Privacy Policy

Last updated: May 9, 2026 · Effective: May 9, 2026 · Version 1.0

Plain-English version: Most of your work happens in your browser — your videos and transcripts stay on your device. When you sign in, we receive your email through Supabase. When you generate a transcript, your audio (not video) is sent to our server and forwarded to Deepgram. When you export complex projects or fall back from a local export, your video is briefly uploaded to our server and deleted right after. We don't sell anything to advertisers and we don't run analytics.

1. Who we are

Pluto World Captions ("we," "us," "Pluto World," "the Service") is a browser-based caption editor operated by Pluto World. You can reach us at plutoworld.ai@gmail.com.

2. What data we collect

We collect different categories of data depending on what you do with the Service.

2.1 If you sign in to the editor

Email address — required to sign in via magic link, or shared by Google/Apple if you use OAuth.
OAuth provider identifier — your Google or Apple user ID, if you sign in through them. Used only to recognize you across sessions.
Authentication session token — a JWT issued by Supabase, stored in your browser's local storage. Lets you stay signed in.

2.2 If you use the transcription feature

Audio extracted from your video — sent to our server as a 16 kHz mono WAV file. Our server forwards it to Deepgram (a US-based transcription provider) and returns word-level timestamps to your browser. We do not retain the audio after the response is sent. Your video itself is not transmitted.
Rate-limit metadata — your account ID and a request timestamp, kept in memory for 24 hours so we can enforce a 10-transcription-per-day limit. Not persisted.

2.3 If you export to video on our server

Most exports run entirely in your browser. For projects that require server-side rendering (certain advanced animations, or when an in-browser export fails) we will:

Upload your video file to our server temporarily.
Receive your project configuration — fonts, colors, timing, words, animation settings (a JSON blob).
Render the captioned output on our server using FFmpeg and Remotion.
Send the rendered MP4 back to your browser.
Delete every working file from disk as soon as the job completes, fails, or is cancelled. We do not keep your video, your audio, your transcripts, or your output beyond the lifetime of a single render job.

2.4 If you submit feedback on our homepage

Email address — only if you fill it in (it is optional).
Feedback message text — what you wrote.

2.5 Server logs

IP address and request metadata — recorded by our hosting provider (Railway) for security and rate-limiting purposes. Logs are typically retained for 7–14 days.

2.6 What we do NOT collect

We do not run analytics, telemetry, or behavioral tracking on the editor or this website.
We do not use third-party advertising networks, retargeting pixels, or marketing cookies.
We do not access videos, transcripts, or project files stored in your browser. We have no copy of them.
We do not collect your name, address, phone number, age, gender, or payment information.

3. Why we collect each thing

Data	Purpose	Legal basis (GDPR)
Email + OAuth ID	To authenticate you and let you use the editor	Contract
Audio for transcription	To generate captions you requested	Contract
Video for server-side export	To render the output you requested	Contract
Rate-limit counters	Service stability, abuse prevention	Legitimate interest
Feedback form data	To respond to you and improve the product	Consent
Server logs / IP	Security, debugging, abuse investigation	Legitimate interest

4. Where your data is stored, and for how long

Data	Where it lives	How long
Source video file	Your browser (OPFS or IndexedDB)	Until you upload a new video or clear browser storage
Transcript + project state	Your browser (`localStorage`, key `plutoworld_state`)	Until you clear it
Auth session token	Your browser (Supabase default storage)	Until you sign out or the token expires
Account email + ID	Supabase (US/EU regions)	Until you ask us to delete it
Audio sent for transcription	Held in memory on our server during the request only	Discarded immediately after Deepgram responds
Video sent for server-side export	OS temporary directory on our render host	Deleted at end of render (success, failure, or cancel)
Feedback form submissions	Our backend mailbox	Until you ask us to delete it
Server logs	Railway log retention	7–14 days, then auto-purged

5. Third parties we share data with

We try to keep this list minimal. Each provider only receives the data they need to do their job.

Provider	What they receive	Why
Supabase (auth + database)	Email, OAuth ID, JWT session	To authenticate you. Supabase privacy
Deepgram (transcription)	The audio extracted from your video, for the duration of the transcription request	To generate word-level timestamps. Deepgram privacy
Google OAuth (if you sign in with Google)	The fact that you signed into Pluto World	To verify your Google identity. Google privacy
Apple Sign in (if you sign in with Apple)	The fact that you signed into Pluto World	To verify your Apple identity. Apple privacy
Railway (server hosting)	Everything that touches the server (audio, video uploads, request metadata, IPs)	To run our backend. Railway privacy
Google Fonts	Your IP, when fonts load	To serve the typefaces used on the site. Google privacy
Adobe Typekit	Your IP, when fonts load	To serve the brand display font. Adobe privacy

We do not sell your data. We do not share data with third parties for advertising or marketing.

6. International data transfers

Some of our providers (Deepgram, Supabase, Railway, Google, Apple, Adobe) operate primarily in the United States. If you are in the European Economic Area, the United Kingdom, or Switzerland, your data may be transferred to and processed in the US under the relevant Standard Contractual Clauses or equivalent safeguards each provider maintains.

7. Cookies and local storage

We do not use cookies for tracking or advertising. We do use the following browser storage:

localStorage — to keep you signed in (Supabase token), to remember your project state across reloads (plutoworld_state), and to bridge an OAuth redirect when you sign in mid-action (plutoworld_pending_action, cleared immediately after).
OPFS / IndexedDB — to store your uploaded video file efficiently. Never leaves your device.

You can clear all of this at any time from your browser settings.

8. Your rights

Wherever you are in the world, you can:

Access — ask us what data we have on you.
Correct — ask us to fix anything that is wrong.
Delete — ask us to remove your account and any associated data.
Export — ask us for a copy of your data in a portable format.
Object — tell us to stop processing your data.
Withdraw consent — for anything we process on the basis of consent (e.g. the feedback form).

To exercise any of these rights, email plutoworld.ai@gmail.com from the email address on your account. We respond within 30 days.

If you are in the EEA/UK and believe we have not handled your data correctly, you also have the right to lodge a complaint with your local supervisory authority.

9. Children

Pluto World Captions is not intended for users under 13. We do not knowingly collect data from children. If you believe a child has submitted data to us, contact us and we will delete it.

10. Security

We use HTTPS for all traffic between your browser and our server. Authentication is handled by Supabase using industry-standard JWT tokens. Server-side video files live on disk only during the render and are deleted immediately afterward, even on failure or cancellation. We limit internal access to data on a need-to-know basis.

No system is perfectly secure. If we ever discover a breach affecting your data, we will notify you within 72 hours of becoming aware of it.

11. Changes to this policy

We will update this page when our practices change and update the "Last updated" date at the top. Material changes (new third parties, new data categories, expanded purposes) will be communicated by email if you have an account or have subscribed to our changelog.

12. Contact

For privacy questions, data requests, or anything else covered by this policy: plutoworld.ai@gmail.com

Note: This is a v1 baseline policy that reflects how Pluto World Captions currently works. Before public launch — especially before any regulated launch (EU/UK/California) or before introducing paid plans — please have it reviewed by counsel. If your service architecture changes (new third parties, new data categories, payment processing, mobile app), this document needs to change with it.