Privacy Policy
Last updated: 16 June 2026 · Effective date: 16 June 2026
This Privacy Policy explains how your personal data is collected, used, shared and protected when you use the Reelift mobile application (the "App") and the website at reelift.netlify.app (the "Site", together the "Service"). It is written to comply with Regulation (EU) 2016/679 (the General Data Protection Regulation, "GDPR") and the Swedish Data Protection Act (lag (2018:218) med kompletterande bestämmelser till EU:s dataskyddsförordning).
Contents
- Who we are (the data controller)
- What data we process
- Why we process it & legal bases
- Who we share it with
- International data transfers
- How long we keep it
- Your rights under the GDPR
- How we protect your data
- Automated processing & AI
- Children
- Website & cookies
- Changes to this policy
- Contact & complaints
1. Who we are (the data controller)
Reelift is operated and published by an independent individual developer (a sole trader / private individual) established in Sweden ("the Developer", "we", "us", "our"). The Developer is the data controller responsible for your personal data under the GDPR.
We have not appointed a Data Protection Officer, as we are not legally required to do so. For any question about this policy or your personal data, including a request for the controller's full legal identity, you can reach us at:
Email: reelift@outlook.com
2. What data we process
We deliberately collect as little as possible. You do not create a named account, and we do not request your name, email address, phone number, or social-media credentials in order to use the App.
2.1 Content you provide
- Video files you upload for analysis (compressed on your device before upload).
- Audio and speech contained in those videos, which is transcribed to a word-level transcript to assess pacing, clarity and filler words.
- Frames / keyframes automatically extracted from your video, and on-screen text read from those frames.
- Onboarding answers, such as your platform (TikTok / Reels / Shorts), experience level, content niches and growth goal, used to tailor feedback.
- Performance figures you optionally type in (e.g. views, likes), which are currently stored only on your device.
2.2 Data generated by using the App
- A device identifier ("device ID") generated by the App and stored securely on your device, plus an anonymous authentication ID issued by our backend. These tie your projects to your device without identifying you personally.
- Analysis output — scores, dimension breakdowns, timestamped findings, transcripts, suggested captions, hashtags and cover frames, and version history.
- Push notification token (if you allow notifications), so we can tell you when an analysis is ready.
2.3 Subscription & technical data
- Purchase & subscription status — whether you are on a free, weekly or yearly plan, trial state and renewal/expiry dates. Payment itself is handled by Apple; we never receive your full card or bank details.
- Technical & diagnostic data — limited device/OS information and error logs needed to operate the Service, prevent abuse and fix bugs.
3. Why we process it & legal bases
| Purpose | Data used | Legal basis (GDPR Art. 6) |
|---|---|---|
| Analyzing your video and producing scores, findings and fixes | Video, audio, frames, on-screen text, onboarding answers | Performance of a contract — Art. 6(1)(b) |
| Storing your analysis history and version comparisons | Analysis output, device ID | Performance of a contract — Art. 6(1)(b) |
| Managing your subscription, trial and entitlements | Purchase/subscription status, device ID | Performance of a contract — Art. 6(1)(b) |
| Sending you a notification when an analysis is ready, and habit reminders | Push token | Consent — Art. 6(1)(a) (you grant the OS notification permission) |
| Securing the Service, preventing fraud/abuse and debugging | Device ID, technical/diagnostic data | Legitimate interests — Art. 6(1)(f) |
| Maintaining accounting records for purchases | Subscription/transaction records | Legal obligation — Art. 6(1)(c) (Swedish Bookkeeping Act) |
| Improving accuracy and quality of the Service | Aggregated/de-identified analysis data | Legitimate interests — Art. 6(1)(f) |
Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms. You may object to such processing at any time (see Section 7).
4. Who we share it with
We do not sell your personal data and we do not share it for third-party advertising. We use a small number of carefully selected data processors who process data only on our instructions and under data-processing agreements:
| Processor | Role | What it processes |
|---|---|---|
| Google (Firebase) | Cloud hosting: anonymous authentication, database, file storage, serverless functions, push messaging | Device ID, uploaded videos, frames, analysis output, push token |
| OpenAI | AI model provider for visual/text analysis and fix generation | Extracted frames, transcript and metrics for the clip being analyzed |
| ElevenLabs | Speech-to-text transcription | The audio extracted from your video |
| RevenueCat | Subscription & in-app-purchase management | Purchase events, subscription status, device ID |
| Apple | App distribution, payment processing for in-app purchases, push delivery | Payment data (held by Apple), purchase receipts, push delivery |
We may also disclose data where required by law, court order or a valid request from a public authority, or where necessary to establish, exercise or defend legal claims.
