Privacy Policy

Effective Date: 2026.02.20
Last Updated: 2026.02.20
Version: 1.3

v1.2 Changed

• Clarified what payment metadata may be returned by Stripe, PayPal, and Creem.
• Added concrete retention windows for core data categories.
• Added complete legal entity details for legal notice and data subject contact.

Introduction

Vidle - AI Image, Video & Audio Generator respects your privacy. This Privacy Policy explains what information we collect when you interact with our website at https://flashomni.ai, how we use that information, and the choices you have. By using the Service, you agree to the practices described here.

We process personal data as a controller within the meaning of applicable privacy laws, including the EU General Data Protection Regulation (GDPR) and the UK GDPR.

Information We Collect

We collect information in three ways: information you provide directly, information collected automatically, and information from third parties.

Information You Provide

• Account details. Name (or display name), email address, password, avatar preferences, and profile settings.
• Purchases. Billing address, transaction amount, and limited payment metadata provided by our payment processor. We never store full payment card numbers.
• Support requests. Messages you send to support, and any files or screenshots you choose to share.
• Generated content. Prompts, uploaded reference images, and AI-generated outputs saved to your account.

Information Collected Automatically

• Usage analytics. IP address, device type, browser, operating system, language preference, referral URLs, pages viewed, and time spent on the Service.
• Log information. System logs, error reports, and diagnostic data used for debugging.
• Cookies and similar technologies. Small data files stored on your device to maintain sessions, remember preferences, and measure performance. You can control cookies through your browser settings.

Information from Third Parties

• Payment processors. Our payment partners (such as Stripe, PayPal, and Creem) provide confirmation of successful or failed transactions, payment method type, and limited metadata such as the last four digits when applicable.
• Email delivery providers. We receive status information from Resend when emails are opened, bounced, or reported as spam.
• Analytics tools. We may use privacy-focused analytics services that report aggregated usage metrics.

How We Use Your Information

We process personal data for the following purposes:

1. Provide, operate, and maintain the Service.
2. Process orders, subscriptions, and credit purchases.
3. Deliver generated avatars and manage your workspace.
4. Respond to customer support inquiries and send important transactional communications.
5. Improve and personalize the Service, including training and tuning models on de-identified prompts unless you opt out.
6. Protect the Service against abuse, fraud, and security threats.
7. Comply with legal obligations, tax requirements, and enforce our Terms of Service.
8. With your consent, send product updates, promotions, or newsletters (you may unsubscribe at any time).

Legal Bases for Processing (EEA/UK Users)

When required, we rely on the following legal bases:

• Performance of a contract (providing the Service you requested).
• Legitimate interests (improving the Service, preventing fraud).
• Compliance with legal obligations (financial record keeping, responding to lawful requests).
• Consent (marketing communications, optional cookies).

Sharing Your Information

We only share personal data with:

• Service providers who assist with hosting, email delivery, analytics, payment processing, customer support, and moderation.
• Professional advisors (lawyers, accountants) as needed for compliance.
• Authorities when required by law or to protect rights, safety, or property.
• Successors in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We do not sell your personal data.

Data Retention

We keep personal data only as long as necessary for the purposes described above:

• Account profile and authentication data are retained while your account is active and for up to 3 years (1,095 days) after closure, unless a longer period is required by law.
• Billing, invoice, tax, and payment transaction records are retained for 7 years (2,555 days) to satisfy accounting and legal obligations.
• Support tickets and support attachments are retained for up to 18 months (540 days) after the ticket is resolved.
• Security, access, and abuse-prevention logs are retained for 180 days by default; if tied to an active investigation, they may be retained for up to 18 months (540 days).
• Generation task metadata (such as task status, provider identifiers, and credit/billing events) is retained for up to 12 months (365 days) for troubleshooting, anti-fraud controls, and refund handling.
• Generated content can be deleted by you from your dashboard at any time; encrypted disaster-recovery backups may keep deleted copies for up to 30 days before automatic overwrite.

International Transfers

Our servers and service providers may be located in the United States and other countries. When transferring personal data across borders, we rely on approved safeguards such as Standard Contractual Clauses or the service provider’s certification mechanisms.

Your Rights

Depending on your location, you may have the right to:

• Access and obtain a copy of your personal data.
• Request correction of inaccurate or incomplete data.
• Request deletion of your data when it is no longer needed.
• Object to or restrict certain processing.
• Receive your data in a portable format.
• Withdraw consent for marketing communications at any time.

Submit requests by emailing email. We may need to verify your identity before fulfilling a request. If you are unsatisfied with our response, you may contact your local data protection authority.

Security

We implement technical and organizational measures appropriate to the risks of processing personal data, including encryption in transit (HTTPS), access controls, monitoring, and routine backups. No system is perfectly secure; you are responsible for safeguarding your login credentials.

Children’s Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe we have collected data from a child, contact us and we will take prompt action to delete it.

Links to Other Websites

Our Service may contain links to third-party sites. We are not responsible for the content or privacy practices of those sites. We encourage you to review their policies before providing personal data.

Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will post the revised document with an updated "Last Updated" date and, when appropriate, notify you via email or in-app message. Continued use of the Service after an update constitutes acceptance of the revised Policy.

Contact Us

Legal Entity Information

• Legal Entity Name: Mindepy, LLC
• Company Number: 17037023
• Registered Jurisdiction: England and Wales
• Registered Office: Initial Business Centre, Unit 7 Wilson Business Park, Manchester, United Kingdom, M40 8WN
• Legal Correspondence Address: Same as registered office unless updated by formal written notice.
• Incorporation Date: February 17, 2026

If you have questions or concerns about privacy, please contact us at email. For EEA or UK residents, you also have the right to lodge a complaint with your local supervisory authority.