Privacy Policy

Last updated: January 25, 2026

1. Introduction

Autopilot SOP ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, company name
  • Payment Information: Billing details (processed securely by Stripe)
  • Profile Data: Profile information, preferences, settings
  • Content: Videos, SOPs, tasks, notes, and other content you create
  • Communications: Messages you send to us or through the Service

2.2 Automatically Collected Information

  • Usage Data: Pages viewed, features used, time spent
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, error logs
  • Cookies: Session cookies for authentication and preferences

2.3 Third-Party Data

  • OAuth Data: If you sign in with Google, we receive your name, email, and profile picture
  • Analytics: Aggregated usage statistics (if applicable)

3. How We Use Your Information

We use your information to:

  • Provide the Service: Process videos and text prompts, generate SOPs, store your data
  • AI Processing: Send your videos and content to OpenAI for transcription, content moderation, and SOP generation
  • Content Moderation: Scan uploaded videos (after transcription) and text prompts for prohibited content using OpenAI's Moderation API to ensure compliance with our Terms of Service
  • Account Management: Create and maintain your account
  • Communication: Send service updates, support responses, important notices
  • Billing: Process payments and manage subscriptions
  • Improvements: Analyze usage to improve the Service
  • Security: Detect and prevent fraud, abuse, and security issues
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. Content Moderation and Safety

To maintain a safe platform and comply with applicable laws, we implement automated content moderation:

  • Automated Scanning: All video transcripts and text prompts are automatically scanned for prohibited content including hate speech, violence, harassment, illegal activities, and other policy violations
  • OpenAI Moderation API: We use OpenAI's Moderation API to detect harmful content. This means your content is sent to OpenAI for safety analysis
  • Blocked Content: Content flagged as violating our policies is blocked from processing and may result in account suspension
  • No Manual Review: Unless required by law or to investigate reported violations, we do not manually review your content
  • User Responsibility: You remain solely responsible for the content you upload and create. Content moderation is provided for safety purposes and does not transfer liability to us

By using the Service, you consent to this automated content scanning. If you do not agree to content moderation, you should not use the Service.

5. Third-Party Services

We use the following third-party services that may access your data:

5.1 OpenAI

We send your videos and text content to OpenAI for AI processing (transcription, content moderation, and SOP generation). OpenAI's data usage is governed by their Privacy Policy.

  • Your content is processed through OpenAI's Whisper API (transcription), Moderation API (safety), and GPT-4 API (SOP generation)
  • Your content is not used to train OpenAI models
  • OpenAI retains data for 30 days for abuse monitoring and policy enforcement
  • After 30 days, your data is deleted from OpenAI's systems

5.2 Supabase

We use Supabase for data storage, authentication, and file hosting. Supabase's practices are governed by their Privacy Policy.

5.3 Stripe

Payment processing is handled by Stripe. We do not store your full credit card information. Stripe's practices are governed by their Privacy Policy.

5.4 Google OAuth

If you sign in with Google, we receive limited information from Google (name, email, profile picture) as permitted by Google's OAuth policies.

6. Data Storage and Security

6.1 Where We Store Data

  • Supabase (US): Account data, SOPs, tasks, profile information
  • Supabase Storage: Uploaded videos and files
  • OpenAI (US): Temporary processing (30 days)

6.2 Security Measures

  • Industry-standard encryption (HTTPS/TLS)
  • Secure password hashing
  • Regular security updates
  • Access controls and authentication
  • Secure third-party services (SOC 2 compliant)

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

7. Data Retention

  • Active Accounts: We retain your data as long as your account is active
  • Deleted Accounts: Data is permanently deleted within 30 days of account deletion
  • Backups: Backup copies may persist for up to 90 days
  • Legal Requirements: Some data may be retained longer if required by law

8. Your Rights and Choices

7.1 Access and Control

You have the right to:

  • Access: View your personal data
  • Update: Correct or update your information in Settings
  • Delete: Delete your account and all associated data
  • Export: Request a copy of your data
  • Object: Object to certain processing of your data

7.2 Communication Preferences

You can:

  • Unsubscribe from marketing emails (we send very few)
  • Control notification settings in your account
  • Note: Some service-related communications cannot be opted out

7.3 Cookies

We use essential cookies for authentication and functionality. You can disable cookies in your browser, but this may affect Service functionality.

9. Children's Privacy

Our Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

10. International Users (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to Access: Request a copy of your data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Request limited processing of your data
  • Right to Portability: Receive your data in a portable format
  • Right to Object: Object to processing of your data

To exercise these rights, contact us at autopilotsophelp@gmail.com

11. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how we use it
  • Request deletion of your personal information
  • Opt-out of the sale of your personal information (we don't sell your data)
  • Non-discrimination for exercising your rights

12. Data Sharing

We DO NOT sell your personal data. We only share data:

  • With Your Consent: When you explicitly agree
  • Service Providers: OpenAI, Supabase, Stripe (to provide the Service)
  • Team Members: SOPs and content you explicitly share with your team
  • Legal Requirements: If required by law or to protect our rights
  • Business Transfers: In case of merger or acquisition (with notice)

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. Your continued use after changes constitutes acceptance.

14. Contact Us

For privacy-related questions or to exercise your rights:

Email: autopilotsophelp@gmail.com
Support: autopilotsophelp@gmail.com
Website: https://autopilotsop.com

Privacy in Plain English: We collect your account info and videos. We use OpenAI to process videos. We don't sell your data. You can delete your account anytime (all data gone). We use secure, trusted services. Your videos are yours. We're just processing them for you. 🔒