on your account. Continued use of TellrAI after a change means you accept the updated policy.
13. Contact
Questions, requests or concerns about your data? Email tellrai@outlook.com.
This document is a plain-English summary of how TellrAI handles your data. It is not legal advice. If you operate at scale or in a regulated industry, you should have a qualified attorney review it for your jurisdiction.