Privacy Notice
1. About this notice
This notice explains how Cinelog, LLC (“Cinelog”, “we”, “us”) handles personal data when you use the Cinelog mobile and desktop apps for iOS, Android, macOS, and Windows, our supporting APIs, and our marketing site at cinelog.com (together, the “Service”).
It covers everyone whose personal data we hold — whether you are a Cinelog account holder, a collaborator someone invited, or a third party (such as a crew or cast member) whose information was entered into Cinelog by one of our users.
If you only want the short version: we collect what we need to run the Service, we don’t sell your data, we don’t train AI models on your content, and we give you straightforward ways to access, export, or delete your data.
2. Who we are and how to contact us
Cinelog, LLC is the controller of personal data we hold about you, except for data you upload about other people (see §6).
- Privacy contact:
privacy@cinelog.com(data-protection questions, rights requests, sub-processor notifications, and breach reports) - General contact:
info@cinelog.com(billing, support, and all other inquiries) - Postal address: Cinelog, LLC, 12856 N Highway 183, Ste B #1356, Austin, TX 78750, USA
If you are based in the EEA, UK, California, or Canada, the relevant section under §15 below may give you additional rights.
3. The accounts you can have with us
There are two kinds of Cinelog account, and they are treated the same way for data-protection purposes:
- Paid accounts. Created by anyone who signs up directly. Required for creating projects.
- Free invitee accounts. Created when an existing paid user invites you to collaborate on a project. Free invitees can view and edit the projects they are invited to but cannot create new projects.
We do not differentiate by tier when it comes to your rights over your data — every account holder has the full set of access, deletion, correction, portability, and objection rights described in §10.
4. What personal data we collect
We organize the data we hold into eight categories. For each, the table lists the fields, where the data comes from, and the lawful basis under EEA/UK GDPR. (US, Canadian, and Quebec users: equivalent legal grounds are described in §15.)
4.1 Identity & account data
| Field | Source | Lawful basis |
|---|---|---|
| Email address | You, at signup | Contract (Art. 6(1)(b)) |
| Verification code (one-time) | Generated by us; sent via email | Contract |
| First name, last name (optional) | You, in profile | Contract |
| Phone number (optional) | You, in profile | Contract |
| Profile picture (optional) | You, in profile | Consent (Art. 6(1)(a)) |
| Last login timestamp, account status | Automatic | Legitimate interest (Art. 6(1)(f)) — account security |
| Pseudonymous analytics ID | Generated by us | Consent in EEA/UK (see §4.6); legitimate interest elsewhere |
We do not store passwords. Sign-in works via a one-time code emailed to you.
4.2 Production-project data (content you create)
Everything you create in Cinelog — projects, scripts, scenes, shots, storyboards, shot lists, call sheets, schedules, display preferences, and your action history within the app.
- Source: you and your collaborators
- Stored in: our PostgreSQL database and Google Cloud Storage, both in Google Cloud’s
us-central1region (United States) - Lawful basis: contract — we cannot run the Service without storing the content you create
4.3 Crew & cast records — personal data about other people
When you build a call sheet, contact list, or cast/crew roster, you may enter personal data about people who do not themselves use Cinelog. This may include their:
- Name
- Email address, phone number, postal address
- Department and role
- Image likeness (e.g. avatar uploads)
- Emergency contact information
- Free-form notes you choose to add about an individual.
About free-form notes. Cinelog does not request, require, or provide dedicated fields for sensitive information (such as banking, payroll, identity documents, dietary or medical details). Anything you enter in a notes field is fully under your control as the data controller, and we strongly recommend keeping such notes to the minimum necessary for production purposes.
For this category, you are the data controller and Cinelog is your data processor under Article 28 GDPR (and equivalent laws — see §6). The data subjects (the people whose data you enter) can contact us directly at privacy@cinelog.com and we will route their request to you.
We send a Cinelog privacy notice link in the footer of every call-sheet email so that recipients can find out who we are and how to reach us.
