Privacy Policy

Effective Date: December 1, 2024

Cinelytic, Inc., a Delaware C Corporation, which owns Callaia (“we,” “our,” or “us”), is committed to safeguarding your personal data and ensuring transparency in how we handle your information. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other global data protection regulations.

By using Callaia’s services, you agree to the terms outlined in this Privacy Policy. If you do not agree, please discontinue using our services.

1. Who We Are

Callaia provides AI-powered script analysis services to creative professionals, including film studios and screenwriters. All data processing activities are conducted under the legal entity Cinelytic, Inc., a Delaware C Corporation.

Data Controller:

Cinelytic, Inc.
9255 W. Sunset Boulevard, Suite 1100
Los Angeles, CA, 90069
Email: contact@callaia.ai

Data Protection Officer (DPO):

Email: dev@cinelytic.com

2. What Personal Data We Collect

We collect personal data necessary to provide our services. This includes:

2.1 Personal Data You Provide

  • Account and Contact Information:
    First and last name, email address, phone number, company name, and company location.
  • Company Details:
    Information such as industry sector, company size, and the approximate number of scripts processed annually.
  • Content Submitted:
    Scripts and other materials you upload for analysis, which are processed temporarily and deleted immediately after analysis.
  • Communication Data:
    Information you provide in emails, support tickets, or other interactions with us, including inquiries, feedback, and complaints.

2.2 Data Collected Automatically

  • Log Data:
    IP address, browser type, operating system, time zone, access times, and pages viewed during your visit to our website.
  • Cookies and Similar Technologies:
    Data related to your browsing preferences and usage patterns. For more details, see our Cookie Policy.

2.3 Sensitive Data

We do not intentionally collect sensitive personal data, such as racial or ethnic origin, political opinions, religious beliefs, health data, or data from individuals under the age of 18.

3. How We Use Your Data

We use personal data to:

3.1 Provide Services

To process and analyze scripts securely and deliver actionable insights.

3.2 Communicate with You

To respond to inquiries, provide updates, and notify you about changes to our services or policies.

3.3 Improve Our Services

To analyze aggregated, anonymized usage data to enhance service performance and user experience.

3.4 Ensure Security

To monitor for fraud, unauthorized access, and other security risks.

3.5 Comply with Legal Obligations

To meet legal or regulatory requirements and respond to lawful requests.

4. Legal Bases for Processing Personal Data

For Users in the EU/EEA and UK (GDPR)

We process your personal data under the following legal bases:

  1. Contractual Necessity: To fulfill our obligations in delivering the services you request.
  2. Legitimate Interests: To improve and secure our platform, provided your rights and interests are not overridden.
  3. Consent: For optional purposes, such as sending promotional communications, when you provide explicit consent.

For Users in the U.S. (CCPA)

We process your personal data based on:

  1. Legitimate Business Purposes: For improving and securing our services.
  2. Consent: For marketing or data-sharing purposes, as required by law.

5. How We Share Your Data

We will never sell your personal data. However, we share data in specific circumstances:

5.1 Service Providers

OpenAI: Scripts are processed through OpenAI’s Enterprise API under strict contractual obligations. OpenAI does not retain your script content or use it for AI model training.

5.2 Legal Compliance

We may disclose personal data to comply with legal obligations, respond to lawful requests, or protect our rights, privacy, safety, or property.

5.3 Business Transfers

If Cinelytic is involved in a merger, acquisition, or sale, personal data may be transferred as part of the transaction, subject to confidentiality agreements.

6. International Data Transfers

6.1 Data Storage

All personal data is processed and stored in the United States.

6.2 Safeguards for International Transfers

For users in the EEA, UK, and Switzerland, we use:

  • Standard Contractual Clauses (SCCs): Ensuring lawful data transfers outside the EEA and UK.
  • Encryption and Access Controls: Protecting data during transfer and storage.

7. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy:

  • Scripts: Deleted from memory immediately after processing. OpenAi may save script data we pass to them for up to 30 days for legal, safety and security reasons.
  • Account Data: Retained during the term of your account and deleted upon request or account closure, unless required by law.

8. Your Rights

For Users in the EU/EEA and UK (GDPR)

  1. Right to Access: Request a copy of your personal data.
  2. Right to Rectification: Correct inaccurate or incomplete data.
  3. Right to Erasure: Request deletion of your data, subject to legal obligations.
  4. Right to Restrict Processing: Limit how we process your data.
  5. Right to Data Portability: Receive your data in a structured, machine-readable format.
  6. Right to Object: Object to processing based on legitimate interests.
  7. Right to Withdraw Consent:
  8. Revoke consent for data processing activities based on consent.

For Users in the U.S. (CCPA)

  1. Right to Know: Request details about data collection and processing activities.
  2. Right to Delete: Request deletion of your personal data.
  3. Right to Opt Out: Opt out of the sale of personal data (we do not sell personal data).

How to Exercise Your Rights

Contact us via email: contact@callaia.ai

We will respond within 30 days for GDPR requests and 45 days for CCPA requests.

9. Data Security

We implement robust security measures to protect your data:

  • Encryption: All data is encrypted during transmission (TLS 1.2+) and at rest.
  • Access Controls: Only authorized personnel can access personal data.

Despite these measures, no system is completely secure. We encourage you to use strong passwords and remain vigilant about phishing attempts.

Disclaimer

By using Cinelytic/Callaia you consent to this Privacy Policy and agree that Cinelytic, Inc., cannot be held reponsible for leaked data, or compromised access to your account, due to actions outside of our control (for example, from sharing a password, or from a successful phishing attempt against the user).

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance user experience, improve website performance, and analyze traffic. For more details, refer to our Cookie Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material updates will be communicated via email or website notices.

12. Contact Us

For questions, concerns, or complaints regarding this Privacy Policy, please contact:

Cinelytic, Inc.
Address: 9255 W. Sunset Boulevard, Suite 11, Los Angeles, CA, 90069.
Email: contact@callaia.ai