SoraLum

Privacy Policy

How SoraLum collects, uses, and protects your data
Mar 27, 2026

Effective Date: March 27, 2026

Introduction

This Privacy Policy explains how SoraLum ("SoraLum," "we," "us," or "our") collects, uses, stores, shares, and protects information when you use our website, applications, AI creation tools, prompt workflows, video tools, customer support channels, and related services (collectively, the "Service").

SoraLum is an all-in-one AI platform for image creation, prompt generation, video generation, and AI-assisted editing. By using the Service, you acknowledge the practices described in this Privacy Policy. If you have questions, please review our Terms of Service or contact [email protected].

Interpretation and Definitions

For purposes of this Privacy Policy:

  • Account means the account you create to access the Service.
  • Personal Data means information that identifies or can reasonably be linked to you.
  • Usage Data means technical, diagnostic, and interaction data collected from your use of the Service.
  • User Content means prompts, text, images, videos, files, and outputs submitted to or generated through the Service.
  • Cookies means small data files stored on your browser or device.
  • Service Providers means vendors or partners that help us operate the Service.

Information We Collect

We may collect the following categories of information:

Account and Authentication Information

When you create an account or sign in, we may collect:

  • your name, email address, login credentials, and account profile information;
  • authentication data from login methods such as email/password, Google, or GitHub;
  • account settings, locale, and related account metadata.

Billing and Transaction Information

If you purchase a subscription or credits, we may collect or receive:

  • billing identifiers and transaction records;
  • subscription status, invoices, payment history, and payment-related metadata;
  • limited payment details from our payment providers such as the last four digits of a card, payer email, transaction ID, invoice URL, or subscription ID.

Full payment card details are processed by third-party payment providers, not stored directly by SoraLum.

User Content and AI Request Data

To provide the Service, we may collect:

  • prompts, prompt revisions, prompt optimization requests, and prompt library activity;
  • images, videos, reference assets, uploaded files, and generation settings;
  • AI-generated outputs and related task metadata;
  • edits, tool selections, and workflow preferences.

We use this information to fulfill your requests, provide results, troubleshoot failures, enforce safety rules, and improve product performance. SoraLum does not use your private uploads, prompts, or generated outputs to train SoraLum-owned foundation models.

Usage, Device, and Log Data

We may automatically collect:

  • IP address, browser type, device type, operating system, and language settings;
  • pages viewed, clicks, referring URLs, timestamps, session activity, and feature usage;
  • error logs, crash data, diagnostics, queue events, and performance data;
  • rate-limit, abuse-prevention, and security event data.

Cookies and Similar Technologies

We use cookies, local storage, pixels, tags, and similar technologies to:

  • keep you signed in;
  • remember preferences;
  • secure sessions and prevent abuse;
  • understand usage patterns and measure product performance;
  • analyze marketing and feature effectiveness.

Communications

If you contact us, join a waitlist, respond to support, or receive transactional emails, we may collect the contents of those communications and related contact details.

How We Use Personal Data

We may use Personal Data to:

  • provide, operate, maintain, and improve the Service;
  • create and manage accounts;
  • authenticate users and secure access;
  • process subscriptions, payments, credits, refunds, and invoices;
  • send transactional messages, service updates, account alerts, and support replies;
  • monitor usage, diagnose problems, prevent fraud, and enforce our policies;
  • analyze trends, improve quality, and optimize product experience;
  • comply with legal obligations and respond to lawful requests;
  • protect the rights, safety, and integrity of SoraLum, our users, and third parties.

AI Processing and Third-Party Providers

To generate images, videos, prompt outputs, and related results, SoraLum may send the minimum necessary request data to third-party AI infrastructure or model providers, depending on the feature or model you choose. This may include prompts, uploaded images, uploaded videos, generation settings, and related technical data needed to fulfill your request.

Depending on configuration and feature availability, these providers may include AI infrastructure partners, model hosting platforms, request routing services, or similar processors that help deliver generation features.

We may also use third-party providers for:

  • payments, such as Stripe, PayPal, Creem, or similar processors;
  • authentication, such as Google or GitHub;
  • storage and file delivery, such as Cloudflare R2 or S3-compatible storage;
  • analytics, such as Google Analytics, Microsoft Clarity, Plausible, OpenPanel, or Vercel Analytics, when enabled;
  • email delivery and support tooling.

We seek to share only the information reasonably necessary for those providers to perform their services for us.

How We Share Information

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers: with vendors and contractors who help us provide, secure, analyze, support, and bill for the Service;
  • AI Processing: with third-party AI providers as needed to process prompts, media, and generation requests;
  • Legal Compliance and Safety: when required by law, regulation, court order, or legal process, or when necessary to protect rights, safety, or investigate abuse;
  • Business Transfers: in connection with a merger, financing, acquisition, restructuring, asset sale, or similar transaction;
  • With Your Direction: where you instruct us to share information or use an integration.

Data Retention

We retain Personal Data for as long as reasonably necessary to provide the Service, maintain accounts, operate billing, resolve disputes, enforce agreements, prevent abuse, and comply with legal obligations.

Retention periods may vary depending on the type of data:

  • account and billing records may be retained as required for tax, accounting, fraud prevention, and legal compliance;
  • logs and diagnostics are typically retained for shorter operational and security periods;
  • uploaded files and generated outputs may be retained for account access, history, product functionality, or troubleshooting, unless deleted earlier or unless shorter retention applies to a specific workflow;
  • some cached or backup copies may persist for a limited period after deletion.

Your Choices and Rights

Depending on your location and applicable law, you may have the right to:

  • access, update, or correct your account information;
  • delete certain content or request deletion of your account;
  • opt out of certain analytics or cookie-based tracking through browser settings or available consent tools;
  • cancel subscriptions or manage billing from your account settings;
  • request information about how your Personal Data is processed.

You can also contact [email protected] to request help with account access, updates, or deletion. We may need to verify your identity before processing certain requests.

Security

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect Personal Data. These may include access controls, logging, encryption in transit, least-privilege practices, and provider security features.

No system is completely secure. We cannot guarantee absolute security, and you are responsible for protecting your device, credentials, and account access.

Children

The Service is not intended for children under 18. We do not knowingly collect personal information from children under 18. If you believe a child has provided us with Personal Data, contact us and we will take appropriate steps to review and address the issue.

Content Restrictions and Sensitive Data

Because SoraLum supports AI-generated and AI-edited media, we ask that you do not upload or generate content that is illegal, exploitative, sexually explicit, hateful, violent, infringing, deceptive, or otherwise prohibited by our Terms.

You should also avoid submitting highly sensitive personal data into prompts, uploads, or workflows unless you are legally authorized to do so and the use is necessary. This includes sensitive health, biometric, financial, government ID, or similarly sensitive information.

International Processing

SoraLum and its Service Providers may process information in countries other than your own. By using the Service, you understand that your information may be transferred to and processed in jurisdictions that may have different data protection rules than those in your location.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and revise the effective date above. Your continued use of the Service after the updated Privacy Policy becomes effective means you accept the revised policy.

Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our data practices, contact us at [email protected].