4.4 Payment & billing data
We never see or store your card number. Payment goes through Stripe (for web purchases) or through Apple’s App Store / Google Play (for in-app subscriptions on iOS and Android).
| Field | Source | Lawful basis |
|---|---|---|
| Billing name, billing email, postal address | Entered at checkout on Stripe’s hosted UI | Contract; legal obligation (tax records) |
| Country and (where applicable) tax ID — VAT, GST, etc. | Checkout | Legal obligation |
| Stripe customer ID, subscription ID | Stripe webhook | Contract |
| Apple/Google receipt identifiers, RevenueCat user ID | Apple/Google/RevenueCat | Contract |
| Subscription status, current-period end, cancellation state, dunning state | Webhooks | Contract |
For mobile in-app purchases, Apple and Google operate as independent controllers of the purchase relationship — refunds and cancellation for those purchases are handled by them directly under their terms, not ours (see §15.8 and our Refund Policy).
4.5 Device-technical data
- App version, build number, platform (Windows / macOS / iOS / Android), operating system version, device model, screen size, locale
- Internet protocol (IP) address (used transiently for routing requests and security; discarded from our application logs within 30 days and not stored long-term against your account)
- Crash logs and performance traces from Sentry
We have configured Sentry to mask all text inputs and block media in session replays, and we do not send your IP address or default personally identifying request headers to Sentry.
Lawful basis: legitimate interest (debugging and security) and, in the EEA/UK, consent before analytics SDKs are initialized (see §4.6).
4.6 Usage & analytics data
In the EEA, UK, and Switzerland, we ask for your consent on first launch before our analytics tooling (Firebase Analytics and Mixpanel) is initialized. Everywhere else, you can opt out at any time in Settings.
When initialized, these SDKs receive: pseudonymous user identifier, screen and action names, platform, app version, environment, OS version, device model, screen size. We do not send free-text from your projects, call sheets, scripts, contact entries, or messages to either service.
Lawful basis: consent (EEA/UK/CH); legitimate interest with opt-out (elsewhere).
4.7 Communications
- Verification-code emails (transactional, sent for every login)
- Call-sheet emails sent on your behalf to recipients you choose
- Project invitation emails
- Marketing emails — only if you ticked the marketing-updates box at signup or opted in later in Settings
Transactional emails (verification codes, project invitations, call-sheet sendouts) are sent through Mailgun. Marketing emails — sent only if you explicitly opt in at signup or in Settings — go through MailerLite, our separate marketing-list provider; your email and limited custom fields are synced to MailerLite for that purpose.
4.8 Location queries
If you use the location autocomplete in call sheets, the text you type is sent to the Google Maps Places API to fetch suggestions, and the resolved location (latitude, longitude, formatted address) is stored against the call sheet. We don’t access your device location — only the addresses you type and select.
Lawful basis: contract; consent for any location-based feature you explicitly enable.
5. How we use your data
| Purpose | Categories used | Lawful basis |
|---|---|---|
| Provide and maintain the Service | 4.1, 4.2, 4.3, 4.5, 4.8 | Contract |
| Authenticate you and protect your account | 4.1, 4.5 | Contract; legitimate interest (security) |
| Process payments and meet tax obligations | 4.4 | Contract; legal obligation |
| Send transactional emails (verification, invitations, call-sheet sendouts) | 4.1, 4.3, 4.7 | Contract |
| Provide customer support | 4.1, 4.7 | Contract; legitimate interest |
| Diagnose crashes and improve reliability | 4.5 | Legitimate interest |
| Understand product usage and improve features | 4.6 | Consent (EEA/UK/CH); legitimate interest (with opt-out) elsewhere |
| Send marketing emails about Cinelog | 4.7 | Consent — only if you opted in |
| Comply with law and respond to lawful requests | All as required | Legal obligation |
We do not use your data for automated decisions that produce legal effects on you, and we do not engage in profiling for marketing purposes.
6. Who we share your data with
We share data with three groups: our service providers (sub-processors), companies that are independent controllers of their own data (chiefly Apple and Google for in-app purchases), and authorities where the law compels disclosure. We do not sell your personal data, and we do not share it for cross-context behavioral advertising.
