Overview
This document sets out the privacy practices of Viora AI ("Viora AI", "we", "our", or "us") regarding personal information processed when you install, access, browse, or otherwise interact with the Viora AI application and any associated features (together, the "Service").
Read this policy together with our Terms of Service. Continuing to use Viora AI signals your acceptance of the practices summarized below — if those practices do not work for you, please refrain from using the Service.
Wherever this document mentions "personal information", we mean any information that, alone or in combination with other data, can be reasonably linked to an identifiable individual, in line with the data-protection laws that apply to you.
Categories of Information We Collect
The information we hold about you can reach us in three ways:
- You hand it to us directly — for instance, by signing up, contacting support, or uploading content;
- It is generated automatically as you move through the Service;
- It comes from trusted partners (analytics vendors, infrastructure providers, attribution platforms) acting under our instructions.
The exact types of information involved depend on the surfaces you use (app vs. web), the features you activate, and the jurisdiction you are in. Broadly, this can include account credentials, transaction metadata, behavioral signals, device identifiers, and information from any third-party sign-in service you choose to connect — each described in the sections that follow.
Information You Share Directly
Depending on how you interact with Viora AI, you may voluntarily provide the following:
- Media you upload. Photos, images, and videos submitted to Viora AI are processed strictly to power the feature you triggered (e.g. generating an output, applying a template).
- Gender preference. Some generation flows ask you to indicate a target gender (Female / Male / Other). The choice is used only to tailor the result and is never used to identify, classify, or profile you.
- Support correspondence. If you write in, we may receive your name, email address, and the contents of your message so we can investigate and reply.
- Account details. Registering for Viora AI may involve providing an email address; we then assign an internal identifier for the purpose of managing your account on our backend.
- Purchase & subscription metadata. When you buy a plan or a one-off product, we capture limited transaction signals — subscription tier, status, transaction ID, and related receipt URLs. The actual card or bank details never reach us: those are handled by the platform through which you completed the purchase.
- Anything else you choose to provide. Optional fields, feedback, and other data you elect to share while using Viora AI.
Image, Face & AI-Generation Data
What we touch in your visual uploads
Whenever you feed images, videos, or other visual material into Viora AI — some of which may show people — those inputs flow through the Service so that we can return the AI-generated video, image, or other visual artifact you asked for. Producing that artifact almost always requires a few rounds of automated computer-vision work on your upload: spotting faces in a frame, locating the main subject, reading pose, evaluating composition, and inspecting other visual cues as needed.
This vision work is wired only to the creation you actively kicked off — animating a still photo, building motion between a first and a last frame, running a template, going from text to image, transforming one image into another, or any other AI creation tool in the App. It is never repurposed for figuring out who you are, confirming your identity, monitoring you, profiling you, targeting ads, or assembling a biometric record.
Where Viora AI stands on faces & biometrics
Viora AI is an app for AI-generated video and imagery. Submitting photos that include a person — for example, a portrait you want to animate — is a normal part of how you'd use it.
To produce convincing video effects and keep someone's appearance stable from frame to frame, scene to scene, or template to template, we may carry out a narrow slice of technical inspection on the content you provide — for instance, checking whether a particular image actually contains a face or a human subject. Anything we look at is in service of the result you requested: bringing a still image to life, applying a template style, or holding a character's look consistent through a generated clip.
Facial information is not used to recognize you, log you in, or verify your identity. It is not used for surveillance, behavioral tracking, advertising, audience profiling, or any biometric-style analysis.
We do not assemble, persist, or hold on file any face template, facial-geometry signature, biometric identifier, or comparable record that could be tied back to an individual.
Third-party AI providers in the loop
Some of the heavy lifting behind AI generation and the safety review that wraps it sits outside Viora AI's own infrastructure. When you trigger a creation, the material you've voluntarily provided — images, videos, text prompts, generation parameters, template selections, task metadata, and the technical signals needed to run the job — may travel to our backend and onward to selected third-party AI providers.
The current roster of third-party AI providers we may draw on includes:
- OpenAI — content-safety moderation plus text- and image-related AI processing;
- Alibaba Cloud Model Studio — AI generation of videos, images, and related outputs;
- Google Gemini / Google AI — large language model–based processing;
- xAI / Grok — large language model–based processing.
