This document explains how personal data of Clipia.ai users are processed and transferred internationally in connection with the provision of our AI-powered content generation services (the «Service»).
Clipia LLC, a limited liability company organised under the laws of the State of Wyoming, United States (hereinafter — the «Company» or «we»), is the data controller responsible for the personal data processed through the Service.
To operate the Service, personal data is processed by our infrastructure provider located in the Russian Federation and by third-party artificial-intelligence model providers and payment processors that may be located in various countries. By using the Service, you acknowledge that your personal data may be processed in, and transferred to, countries other than your own — including jurisdictions whose data-protection laws may differ from those of your country of residence.
We process and transfer personal data on one or more of the following legal grounds:
| Category | Examples |
|---|---|
| Identification | Email, username, account ID |
| OAuth identifiers | Google Sub, Yandex UID, Telegram User ID |
| Technical | Hashed IP, User-Agent, timestamps, device type |
| Generation content | Prompts, reference media, generated results |
| Payment identifiers | Anonymised card token, amount, payment ID |
| Communications | Support tickets, email metadata |
| Application errors | Stack traces, client logs (no content) |
We do not intentionally collect special or sensitive categories of personal data (such as race, ethnicity, political or religious beliefs, health, or sexual orientation). If you voluntarily include such information in a prompt or reference media, it will be processed as part of your generation request.
To provide the Service, we share personal data with third-party processors and sub-processors of the categories listed below, each bound by a Data Processing Agreement (DPA). The identity of the specific vendors we engage is confidential and commercially sensitive; it may be disclosed where required by applicable law or in response to a lawful request from a competent authority.
| Category | Location | Purpose |
|---|---|---|
| Cloud infrastructure providers (hosting, S3-compatible object storage) | Russian Federation | Storage of media files and service data |
| Network infrastructure providers (CDN, DNS, DDoS protection) | Global edge network | Content delivery, protection against network attacks |
| Social authentication providers (OAuth) | USA | User identification upon sign-in |
| Payment processors | Russian Federation, EU | Processing of subscription and top-up payments |
| Transactional email providers | USA | Account, payment, and notification emails |
| Application error monitoring services | USA | Diagnostics of application failures |
| Web analytics services (aggregated analytics) | USA, Russian Federation | Traffic statistics |
| Machine-learning model providers (AI generation) | USA, EU, PRC, and others | Generation of images, video, and other content as requested by you |
Our primary hosting and media-storage infrastructure is located in the Russian Federation. Full payment card details are never disclosed to the Company by any payment processor — only anonymised tokens and transaction identifiers are shared.
Access to machine-learning models may be provided directly or through technology partners (infrastructure aggregators) that handle routing, load balancing, failover, and integration security. The identity and details of specific providers and partners are confidential and commercially sensitive.
Transmitted: prompt text, reference media, request parameters (model, resolution, duration), and an anonymised request ID.
Not transmitted: email, username, IP address, payment data, or any account content beyond the specific request.
Because our processors are located in several countries, your personal data may be transferred to and processed in the United States, the Russian Federation, the European Union, and other jurisdictions. Wherever personal data is transferred across borders, we apply appropriate safeguards designed to protect it:
Depending on your jurisdiction and applicable law (such as the California Consumer Privacy Act as amended by the CPRA, or the EU General Data Protection Regulation), you may have the right to:
To exercise any right, contact legal@clipia.ai. We respond within the time required by applicable law (generally within 30–45 days). If you believe your rights have been violated, you may lodge a complaint with the applicable data protection authority (for example, the California Privacy Protection Agency) or bring a claim before a court of competent jurisdiction.
We may update this document from time to time. We will communicate material changes (for example, new categories of recipients or new destination jurisdictions) at least 30 calendar days in advance by email and through an in-service notice.
| Company | Clipia LLC |
| Jurisdiction | State of Wyoming, United States |
| Registered address | 30 North Gould Street, PMB R, Sheridan, WY 82801, USA |
| Privacy & legal contact | legal@clipia.ai |
If you are dissatisfied with how we handle your personal data, you may contact the data protection authority with jurisdiction over you — for example, the California Privacy Protection Agency in the United States, or the relevant supervisory authority in the European Economic Area — or seek relief before a court of competent jurisdiction.