Privacy Policy
How linkfilm ai collects, uses, and protects your personal data when you generate video and film with our tools — and the rights you have over it.
Effective date: 01-07-2026
Last updated: 10-07-2026
Applies to: GDPR & CCPA · global
This Privacy Policy explains howLinkfilm processes personal data in connection with our websites, applications, and AI video and film generation services (together, the “Services”). It applies to anyone who visits our sites, creates an account, or uses our tools. Where a specific feature has its own supplementary notice, that notice prevails for that feature only.
0.1 Who we are & how to reach us
The data controller responsible for your personal data is:
Entity: Linkfilm
Registered address: Uposhohor rajshahi, Rajshahi, Bangladesh
Company / tax ID: xxx xx xxxx xxxxx
Privacy contact: support@linkfilm.ai
Data Protection Officer (if appointed): Sajib
0.2 Scope & age requirements
The Services are intended for adults. You may only create an account and agree to our terms if you are at least 18 years old, or the age of majority in your jurisdiction. Where local law sets a higher minimum age for consent to data processing, that age applies.We do not knowingly direct the Services to, or collect personal data from, children below the applicable age. If you believe a minor has provided us with personal data, contact us and we will delete it.
0.3 The data we collect
We collect the categories of personal data below. Some you provide directly; some is generated automatically when you use the Services.
Information you give us
  •  .Account & profile data — name or username, email address, password (stored hashed), and any profile details you add. If you sign in with a third-party login such as Google or Apple, we receive your name, email, and profile image from that provider.
  • Billing data — for paid plans: billing name, country, and the transaction details needed to process payment. Card numbers are handled by our payment processor; we do not store full card details on our systems.
  • Inputs — the prompts, text, images, video, audio, voice samples, reference files, and settings you submit to generate content.
  • Outputs — the videos, frames, and other media our tools generate from your Inputs.
  • Communications — messages, support requests, feedback, survey responses, and any attachments you send us.
Information collected automatically
  • Device & technical data — IP address, device and browser type, operating system, language, and similar identifiers contained in HTTP headers.
  • Usage data — pages and features used, generation activity, timestamps, file types and sizes, referring URLs, and interactions with the Services.
  • Cookies & similar technologies — as described in section 00:06.
Information from third parties
We may receive data from federated login providers, payment processors, analytics and advertising partners, and publicly available sources, used to authenticate you, prevent fraud, and improve the Services.
0.4 How and why we use your data
We process personal data only where we have a lawful basis to do so. Under the GDPR, the relevant bases areconsent,performance of a contract,legitimate interests, andlegal obligation. The table below maps our main purposes to their bases.
Purpose
Personal data
Legal basis (GDPR)
Create and manage your account; provide the generation tools
Account, billing, Inputs, Outputs
Performance of a contract
Process payments and prevent payment fraud
Billing & transaction data
Performance of a contract
Keep the Services secure; detect abuse, bots, and attacks; enforce usage limits and our terms
Device, usage, IP, technicaletadata
Performance of a contract
Provide support and respond
to your requests
Contact data, content
of enquiry
Performance of a contract
Improve and develop the
Services; analytics
Usage data, feedback,
technical metadata
Performance of a contract
Send service messages (e.g. security, account, billing)
Account & contact data
Performance of a contract
Send marketing communications
Email address, preferences
Performance of a contract
Comply with the law and
respond to lawful requests
As required by the relevant law
Performance of a contract
Where we rely on legitimate interests, we balance those interests against your rights and freedoms. You can ask us for more detail about that balancing, or object to it, using the contacts in section 00:16.
0.5 Your Inputs, Outputs & AI processing
Our tools turn the content you submit (“Inputs”) into generated media (“Outputs”). This section explains how that content is handled.
You control your content
You are responsible for the Inputs you upload. If your Inputs contain another person’s image, voice, or other personal data — for example, to make an Output that resembles a real person — you must have a valid legal basis (such as that person’s consent) and the right to use that material. You must not upload content you have no right to use, or that depicts a person without their permission.
How we process Inputs and Outputs
To deliver the Service, we collect, store, transmit, and apply AI models to your Inputs in order to generate, display, and store your Outputs, and to manage your account and usage limits. For the personal data that may appear in your Inputs and Outputs, we generally act as a processor on your behalf. We also process limited technical metadata (timestamps, file type and size) as a controller, solely to run the Service, apply limits, and detect faults.
AI model providers
Some generation features are powered by third-party AI models. When you choose to use such a model, your relevant Input may be sent to that provider, which acts as our sub-processor and processes it only to return your Output. Where a model is hosted outside your region, using it involves an international transfer (see section 00:08); we make the hosting location available so you can decide whether to use it.
Compliance & moderation
To keep the Services lawful and safe, we apply automated filters and may review content reported for violating the law or our terms. We may remove offending content, suspend accounts, and cooperate with competent authorities where legally required. Processing under this policy is not designed to single out or uniquely identify any individual.
0.6 Cookies & similar technologies
We use cookies and similar technologies to operate the Services, remember your preferences, measure performance, and — where you consent — to personalise content and advertising. Strictly necessary cookies are used to provide the Services and do not require consent; all others are set only after you accept them through our cookie banner, and you can change your choices at any time.
For the full list of cookies, their purposes, and durations, see our[Cookie Policy URL].
0.7 How we share your data
We do not sell your personal data for money. We share it only as described here:
  • Service providers (processors) — hosting and cloud infrastructure, content delivery, payment processing, customer support, analytics, security, and email delivery. They act on our instructions under a data processing agreement and may not use your data for their own purposes.
  • AI model providers — as sub-processors, where you choose a model to generate an Output (see section 00:05).
  • Login & integration providers — where you connect a third-party account such as Google or Apple.