These providers only handle whatever is necessary to complete the AI generation, safety review, or adjacent task you triggered. None of them is authorized — and we do not request them — to apply your uploaded images, videos, facial information, or any derived analysis to identity recognition, identity verification, monitoring, tracking, advertising targeting, the building of facial-recognition databases, or biometric profiling.
For their stated positions on faces, biometrics, data use, retention, model training, and security, see each provider's official documentation:
- OpenAI — "Respect privacy" inside Usage Policies (open ↗); "Our commitments" and "Model training FAQ" inside Enterprise Privacy at OpenAI (open ↗).
- Alibaba Cloud Model Studio — "Privacy protection" inside Security certifications and privacy (open ↗).
- Google Gemini / Google AI — Section 1 of the Generative AI Prohibited Use Policy, "Do not engage in dangerous or illegal activities…" (open ↗); "How We Handle Data" inside Gemini API Abuse Monitoring (open ↗).
- xAI / Grok — Sections 2 ("Personal information we collect") and 3 ("How we may use personal information") of the Privacy Policy (open ↗).
No matter which third-party provider sits behind a given request, your uploaded images, videos, facial information, and any derived facial-analysis output are not sold or rented. And without your clear, explicit consent, none of those uploads will be used to train Viora AI's own machine learning models.
Retention of image & face data
Uploaded images, videos, text prompts, generation parameters, generated results, and the task records that accompany them are kept only for the period the Service genuinely needs them.
Facial-analysis records, biometric templates, and facial-geometry signatures that could identify someone are not stored. Any short-lived face-related visual information consulted while a job is running is discarded — or simply never retained — once the generation task finishes.
Your uploads, their generated outputs, and the corresponding task data may, however, sit on our systems for a reasonable window so we can show you the result, support history and re-access, defend the Service against abuse, run content moderation, debug errors, respond to your requests, and meet legal obligations we are subject to. If you would like related data deleted, you can reach us through the channels listed at the end of this policy.
Hard limits on use
Your uploaded images, videos, facial information, and any derived facial-analysis output are not sold or rented to anyone.
None of that material is repurposed for identity verification, authentication, monitoring, behavioral tracking, advertising targeting, or constructing biometric profiles.
Without your explicit consent, your uploaded images, videos, and facial information are not fed into the training of any machine learning model Viora AI operates.
Content safety & reporting tools
Automated safety checks help us spot — and intercept — generation requests or outputs that could breach our Terms of Service, including nudity, violence, unlawful material, or other inappropriate content. Template and result pages each carry a clearly visible Report control, so anything problematic can be flagged for review.
When our systems flag a generation request or its result as a Terms violation, you may see an in-app notice, the generation may be blocked or the result withheld, and, where appropriate, the Coins consumed for that attempt may be returned to your balance.
Information Gathered Automatically
While you use Viora AI, certain information about your device and your activity is captured in the background — subject, where required, to your prior consent:
Technical & usage signals
- Device-level technical details — IP address, device model and OS, language settings, network type, and similar identifiers;
- Behavioral signals within the Service — which features you tap into, how often, and when (timestamps);
- The version of the App you are running and the storefront region tied to your account.
Subscription & purchase signals
- Subscription state and limited purchase metadata — never full payment-card numbers.
Payment capture itself happens entirely on the platform you bought through. Full card details never reach Viora AI's systems.
Advertising & attribution identifiers
- Identifiers such as Apple's IDFA / IDFV, Google's Advertising ID (GAID), UUIDs, and similar device-scoped IDs — collected where your device and applicable law permit it.
You can step out of this at any time through your device settings:
- iOS: Settings → Privacy & Security → Tracking
- Android: Settings → Privacy → Ads (or Google Settings → Ads → Delete advertising ID)
Opting out does not block all attribution data — we may still receive aggregate, non-identifying figures.
Diagnostic & performance signals
- Crash logs, error traces, timestamps, and performance metrics gathered to keep the Service stable, secure, and improving.
Device & browser permissions
Depending on which features you reach for and how your environment is configured, Viora AI may ask for:
- Photo / media library access — needed when you want to pick existing images or videos to feed into the Service;
- Camera access — for capturing fresh content from inside the App;
- Notification permission — used for service-related alerts and subscription updates;
- Tracking permission (IDFA on iOS, Advertising ID on Android) — only where required and only with your consent, for attribution and measurement.