5. International data transfers
Some of our processors (notably OpenAI, ElevenLabs, RevenueCat and parts of Google/Apple infrastructure) are based in or transfer data to the United States or other countries outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we rely on appropriate safeguards under Chapter V of the GDPR, in particular the European Commission's Standard Contractual Clauses (SCCs) and, where applicable, the processor's certification under the EU–U.S. Data Privacy Framework. You may request a copy of the relevant safeguards by contacting us.
6. How long we keep it
- Uploaded video files are automatically deleted from storage 30 days after upload.
- Analysis results (scores, findings, transcripts, suggested assets and version history) are kept while your data remains in your library, so you can compare versions, until you delete the project or request erasure.
- Device ID and subscription status are kept while you use the Service.
- Accounting records relating to purchases are retained for as long as required by Swedish law (generally up to seven years under the Bookkeeping Act, bokföringslagen (1999:1078)).
- Diagnostic logs are kept only as long as needed for security and troubleshooting.
7. Your rights under the GDPR
Subject to the conditions in the GDPR, you have the right to:
- Access — obtain confirmation of, and a copy of, the personal data we hold about you (Art. 15).
- Rectification — have inaccurate or incomplete data corrected (Art. 16).
- Erasure — have your data deleted ("right to be forgotten") (Art. 17). You can also delete projects directly in the App.
- Restriction — restrict processing in certain circumstances (Art. 18).
- Data portability — receive your data in a structured, commonly used, machine-readable format (Art. 20).
- Object — object to processing based on legitimate interests (Art. 21).
- Withdraw consent — where processing is based on consent (e.g. notifications), withdraw it at any time, without affecting prior lawful processing.
To exercise any of these rights, email reelift@outlook.com. Because you use the App without giving us your name, please contact us from the device you use Reelift on or be ready to help us identify your data (e.g. your device ID), so we can locate the right records and protect against unauthorized requests. We will respond within one month, as required by the GDPR. Exercising your rights is free of charge unless requests are manifestly unfounded or excessive.
8. How we protect your data
We apply technical and organizational measures appropriate to the risk, including: encryption in transit (HTTPS/TLS), encryption at rest on our cloud infrastructure, strict per-device access rules enforced at the database level so that you can only access your own projects, the principle of data minimization, and limiting access to processors bound by contractual confidentiality and security obligations. No method of transmission or storage is completely secure, but we work to protect your data using industry-standard practices.
9. Automated processing & AI
The core of Reelift is automated: AI models analyze your video and generate scores, predicted performance metrics, findings and suggested fixes. This processing is advisory only. The scores and predicted metrics are data-driven estimates to help you improve your content — not guarantees of any outcome — and they do not produce legal or similarly significant effects on you within the meaning of Article 22 of the GDPR. You remain free to accept, ignore or modify any suggestion. AI output may contain errors or omissions — please use your own judgment.
10. Children
Reelift is not directed at children. You must be at least 13 years old to use the Service (the age of digital consent in Sweden), and if you are under 18 you should only make purchases with the consent of a parent or legal guardian. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, contact us and we will delete it.
11. Website & cookies
The marketing website at reelift.netlify.app is a static site. It does not set advertising or tracking cookies and does not build a profile of you. The site loads a web font from Google Fonts and is served via our hosting provider (Netlify), which may process limited technical request data (such as IP address) to deliver and secure the site. The App itself does not use web cookies.
12. Changes to this policy
We may update this Privacy Policy from time to time, for example to reflect changes to the Service or the law. When we do, we will update the "Last updated" date above and, where changes are material, we will provide a more prominent notice. Your continued use of the Service after an update constitutes acceptance of the revised policy.
13. Contact & complaints
If you have any questions, requests or concerns about this policy or your personal data, please contact us first so we can help:
Email: reelift@outlook.com
You also have the right to lodge a complaint with a supervisory authority. In Sweden, this is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) — www.imy.se. You may also contact the supervisory authority in your EU/EEA country of residence.