Our sub-processor list is at the end of this notice (Appendix A) and is updated whenever we add or remove a provider. We commit to giving 30 days’ advance notice before adding a sub-processor that will process Cinelog customer content.
Independent controllers (these companies hold their own copy of the data and have their own privacy notices):
- Apple — for in-app subscriptions purchased through the iOS App Store
- Google — for in-app subscriptions purchased through Google Play
- Stripe — for fraud-prevention purposes connected to its payment-processing service
Legal authorities. We disclose personal data to law-enforcement, regulators, or other government bodies only where compelled by valid legal process (for example, a subpoena, court order, or lawful government request) or where disclosure is necessary to protect the rights, property, or safety of Cinelog, our users, or the public. We review each request for scope and validity, push back on requests that are overbroad or improper, and — where not legally prohibited — notify you in advance so that you have an opportunity to challenge the request.
7. International transfers
Cinelog runs in Google Cloud’s us-central1 region in the United States. If you are in the EEA, UK, or Switzerland, your personal data is transferred to the US. We rely on:
- the European Commission’s Standard Contractual Clauses (and equivalent UK addendum) with each US-based sub-processor;
- the EU-US Data Privacy Framework (and UK Data Bridge / Swiss-US framework) where the sub-processor is certified — Google Cloud is currently certified;
- supplementary technical measures (encryption in transit and at rest) and organizational measures (access controls, audit trail).
Consistent with the European Data Protection Board’s recommendations following the Schrems II decision, Cinelog has performed a Transfer Impact Assessment for transfers of personal data to the United States. The assessment considers the legal regime of the recipient country, the protections afforded by the SCCs and the EU-US Data Privacy Framework, and the supplementary measures we apply (encryption, access controls, and the absence of bulk-surveillance-relevant data in our processing). A summary of the assessment is available to Customers on request by writing to privacy@cinelog.com.
A copy of the SCCs we use with any sub-processor is available by writing to privacy@cinelog.com. EEA, UK, and Swiss B2B customers can also enter into our Data Processing Addendum directly, which incorporates the Standard Contractual Clauses and the UK Addendum.
8. How long we keep your data
| Data | Retention |
|---|---|
| Account record (paid or free) | While your account is active. Soft-deleted within 14 days of account deletion request; permanently erased within 30 days. |
| Project data, call sheets, scripts, files | While your account is active. On account deletion: retained 30 days for export, then permanently erased. |
| Crew & cast records you entered | Stored at the workspace level. Retained until you delete the contact, or until your account is deleted (then handled on the same schedule as project data above). |
| Server access logs | 30 days |
| Crash logs and performance traces (Sentry) | 90 days (Sentry retention on our current plan) |
| Session replays (Sentry, EEA/UK consented only) | 90 days |
| Analytics events (Firebase Analytics) | 14 months (the maximum GA4 user-level retention; configured by us) — or until you withdraw consent, whichever is shorter |
| Analytics events (Mixpanel) | 2 years from the event date (Mixpanel default) — or until you withdraw consent, whichever is shorter |
| Verification-code emails (Mailgun) | The code itself is short-lived and expires on use. Mailgun message logs are retained in accordance with Mailgun’s retention for our plan tier. |
| Marketing list (MailerLite) | Until you unsubscribe |
| Billing records, invoices | 7 years (tax recordkeeping; the period varies by country) |
| Stripe customer record | Until you delete the Cinelog account, then we request deletion from Stripe within 30 days. Stripe may retain the record per its own retention obligations (e.g. for fraud prevention and financial-records law). |
| Apple / Google purchase receipts | Held by Apple/Google under their own retention policies — we cannot delete on their side |
If a law (for example tax law) requires us to keep a record longer than the period above, we will keep only the minimum required and use it only to meet that obligation.
9. Security
9.1 What we do
We use industry-standard measures to protect personal data:
- In transit: TLS for all client-to-server traffic.