These permissions are yours to grant, change, or revoke at any time from your device settings. Bear in mind that denying some of them may switch off the features that rely on them.
Why We Process Your Information
Purposes
Within the limits set by applicable law, we use personal information to:
- Operate Viora AI and deliver its features to you;
- Carry out the generation requests you submit and return the content you asked for;
- Respond to your questions and provide customer support;
- Measure usage patterns and improve performance, reliability, and product design;
- Protect the Service against fraud, abuse, and security incidents;
- Meet our legal obligations and enforce our Terms of Service;
- Pursue any other purpose we disclosed at the moment of collection or that you separately consented to.
Legal grounds
Where the law requires us to identify a legal basis, we rely on one or more of the following:
- Contractual necessity — the processing is required to deliver the Service to you;
- Your consent, when we have asked for and obtained it;
- Our legitimate interests, balanced against your rights and freedoms;
- Compliance with a legal obligation we are subject to.
When We Share Information
Sharing happens only where it is lawful, proportionate, and aligned with the purposes set out in this policy.
Vendors & processors
We work with carefully selected third parties who help us run, support, and improve Viora AI. These vendors act on our instructions, are bound by confidentiality and data-protection contracts, and may only use the information for the specific tasks we assign them. Typical categories include:
- Product analytics and measurement platforms;
- Attribution and ad-measurement providers;
- Cloud hosting, storage, and computing infrastructure;
- Authentication and identity management providers;
- Crash-reporting and stability monitoring tools;
- Customer-support and communications platforms.
Legal & regulatory disclosures
We may disclose information in good faith where reasonably necessary to:
- Comply with applicable laws, court orders, regulatory requirements, or lawful government requests;
- Enforce our Terms of Service or other agreements with users;
- Investigate or prevent fraud, security incidents, or other technical issues;
- Defend the rights, property, or safety of our users, our team, or the public, as permitted or required by law.
Corporate events
If Viora AI is ever involved in a merger, acquisition, restructuring, insolvency, or asset sale, personal information may be transferred as part of that transaction. Where the law requires it, we will give you notice and ensure equivalent protections continue to apply.
Cookies, SDKs & Similar Tools
Like most digital services, Viora AI and its partners rely on cookies, SDKs, and other comparable technologies to understand how the Service is used. These tools support core functionality, help us analyze performance, and — where lawful — enable advertising and measurement.
The technologies in play generally fall into three buckets: strictly functional ones (without which the Service cannot run), measurement and analytics ones, and marketing/attribution ones that operate only where applicable law allows.
You can manage these preferences through your device's tracking settings. Switching off particular technologies may reduce the functionality available to you.
Some browsers transmit a "Do Not Track" signal. Because the industry has not converged on a single way to interpret these signals, Viora AI does not currently respond to them.
Safeguards, Storage & Deletion
Security posture
Viora AI applies reasonable technical and organizational safeguards to defend personal information against unauthorized access, accidental loss, misuse, or alteration. Even so, no system is bulletproof, so we cannot guarantee perfect security in all circumstances.
How long we keep things
Personal information stays in our systems only as long as we genuinely need it — to provide the Service, comply with legal duties, resolve disputes, and enforce our agreements. Retention varies by data type and purpose. If you delete your account or send us a valid erasure request, we will remove or anonymize your data unless the law requires us to keep it.
Deleting your account
You may delete your Viora AI account at any time from the Account section of the Service. Doing so permanently removes your personal information, subject to legal retention rules. Heads-up: deleting your account does not automatically terminate active subscriptions purchased through Apple App Store or Google Play.
To avoid being billed again, cancel your subscription at the source before deleting your account:
- Apple App Store: manage subscriptions via your Apple ID settings;
- Google Play: manage via the Google Play app or your Google account.
Once an account is deleted, any unused in-app entitlements — leftover subscription time, unspent Coins, etc. — are forfeited and cannot be restored. Cash refunds for unused balances are not provided after deletion, except where the law requires otherwise. Refund requests must go to the platform where the purchase was made (Apple or Google Play).
Children & Minors
Viora AI is not designed for, nor directed at, individuals below the minimum age set by their local law (generally 18). We do not knowingly collect personal information from anyone under 18. If you have reason to believe a minor has supplied information to us, please get in touch so we can investigate and, where appropriate, delete it.
