SAFECENSORSign in

Privacy Notice

Last updated: April 25, 2026

1. Who we are

SafeCensor AI is operated by Henderson & Co. LLC ("we", "us"). We are the data controller for personal data we process about you in connection with the SafeCensor service.

2. What we collect

  • Account data — email address, password hash, display name, optional avatar.
  • Content data — videos and audio you upload, plus generated transcripts and flagged-word data.
  • Usage data — credit balance, transactions, processing history, error logs, IP address, device type, and browser metadata.
  • Support data — messages you send to us and any attachments.
  • OAuth data — if you sign in with Google, we receive your email, name, and profile image from Google.

Payment card details are not collected by us — they are handled by Paddle (see section 5).

3. How we use your data

  • To create and maintain your account (legal basis: contract).
  • To provide the transcription and censoring service you request (legal basis: contract).
  • To track credits, process top-ups, and prevent fraud (legal basis: contract and legitimate interests).
  • To debug, secure, and improve the service (legal basis: legitimate interests).
  • To respond to support requests (legal basis: contract or legitimate interests).
  • To comply with legal obligations such as tax and accounting (legal basis: legal obligation).

4. AI processing

Audio extracted from your videos is sent to OpenAI's Whisper model for transcription. Transcripts are then analyzed to identify potentially risky words. We do not use your content to train any AI model.

5. Who we share data with

  • Paddle.com Market Limited — our Merchant of Record, which processes payments, manages subscriptions, handles taxes, and issues invoices.
  • Hosting and infrastructure providers — Supabase (database, storage, authentication) and Cloudflare (edge compute and CDN).
  • OpenAI — for speech-to-text transcription only.
  • Google — only if you choose to sign in via Google OAuth.
  • Professional advisers — accountants and lawyers, where necessary.
  • Authorities — where required by law.

6. International transfers

Some of our processors are located outside the UK/EEA, including in the United States. Where data leaves the UK/EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or applicable adequacy decisions.

7. Retention

We retain account data for as long as your account is active. Uploaded videos and audio can be deleted by you at any time from the dashboard. Transcripts and flagged-word records are retained alongside your video records. Transaction and tax records are retained for the period required by law (typically 6–10 years). On account deletion we anonymize or delete your personal data, except where retention is legally required.

8. Your rights

Depending on where you live, you may have the right to: access the data we hold about you, correct inaccurate data, delete your data, restrict or object to processing, request a portable copy, withdraw consent, and complain to a data protection authority. Under GDPR we will respond to verified requests within one month. To exercise any of these rights, contact us via the email shown in your account dashboard.

9. Security

We use appropriate technical and organisational measures to protect your data, including TLS encryption in transit, encryption at rest, role-based access controls, and row-level security at the database layer. No system is 100% secure; please use a unique strong password and protect your account credentials.

10. Cookies

We use only essential cookies required to keep you signed in and to remember your session. We do not use marketing or analytics cookies. Paddle's checkout may set its own cookies necessary for processing your payment; see Paddle's privacy notice for details.

11. Changes

We will update this notice as our practices evolve. The "last updated" date at the top reflects the latest version. Material changes will be communicated in-app or by email.