Privacy

Last updated: 21 May 2026

SemiReal

LEGAL NOTICE

SemiReal, Inc., a Delaware corporation (SemiReal, we, us, our), operates semireal.app and the SemiReal interactive video engine and platform. This Privacy Policy explains what personal data we collect, why, how we use it, who we share it with, and the rights you have over it.

SemiReal is intended for users aged 16 and over. Please do not register an account or use the service if you are under 16.

By using SemiReal you agree to this Policy.

1. WHAT PERSONAL DATA WE COLLECT
1. When you create an account (via email/password, Google, or Apple) we collect: your email address (Apple users may provide a private-relay email); your name; your profile photo URL if your auth provider passes one; marketing attribution from the URL you arrived from; and your IP address and browser User-Agent string.
2. When you edit your profile we store: display name, bio, website URL, and avatar image.
3. When you create or publish interactive video projects we store: video, audio, and image files you upload; project configuration data; voice samples you upload for AI voice cloning (see paragraph 4 below); face images you upload for AI characters (see paragraph 4 below); and text prompts and character descriptions for AI characters.
4. When you play projects others have published we store your interactions (clicks, scenes visited, items collected, scores). We do not record your microphone audio or store your conversations with AI characters — see paragraph 4 below.
5. When you buy a paid plan, Stripe handles your payment. We never see your full card number. We store the Stripe checkout session ID, the purchase date, and the fact that you are licensed.
6. We log server-side events (sign-ins, errors, account-deletion steps), including the IP address used for the request.
2. HOW WE USE YOUR INFORMATION
1. To create and operate your account and to deliver the SemiReal service.
2. To enable interactive video features (AI characters, scoring, leaderboards, voice and face cloning).
3. To process payments via Stripe.
4. To send transactional email (password resets) via Firebase.
5. To detect, prevent, and respond to abuse, fraud, and security incidents, and to improve the service.
6. To advertise SemiReal to potential users via Meta and Google ads.
3. WHO WE SHARE YOUR INFORMATION WITH
1. Firebase and Google — account authentication, password reset emails, error logging. Data: auth credentials and email.
2. Google Cloud — backend hosting and database. Data: all data you submit.
3. Cloudflare R2 — storage of your uploaded media. Data: videos, audio, images, configs, avatar, face previews.
4. Stripe — payment processing. Data: your email and payment details (entered directly with Stripe).
5. Google Analytics 4 (production only) — web traffic and conversion analytics. Data: standard GA4 events.
6. Meta Pixel and Meta Conversions API (production only) — conversion tracking for Meta ads. Data: page views, signups, project plays, checkout events, purchases, IP address, User-Agent, hashed email, and Meta cookies.
7. ElevenLabs — AI voice cloning and text-to-speech. Data: audio you upload for cloning (not retained by us after the API call), and text strings for synthesis.
8. AWS Bedrock (Anthropic Claude) — AI character conversations. Data: conversation transcripts and the character system prompt.
9. Simli — real-time AI avatar and face animation. Data: face images you upload, audio stream from ElevenLabs TTS, and the face ID.
10. We do not sell your personal information.
4. AI FEATURES — WHAT WE RETAIN AND WHAT WE DO NOT
1. Voice cloning. When you clone a voice, the audio you upload is buffered in memory, sent to ElevenLabs, and discarded. We do not retain the source audio. ElevenLabs returns a voice ID; we store the ID and a single TTS preview clip in our storage. The cloned voice itself lives on ElevenLabs' infrastructure. You can delete a cloned voice at any time from the editor; this removes the voice from ElevenLabs, the preview from our storage, and the record from our database.
2. Face cloning. When you upload a face image for an AI character, we send it to Simli's API and also store the original image in our storage as a preview thumbnail. The animation model itself lives on Simli's infrastructure. You can delete a face at any time, which removes Simli's copies and our preview.
3. AI character conversations (tap-to-talk). Speech recognition runs entirely in your browser. The audio captured by your microphone never leaves your device. Only the resulting text transcript is sent to our backend, which forwards it to AWS Bedrock and ElevenLabs as described in paragraph 3. We do not save your microphone audio, your transcripts, or your conversation history. Each session is stateless and lost on reload.
5. COOKIES AND TRACKING
1. A session cookie — HttpOnly, Secure, SameSite=Lax. Required to keep you signed in.
2. Meta Pixel cookies (_fbp, _fbc) — set by Meta's Pixel script for ad attribution. Production only.
3. Google Analytics 4 cookies — set by GA4 for traffic analytics. Production only.
6. DATA RETENTION
1. Account data: retained while your account is active. You can delete your account at any time from settings; deletion is immediate and irreversible.
2. Voice and face previews: retained until you delete them.
3. AI conversation logs: not retained — see paragraph 4 above.
4. Server logs and routine backups: retained for limited periods.
5. Stripe records: retained per Stripe's own retention policy for tax and accounting compliance.
7. YOUR RIGHTS
1. Regardless of where you live, you have the right to: access the personal data we hold about you; correct inaccurate data; delete your account and associated data; object to certain uses of your data; and receive a copy of your data in portable form. Email info@semireal.app to exercise any of these rights.
2. EU and UK users (GDPR / UK GDPR). Legal bases for processing: contract (delivering the service you signed up for), consent (marketing and analytics), and legitimate interests (security, fraud prevention, product improvement). You can complain to your local data protection authority.
3. California users (CCPA / CPRA). Categories of personal information we collect: identifiers (email, IP); commercial information (purchase history); internet activity (interactions with our website); inferred geolocation (from IP); audio (voice samples — but see paragraph 4 above); biometric information (face images for AI characters); and inferences for marketing. Rights to know, delete, and correct are covered above. We do not sell your personal information. We do 'share' personal information for cross-context behavioural advertising via Meta Pixel and Google Analytics. To opt out, email info@semireal.app. We will not discriminate against you for exercising any of these rights.
4. Australian users. This Policy is administered under the Privacy Act 1988 (Cth) and the Australian Privacy Principles. If you believe we have breached the Privacy Act, contact us first; if you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC).
8. SECURITY
1. We use industry-standard measures, including encryption in transit and at rest. No system is perfectly secure; if we become aware of a data breach affecting your personal information, we will notify you and the relevant authorities as required by applicable law.
9. INTERNATIONAL TRANSFERS
1. SemiReal operates globally. Your data may be processed in the United States, Australia, or wherever our third-party processors operate.
10. CHANGES TO THIS POLICY
1. We may update this Policy. Significant changes will be posted on this page and, where appropriate, notified to you by email.
11. CONTACT
1. Email info@semireal.app.

SemiReal© 2026 — All Rights Reserved By SemiReal, Inc.