  • Login & integration providers — where you connect a third-party account such as Google or Apple.
  • Legal & safety — courts, regulators, and law-enforcement where required by law, or to protect our rights, users, and the public.
  • Corporate transactions — in a merger, acquisition, or sale of assets, your data may transfer to the successor entity under this policy.
You can request the list of our current providers using the contacts in section 00:16.
0.8 International data transfers
We and some of our providers operate in countries outside your own, including outside the European Economic Area and the UK. When we transfer personal data internationally, we rely on a lawful transfer mechanism — typically the European Commission’s Standard Contractual Clauses (and the UK Addendum), an adequacy decision, or another approved safeguard — and we apply additional measures where needed.
For AI model providers, the decision to use a model hosted in a particular country rests with you; we identify each model’s processing location so you can make an informed choice. You can request a copy of the relevant safeguards from us.
0.9 How long we keep your data
We keep personal data only for as long as needed for the purpose it was collected, then delete or anonymise it, or keep it restricted where the law requires. Indicative periods:
  • Account data — for the life of your account, then up to 2 years after closure to handle legal, tax, and accounting obligations and potential claims.
  • Uploaded images, audio & video Inputs — 30 days Confirm your real retention.
  • Prompts & Outputs — kept while your account is active and as needed to provide the Service, then deleted or blocked per the applicable limitation period.
  • Inputs sent to AI sub-processors — retained by the provider no longer than needed to return your Output (typically up to 30 days; confirm per provider).
  • Security & anti-fraud logs — up to 13 months; identifiers tied to abuse may be kept pseudonymised longer to prevent recurrence.
  • Marketing data — until you opt out or after 10 years of inactivity, whichever comes first.
  • Support records — for the period needed to resolve your request and meet our legal obligations.
10 How we protect your data
We use appropriate technical and organisational measures to protect personal data against loss, misuse, and unauthorised access, alteration, or disclosure. These include encryption in transit (TLS/SSL), access controls, network protections, and ongoing monitoring. No system is perfectly secure, but we work to keep our safeguards aligned with the risk and to notify you and the relevant authority if a breach legally requires it.
11 Your privacy rights
Depending on where you live, you have some or all of the following rights over your personal data:
  • Access — get a copy of the data we hold about you.
  • Rectification — correct data that is inaccurate or incomplete.
  • Erasure — ask us to delete your data (“right to be forgotten”), subject to legal limits.
  • Restriction — ask us to pause processing in certain cases.
  • Portability — receive your data in a portable format, or have it sent to another provider.
  • Objection — object to processing based on our legitimate interests, and to direct marketing at any time.
  • Withdraw consent — where we rely on consent, withdraw it at any time without affecting prior processing.
  • No solely automated decisions — see section 00:14.
To exercise any right, contact us using section 00:16, or use the controls in your account settings. We will respond within the timeframe the law allows (one month under the GDPR), and may ask you to verify your identity first. Exercising your rights is free and will not lead to any worse treatment.
12 Children’s privacy
The Services are not directed to children, and we do not knowingly collect personal data from anyone under the applicable minimum age (see section 00:02). We do not sell or share the personal data of individuals we know to be under 16. If you are a parent or guardian and believe your child has used the Services, contact us and we will delete the relevant data.
13 Your California privacy rights (CCPA)
This section applies to California residents and supplements the rest of this policy, in line with the California Consumer Privacy Act, as amended (the “CCPA”). It does not cover information exempt from the CCPA, such as publicly available or de-identified data.
Categories we collect
In the past 12 months we have collected these categories of personal information: identifiers (e.g. name, email, IP address); customer records (account and billing details); commercial information (plans purchased, usage history); internet/network activity (browsing and interaction data); geolocation (general location); professional information (where you provide it); visual or audio information (images, video, voice you upload); and inferences drawn from the above. Sources and purposes are described in sections00:0300:04.
“Sale” and “sharing”
We do not sell your personal information for money. However, our use of certain advertising and analytics cookies may count as a “sale” or “sharing” (for cross-context behavioural advertising) under the CCPA. The categories that may be involved are identifiers, commercial information, and internet/network activity. We do not sell or share the personal information of consumers we know to be under 16.
Sensitive personal information
We use and disclose sensitive personal information only for purposes permitted by the CCPA, such as providing the Services you request, securing our systems, preventing fraud, and meeting legal obligations — not to infer characteristics about you.
Your California rights
  • Know / access the categories and specific pieces of personal information we collect, and the sources, purposes, and recipients.
  • Delete personal information we have collected, subject to exceptions.
  • Correct inaccurate personal information.
  • Opt out of any “sale” or “sharing” — manage this through our cookie settings or a “Do Not Sell or Share My Personal Information” link.
  • Limit the use of sensitive personal information.
  • Non-discrimination — we will not treat you worse for exercising your rights.
To make a request, email privacy@linkfilm.ai We will verify your identity before responding, and you may use an authorised agent with proof of authorisation.
14 Automated decision-making
We use automated systems for content generation, content moderation, security, and fraud prevention. We do not make decisions producing legal or similarly significant effects on you based solely on automated processing without a lawful basis and appropriate safeguards. Where such processing applies, you may request human review, express your point of view, and contest the decision by contacting us.
15 Changes to this policy
We may update this Privacy Policy from time to time. The “Effective date” at the top shows the latest version. If we make material changes, we will give you notice through the Services or by email where appropriate. We encourage you to review this page periodically.
16 Contact us & complaints
For any question or to exercise your rights, contact us at privacy@linkfilm.ai
If you are in the EU or UK and believe we have not handled your data properly, you have the right to lodge a complaint with your local data protection authority. We’d appreciate the chance to address your concern first, so please consider reaching out to us before you do.