Privacy Policy

Last updated: 2026-01-28

This Privacy Policy explains how Reklamedia (“we”, “us”, “our”) collects, uses, and shares personal data when you visit our website and use our software services (the “Service”). We are based in Norway (EEA).

This document is provided for general information and transparency. It is not legal advice.

1) Who we are (Data Controller)

Company: Reklamedia
Country: Norway
Contact: legal@advideolab.com

If you update these details via the admin panel, the Service will display the updated information.

2) Personal data we collect

Depending on how you interact with the Service, we may collect:

• Contact data: name, email address, company name, and message content (e.g., via the Contact form).
• Account data: email address and authentication data (hashed passwords).
• Usage & technical data: IP address, browser/device information, pages viewed, approximate location (derived from IP), timestamps, and diagnostic logs.
• Customer content: files and metadata you upload to generate outputs (e.g., images/videos).
• Billing data: billing status and plan information. If Stripe is enabled, payment details are processed by Stripe; we do not store full card details.
• Cookies & similar technologies: used for essential functionality and (if enabled) analytics/preferences.

3) How we use personal data

We use personal data to:

• Provide and operate the Service, including account access and job processing
• Respond to messages, support requests, and sales inquiries
• Send administrative emails (e.g., confirmations, billing/plan notices)
• Secure the Service (fraud prevention, abuse detection, rate limiting)
• Improve performance and reliability (debugging, monitoring, analytics if enabled)
• Comply with legal obligations and enforce our terms

4) Legal bases (GDPR/EEA)

Where GDPR applies, we rely on:

• Contract (Art. 6(1)(b)) — to provide the Service you request
• Legitimate interests (Art. 6(1)(f)) — to secure and improve the Service
• Consent (Art. 6(1)(a)) — where required (e.g., non-essential cookies)
• Legal obligation (Art. 6(1)(c)) — accounting, compliance, responding to lawful requests

5) Sharing and processors

We may share personal data with trusted vendors (processors) that help us run the Service, such as:

• Hosting and infrastructure providers
• Email delivery providers (SMTP)
• Payment providers (e.g., Stripe, if enabled)
• Storage/CDN providers

We do not sell your personal data.

6) International transfers

Some vendors may process data outside the EEA. Where applicable, we use recognized safeguards such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms.

7) Retention

We keep personal data only as long as needed for the purposes above, including legal, accounting, and security requirements. You may request deletion subject to lawful exceptions.

8) Security

We apply reasonable technical and organizational measures to protect data, including encryption for sensitive configuration values and access controls.

9) Your rights

Where GDPR applies, you may have rights to:

• Access, correction, deletion
• Restrict or object to processing
• Data portability
• Withdraw consent (where processing is based on consent)
• Lodge a complaint with a supervisory authority (in Norway: Datatilsynet)

10) Children

The Service is not intended for children under 13 (or the minimum age required by local law). We do not knowingly collect personal data from children.

11) Changes

We may update this policy from time to time. The “Last updated” date indicates when it was last revised.