Privacy Policy
Effective date: 18 April 2026 · Last updated: 18 April 2026
Chitravan Technologies ("Company", "we", "us", or "our") operates Chitravan Studio. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By using the Service, you consent to the practices described herein.
1. Information We Collect
1.1 Information you provide
- Account data: email address, display name, profile picture (when signing in via Google).
- Payment data: payment method details are processed directly by Razorpay. We store only the transaction ID and amount — never your card or UPI details.
- User-generated content: prompts, scripts, scene plans, episode metadata, and other project data you create within the Service.
- User-uploaded assets: audio files, keyframe images, video clips, and character/avatar reference images that you explicitly upload to a project. These are validated for file type and size, stored on our object storage (Amazon S3), and used only to produce your own generations.
- Support conversations: if you use the in-app support chat (powered by Crisp), the messages and any attachments you send are processed by Crisp on our behalf.
1.2 Information collected automatically
- Usage data: pages visited, features used, generation requests made, credit transactions.
- Device & log data: IP address, browser type, operating system, timestamps of actions.
- Approximate location: our CDN (Amazon CloudFront) appends a two-letter country code derived from your IP so we can show prices in your local currency (INR for users in India, USD otherwise). We do not store precise location.
- Cookies & local storage: session tokens and theme preferences stored locally in your browser.
2. How We Use Your Information
- To create and manage your account and authenticate your sessions.
- To process credit purchases and track credit usage.
- To provide, operate, and improve the AI generation features of the Service.
- To send transactional emails (account confirmation, password reset, purchase receipts).
- To detect and prevent fraud, abuse, and violations of our Terms of Service.
- To analyse aggregate, anonymised usage patterns to improve the platform.
- To respond to your support requests.
We do not sell your personal data to third parties.
3. Third-Party Service Providers
To deliver the Service, we work with the following trusted third-party processors. Each is given access only to the data necessary to perform its specific function and is bound by appropriate data processing agreements. We do not sell your data to any third party.
- Amazon Web Services (AWS): cloud hosting, object storage (S3), CDN (CloudFront), secrets management.
- Google: sign-in via OAuth.
- Razorpay: payment processing for credit purchases.
- Anthropic (Claude): large-language-model inference for scripts, scoring, and recommendations.
- AI generation providers: image, video, and voiceover generation services.
- Crisp: in-app support chat widget.
- Pixabay: royalty-free curated music library for background tracks.
4. Data Retention
- Account data is retained for as long as your account is active.
- Generated media files and user-uploaded assets (audio, images, clips, video) are stored on Amazon S3. You may delete projects at any time from your account.
- Payment transaction records are retained for 7 years as required by Indian accounting law.
- Log data (IP addresses, request metadata) is retained for up to 90 days.
- Support chat transcripts are retained by Crisp according to its own retention policy; we do not control Crisp's retention.
5. Data Security
We implement industry-standard security measures including HTTPS/TLS 1.2+ encryption in transit, encryption at rest for sensitive data (S3 objects with AES-256 SSE), role-based access control on all internal systems, and regular security reviews. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.
6. Your Rights
Under applicable Indian law (Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023), you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate data.
- Erasure: Request deletion of your account and associated personal data (subject to legal retention obligations).
- Revoke third-party access: You may revoke Google sign-in access from your Google Account permissions page at any time.
- Grievance redressal: Lodge a complaint with our Grievance Officer (see Section 9).
To exercise any of these rights, contact us at support@chitravan.co.in.
7. Cookies
We use session cookies (required for authentication) and local storage for theme preferences. We do not use third-party advertising cookies or tracking pixels. You can disable cookies in your browser settings, but this will prevent you from signing in.
8. Children's Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.
9. Grievance Officer
In accordance with the Information Technology Act, 2000, the name and contact details of our Grievance Officer are:
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or a prominent banner on the Service. Your continued use after the effective date of changes constitutes acceptance.