- At rest: encryption of databases, file storage, and backups via Google Cloud’s managed encryption.
- Access controls: least-privilege role-based access for Cinelog staff. Authorized personnel — including developers and support staff — may access your content when reasonably necessary to operate, secure, debug, or support the Service, or where you have requested help that requires it. Production access is logged and auditable, and is subject to the confidentiality obligations in our Terms of Service.
- Secret management: all secrets in Google Secret Manager.
- Sentry hardening: PII fields and IP addresses are not sent to Sentry; form input is masked in session replays; low replay sampling rate (currently 1%).
9.2 Shared responsibility
Security is a joint effort. Here is who owns what:
- Cinelog’s side: infrastructure security, encryption in transit and at rest, access controls and logging for Cinelog staff and for access through the in-app interface, sub-processor vetting, breach detection on Cinelog’s servers, and breach notification (to you and, where Cinelog is the controller, to regulators).
- Your side: keeping your sign-in email and devices secure, deciding who you invite as a collaborator and vetting them for the access you grant, ensuring you have a lawful basis for any Third-Party Personal Data you upload (e.g. crew and cast records — see §4.3), supervising your invitees’ use of project data on their own devices, and notifying us promptly if you suspect your account or a collaborator’s account has been compromised.
Local-first storage — important. Cinelog is a local-first application: when you or an invitee sign in or accept a project invitation, project data is synced to that device and held in a local database (SQLite, via Drift) to enable offline use. Cinelog’s in-app permissions control what each user can see and do through the application interface, and Cinelog logs access through that interface. Once data is synced to a user’s device, Cinelog cannot prevent that user from inspecting the underlying local storage with external tools, and such access does not appear in Cinelog’s server-side logs. This means: (i) who you invite to a project, and what level of trust they merit, is a control that sits firmly on your side of the responsibility line; (ii) revoking an invitee’s access prevents further sync but does not retrieve data already on their device; and (iii) the acceptable-use restriction in Terms §14.10 prohibits invitees from accessing data through any channel other than the in-app interface and within the permissions you have granted them — but enforcement of that restriction against an offending invitee is a matter between you and that person, with our cooperation as needed.
9.3 Breach notification
If we become aware of a personal-data breach, what we do next depends on which data is affected and who is the controller of that data (see §4 and §6):
- Data for which Cinelog is the controller (your account, billing, analytics, and your communications with us): we notify the relevant supervisory authority within 72 hours where required, and notify you without undue delay where the breach is likely to result in a high risk to your rights.
- Data for which you are the controller and Cinelog is your processor (Third-Party Personal Data such as crew and cast records you entered — see §4.3): we notify you, as the controller, within 72 hours of becoming aware. You are responsible for assessing whether onward notification to regulators or affected individuals is required by law, and for making any such notifications. Our DPA §6 sets out the full processor-side procedure.
9.4 Cost of breach response
- Where a breach is caused by Cinelog’s acts or omissions (including those of our sub-processors), Cinelog bears the reasonable, documented costs of investigation, notification, and remediation, subject to the limits of liability in our Terms of Service.
- Where a breach is caused by compromise of your credentials or devices, the acts or omissions of your invitees, or your breach of the Third-Party Personal Data warranties in Terms §13, those costs are your responsibility.
- Where the cause is mixed or unclear, each party bears its own costs pending agreement on a fair apportionment.
No security measure is perfect. To report a suspected breach or account compromise, write to privacy@cinelog.com.
10. Your rights
You have the right to:
- Access a copy of the personal data we hold about you.
- Rectify information that is inaccurate or incomplete.
- Delete your account and the data associated with it.
- Export your data in a portable format.
- Restrict or object to certain processing.
- Withdraw consent at any time (for marketing emails, analytics, location queries, and other consent-based processing).
- Not be subject to a decision based solely on automated processing that produces legal effects on you or similarly significantly affects you. As described in §5, we do not currently make such decisions.
- Not be discriminated against for exercising your privacy rights.
