The short version
SocialEdit is local-first. When you film and edit on your own, your footage, edits, and project structure stay on your device and are never sent to us. Data only reaches our servers when you choose to collaborate: inviting an editor or sharing a project turns on cloud sync for the folders you share. We don't sell your data, and we don't fake or overstate what we do with it.
This policy explains what we collect, when, why, who processes it on our behalf, and the choices you have. It applies to the SocialEdit mobile app and this website at socialedits.app.
What stays on your device
If you use SocialEdit as a solo creator and never share a project, the app runs entirely on your device and does not require an account:
- Recorded and imported clips are stored locally on your phone.
- Your edits (trims, splits, ordering, text, filters, speed) and project folders are stored in a local database on your device.
- None of this is uploaded, streamed, or transmitted to us while you work solo.
In this mode, we do not receive your videos, your edits, or a list of your projects. There is nothing for us to see.
What we collect, and only when
We collect information in the specific situations below. Outside of these, we don't gather it.
When you sign in to collaborate
To invite editors or accept an invitation, you sign in with your email address. We use it to create and identify your account and to send sign-in codes. Signing in is only needed for collaboration, not for solo use.
When you share a project
Sharing a folder syncs its contents so your editor can work with it:
- Clip video files for the shared folder are uploaded to our video storage.
- Project and edit metadata (folder and clip records, and the edit documents that describe a cut) are stored in our database so both people see the same project.
- Sharing settings: which folders are shared, with whom, and each editor's edit, import, and export permissions.
When you invite someone
We use the email address you enter to deliver an invitation. The invite itself carries a random one-time token; our database stores only a cryptographic hash of that token, never the token in plain form. Invitations expire after 7 days and can be used once.
When you subscribe
Team and Studio subscriptions are purchased and billed through the App Store. We receive confirmation that a valid purchase exists so we can unlock sharing on your account. We do not receive or store your payment card details. See Payments.
We do not sell your personal information. We do not use your footage to train models or advertise to you. We do not build advertising profiles.
How we use information
- To run the collaboration features you turn on: syncing shared projects, delivering invites, and showing each person only what they're allowed to see and do.
- To sign you in and keep your account secure.
- To enforce permissions and entitlements, including verifying that an account with sharing turned on has an active subscription.
- To keep the service working and safe, including troubleshooting and preventing abuse.
- To meet legal obligations where they apply.
When data leaves your phone
There is exactly one trigger: you choosing to collaborate. Until you invite an editor or share a folder, cloud sync stays off and your work stays on your device. When you do share, only the folders you share are synced; folders you keep private are not uploaded.
| Situation | What is sent | Where it goes |
|---|---|---|
| Solo filming & editing | Nothing | Stays on your device |
| Signing in | Your email address | Authentication provider |
| Sharing a folder | That folder's clips and edit metadata | Video storage & database |
| Inviting an editor | The invitee's email; a hashed token | Email delivery & database |
| Subscribing | Purchase verification | Apple, then our database |
Service providers we rely on
We use a small set of trusted providers to run the collaboration side of the app. They process data on our behalf, under their own security and privacy commitments, only to provide these services.
- Supabase: account authentication and the database that stores project metadata, sharing settings, and entitlements.
- Cloudflare R2: storage for the video files in folders you share.
- An email delivery provider: sending sign-in codes and invitations.
- Apple: processing App Store subscriptions and verifying purchases.
Because this infrastructure is cloud-hosted, information handled by these providers may be processed in countries other than yours. We only share what a provider needs to perform its function.
Payments
Subscriptions use the App Store's native in-app purchase system. Your payment method and billing details are handled by Apple under its own privacy policy; we never see your card number. When you subscribe, we verify the purchase with Apple's servers and record only whether your account is entitled to sharing, so the app can unlock the right features. Subscription status is confirmed on our servers, not trusted from the app alone.
How we protect your information
- Permissions are enforced on the server. Who can view, edit, import, or export a project is decided by our backend on every request, not by the app on your phone. A modified or tampered app cannot grant itself access it wasn't given.
- Shared video uses short-lived links. Clips in shared folders are streamed through links that expire quickly, and every request is re-checked against your current sharing settings before any bytes are served.
- Data is encrypted in transit using standard HTTPS.
- Invitation tokens are stored only as hashes, expire after 7 days, and are single-use.
Editing happens on-device, so an editor's app must download the clip bytes to preview them. Once video reaches any device, a determined person could screen-record or copy it. The export permission is a workflow control that gates the export feature and is checked and logged on our servers; it is not copy protection, and we don't claim it is.
How long we keep it
- On-device data stays until you delete it or remove the app.
- Shared clips and project metadata are retained while the project is shared and your account is active. Unsharing a folder removes an editor's access to it.
- Invitations expire after 7 days.
- Account and subscription records are kept while your account is active and as needed to meet legal and accounting obligations.
Your rights and deleting your data
You can ask us to access, correct, or delete the personal information associated with your account. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA, including the right to object to or restrict certain processing. We honor these requests regardless of where you are.
Deleting your account removes your associated records from our database and your video files from our storage. Deletion means the data is removed, not merely hidden from view. Content that lives only on your own device is deleted by removing it in the app or uninstalling.
To make a request, email privacy@socialedits.app. We may need to verify that the request comes from the account holder.
Children
SocialEdit is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.
Changes to this policy
We may update this policy as the app evolves. When we make material changes, we'll update the effective date above and, where appropriate, notify you in the app. Continuing to use SocialEdit after an update means you accept the revised policy.
Contact us
Questions about this policy or your data? Email privacy@socialedits.app and we'll help.