External Services We Rely On
Keeping Viora AI live, secure, and useful depends on a constellation of third-party SDKs, APIs, and infrastructure providers (our "External Services"). They are what makes it possible for us to run, analyze, and steadily improve the product — and they also power the parts of the experience that touch AI generation, content-safety moderation, account sign-in, purchase verification, crash analytics, marketing attribution, and customer support.
Where these providers process personal information, they do so under our direction and only to the extent that the underlying service genuinely requires. We expect them — and contractually require them where appropriate — to maintain reasonable confidentiality, security, and data-protection standards.
The kinds of External Services that may be involved span:
- AI-driven content generation;
- AI-driven content safety and moderation;
- Cloud hosting, compute, and data storage;
- Account sign-in and identity management;
- App-stability, crash analytics, and diagnostic tooling;
- Product analytics, measurement, and attribution.
The specific External Services currently active are listed below — each entry names the provider, what it does for Viora AI, and a direct jump to the relevant policy:
- OpenAI — content-safety moderation and related AI processing. read their privacy policy ↗
- Alibaba Cloud Model Studio — AI video, image, and related generation processing. read their privacy policy ↗ · Model Studio privacy & security notice ↗
- Google Gemini / Google AI — large language model–based processing. read their privacy policy ↗ · Gemini privacy notice ↗
- xAI / Grok — large language model–based processing. read their privacy policy ↗
- Google Sign-In — account sign-in. read their privacy policy ↗
- Google Firebase — app infrastructure, analytics, crash diagnostics, and related services. read their privacy policy ↗
- Adjust — advertising attribution and performance measurement. read their privacy policy ↗
The independent privacy practices of these External Services sit outside Viora AI's control. We recommend reviewing the linked policies to see how each provider handles your data. This list is refreshed over time so it stays aligned with which External Services Viora AI actually depends on.
Users in the EEA, UK & Switzerland
If you are based in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR), the UK GDPR, and the Swiss Federal Act on Data Protection govern how we handle your information.
Legal bases we rely on
For each processing activity, we rely on at least one of the following:
- Contractual necessity — to deliver the Service you signed up for;
- Your consent, when sought and given;
- Our legitimate interests, where those interests are not overridden by your rights and freedoms;
- Compliance with a legal obligation.
Rights available to you
Subject to the limits of applicable law, you may:
- Request access to the personal information we hold about you;
- Ask us to correct inaccurate or incomplete data;
- Request deletion (erasure) of your data;
- Restrict or object to certain types of processing;
- Receive your data in a portable, machine-readable format;
- Withdraw consent at any time, where consent is the basis for processing.
To exercise any of these rights, reach us via the contact details at the end of this policy. You also have the right to file a complaint with the data-protection authority in your jurisdiction.
California Residents (CCPA / CPRA)
If you live in California, the California Consumer Privacy Act (CCPA), as updated by the California Privacy Rights Act (CPRA), grants you a specific set of rights over your personal information.
Categories collected
The categories of personal information we collect are those described elsewhere in this policy, used for the purposes described above.
Your rights
To the extent permitted by law, California residents may:
- Know what personal information we collect, use, disclose, and share;
- Request that we delete personal information, subject to legal exceptions;
- Request that we correct inaccurate personal information;
- Opt out of any "sale" or "sharing" of personal information for cross-context behavioral advertising, where applicable;
- Not be treated differently for exercising any of the above rights.
"Do Not Sell or Share My Information"
Where the law applies, you may opt out of having your personal information sold or shared for targeted or cross-context behavioral advertising.
Authorized agents
California residents may appoint an authorized agent to submit requests on their behalf. We will need to verify the agent's authority and, in some cases, your identity, before we can act.
To exercise any CCPA/CPRA right, contact us using the details in the final section. We may need to confirm your identity before fulfilling the request.
Revisions to This Policy
We may update this Privacy Policy from time to time. When changes materially affect your rights, we will provide a notice or seek your consent, as the law in your jurisdiction requires. The updated version takes effect from the "Effective" date shown at the top of this document.
Get in Touch
Questions about this policy?
If anything in this policy is unclear, or if you'd like to exercise any of the rights described above, our privacy team is happy to help.
Email: help@vior-ai.com