Brandinio
brandinio.

Privacy

Last updated: 27 May 2026

This policy explains what personal data Brandinio processes, why, and the rights you have under the EU General Data Protection Regulation (GDPR).

1. Controller

Brandinio GbR, Berliner Platz 39, 48143 Münster, Germany. [email protected].

2. Data we process

  • Account data — your name, email address and a hashed password.
  • Content you create — brand briefs, video and image briefs, prompts, uploaded assets, and the videos and images we generate for you.
  • Billing data — credit balance and transactions. Card payments are handled entirely by Stripe; we never receive or store your full card details.
  • Technical data — server log entries (IP address, timestamp, request) created when you use the service, retained only as needed for security and operation.

3. Hosting

Brandinio runs on our own server located in Germany. Your data is stored there.

4. Processors and AI providers

To deliver the service we transmit the necessary inputs (e.g. your brief, prompts and uploaded assets) to the following providers, who process them on our behalf or as independent controllers to return a result:

  • Stripe — payment processing and checkout.
  • OpenRouter — large-language-model script and director generation.
  • OpenAI — AI image generation.
  • ElevenLabs — text-to-speech voice synthesis.
  • fal.ai — AI avatar and lip-sync rendering.
  • Pexels — stock image and video search.

Where a provider processes data outside the EU/EEA, transfers are safeguarded by the EU Standard Contractual Clauses or an equivalent mechanism.

5. Cookies and local storage

We use only technically necessary storage: a session/login token and your interface preferences kept in your browser’s local storage. We run no analytics, advertising, or third-party tracking and set no marketing cookies.

6. Legal bases

  • Art. 6 (1)(b) GDPR — performance of our contract with you (running your account and generating your content).
  • Art. 6 (1)(f) GDPR — our legitimate interest in operating and securing the service.
  • Art. 6 (1)(c) GDPR — compliance with legal obligations (e.g. tax retention of invoices).

7. Retention

We keep account and content data while your account is active and delete it on request or after closure, except where statutory retention periods (e.g. for invoices) apply.

8. Your rights

You have the right to access, rectification, erasure, restriction, data portability, and to object to processing. To exercise any of these, email [email protected]. You may also lodge a complaint with a supervisory authority — for us, the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen.

Brandinio GbR · Berliner Platz 39, 48143 Münster, Germany · [email protected]