1. Who we are
ATHINA AD ("we", "us") provides AI-driven audio description, transcription, and narration generation through the website at athinaad.com. We are the data controller for the information described below. You can contact us at any time at info@athinaad.com.
2. What we collect and why
2.1 Account information
When you create an account we collect what's needed to identify and contact you: your name, email address, an age-range confirmation, your authentication credentials (handled by Firebase Authentication — we never see your password), and your acceptance of the Terms of Service and Privacy Policy. We use this to create your account, sign you in, verify your email, and contact you about your account.
2.2 Uploaded videos and YouTube links
When you submit a video file or a public video link, we use it solely to generate your transcript, written description, and narration audio. Source videos are treated as transient working files — we keep them only as long as it takes to process them and remove them within 24 hours.
2.3 Generated outputs
We save the transcripts, written descriptions, narration audio, processing logs, and per-job result records to your account so you can return to past work, request retries, and download outputs. You can delete a result from your dashboard at any time.
2.4 Technical and usage data
To keep the service working and to detect abuse, we record: the IP address you connected from, a derived country code, the browser and operating system you're using, the time and outcome of each job, file size, duration, format, and the per-stage timings of our pipeline. We also write authentication events (sign-in, sign-out, verification, password reset, account block) to an internal audit log.
2.5 Cookies and similar technologies
We use a small number of cookies and similar storage:
- Session cookie (essential): a signed, HttpOnly cookie that keeps you signed in.
- Activity cookie (essential): tracks idle time so we can sign you out automatically after one hour of inactivity.
- Admin promotion cookie (essential, only for staff): short-lived elevated-access token for our internal admin panel.
- Local preferences (essential): theme (light/dark) and text-size preferences are saved in
localStorageso we can apply them on your next visit. - Analytics (optional): if a Google Analytics measurement ID is configured, basic page-view analytics are enabled. Analytics is not active when no measurement ID is set.
- Diagnostics (optional): we use Sentry-style diagnostics to capture errors. No video content is sent to diagnostics.
2.6 Feedback and contact submissions
If you submit the contact form, sign up to be notified about the Creator Plan, or rate a generated output, we keep your submission, your contact details, and any free-text notes so we can reply and improve the product.
3. Why we are allowed to use this information (lawful basis)
Where the EU/UK GDPR applies, our lawful bases are:
- Contract — to create and run your account and process the videos you submit.
- Legitimate interest — to keep the service safe, prevent abuse, and improve the product. You can object at any time.
- Consent — for any optional analytics, where required by local law.
- Legal obligation — to comply with law, respond to lawful requests, and handle copyright takedowns.
4. How long we keep it
- Uploaded source videos: removed within 24 hours of processing, success or failure.
- Generated transcripts, descriptions, and narration audio: kept while your account is active. Deleted within 30 days of you deleting them or closing your account.
- Account record: kept while your account exists. Deleted within 30 days of account deletion, except where we need to retain a limited record to comply with law, resolve disputes, or enforce our Terms.
- System and audit logs: retained for up to 90 days for security and debugging.
- Contact, feedback, and Creator Plan notify-me submissions: retained until the conversation or launch notification is complete, then archived or deleted.
5. Who we share it with
We do not sell your personal information. We share data only with service providers who help us run ATHINA AD, under contract and only for the purposes described here:
- Google Cloud Platform — hosting (Cloud Run), storage (Cloud Storage), database (Cloud SQL / Firestore), and email-delivery support.
- Firebase Authentication — account creation, password handling, and email-verification links.
- Google Gemini — the AI engine that analyzes your video to produce descriptions. We use enterprise API integrations configured so that your uploads, metadata, and outputs are not used to train Gemini or other third-party models.
- Google Cloud Text-to-Speech — converts the generated script into narration audio.
- Brevo (Sendinblue) — transactional email delivery (verification, password reset, contact-form replies, Creator Plan launch notification).
- Google Analytics — only when a measurement ID is configured.
- Sentry-style diagnostics — error monitoring. No video content is sent.
- YouTube — when you submit a YouTube link, we fetch the public video metadata and stream to process it.
We may also disclose information when required by law, to enforce our Terms, to handle copyright takedowns, or to protect the safety of our users.
6. International transfers
ATHINA AD is operated from the United States. If you access the service from outside the United States, your data will be transferred to and processed in the United States and in regions where our cloud providers operate. Where required, we rely on standard contractual clauses or equivalent safeguards.
7. Your rights
Depending on where you live, you may have the right to:
- Access the personal information we hold about you.
- Correct information that is inaccurate or incomplete.
- Delete your account and associated data.
- Export a copy of your data in a portable format.
- Object to or restrict certain uses of your data.
- Withdraw consent, where we relied on consent.
- Lodge a complaint with your local data-protection authority.
To exercise any of these rights, contact us through any of the channels in section 11.
8. Security
We protect your data with HTTPS in transit, signed session cookies, Firebase-managed authentication (your password never reaches our servers in plain text), server-side rate limiting, and least-privilege access to backend systems. No system is perfect — if you believe your account is compromised, contact us immediately.
9. Children
ATHINA AD is not directed at children under 13 and accounts confirm an adult age range at signup. If you believe a child has created an account, contact us and we will remove it.
10. Changes to this policy
We will update this page when our practices change. The "Last updated" date below reflects the most recent change. For material changes, we will also notify signed-in users by email or in-app message.
11. Contact us
You can reach us through any of these channels:
- The contact form on this website.
- The contact form inside your user dashboard once you sign in.
- Email us directly at info@athinaad.com.
Last updated: 10-06-2026.