Most rights can be exercised directly inside the app — your profile page contains export and account-deletion controls. For anything you cannot do in-app, email privacy@cinelog.com.
We respond to verifiable requests within 30 days. For complex requests we may extend this by up to two further months and will tell you why. There is no fee unless requests are manifestly unfounded or excessive.
If you are unhappy with our response, you can complain to your local data-protection authority. We would also appreciate the chance to address the issue first.
11. Children
Cinelog is not directed at children. You must be at least 16 to create a Cinelog account. We do not knowingly collect personal data from anyone under 16; if you believe we have, write to privacy@cinelog.com and we will delete it.
12. AI and machine learning
No AI training on Customer Content. We do not use your scripts, schedules, call sheets, shot lists, storyboards, contacts, or any other content you upload to train any generative AI or machine-learning model. We contractually require our sub-processors not to train their models on Cinelog customer content.
No AI inference on Customer Content. The Cinelog client application and the Cinelog backend services do not currently send Customer Content or Third-Party Personal Data to any third-party AI service for inference, generation, summarisation, transcription, classification, embedding, or any other AI/ML processing. No AI provider (for example, Anthropic, OpenAI, or Google Gemini) is a sub-processor of Customer Content at this time, and none appears on our Sub-processor List.
Future AI-assisted features. If Cinelog adds AI-assisted features in the future, we will: (i) update this notice and our Sub-processor List at least 30 days before the feature ships, (ii) make the feature opt-in where required by applicable law (EEA, UK, Switzerland) and opt-out elsewhere, (iii) process inputs only transiently for the requested output, (iv) require the AI provider, by contract, not to retain inputs or outputs for model training, and (v) clearly disclose in-product when an AI-assisted feature is being used on Customer Content.
Internal developer tooling. Cinelog’s own engineering team uses AI-based coding assistants (for example, large-language-model code completion and code review tools) for the development of Cinelog itself. Internal policy prohibits Cinelog personnel from submitting Customer Content, Third-Party Personal Data, production credentials, or other Customer Confidential Information to such tools. Use of these tools is part of how we build the Service, not how we process your data, and they are not sub-processors of Customer Personal Data.
13. Cookies and similar technologies
The Cinelog product is a native app — it does not use HTTP cookies. It does use local device storage to remember your login session, app preferences, and offline data (via SharedPreferences and a local SQLite database synced through Drift). You can clear this storage by signing out and uninstalling the app.
The Cinelog marketing site at cinelog.com and the documentation site at docs.cinelog.com use Google Analytics 4 to understand site traffic and improve content. Google may set first-party cookies (typically _ga, _ga_*) in your browser to distinguish unique visitors. On the marketing site, when (and only when) analytics consent is granted, we record page views and interaction events such as: navigation and footer link clicks, social and outbound link clicks, in-page anchor jumps, download-button clicks (which app store, from which page), pricing-card impressions and clicks, journal article scroll depth, FAQ open events, and 404 hits. These events carry technical attributes (the page path, the button placement, the destination domain, etc.) but no personally identifying information.
How we obtain consent. We use Google Consent Mode v2 with the analytics-storage default set to denied on both sites. Analytics cookies are only set after you explicitly opt in. The exact flow depends on where you are:
- In the EEA, UK, and Switzerland: a cookie banner asks for your consent on first visit. No analytics cookies are set unless you accept. You can change your decision at any time via the Cookie preferences link in the footer of either site.
- Outside the EEA/UK/CH: analytics is enabled by default unless your browser sends a Global Privacy Control (GPC) signal, in which case we treat that as an opt-out and keep analytics-storage denied. You can opt out at any time via Cookie preferences in the footer.
- Universal opt-out: if your browser sends the Global Privacy Control (GPC) signal, we honor it regardless of region — analytics-storage stays denied and no
_gacookies are set.
Your choice is remembered in your browser’s local storage for 12 months, after which we will ask again. We do not set advertising cookies, we do not run targeted advertising, and we do not share marketing-site or docs-site analytics data with advertising networks. If we add other tracking technologies in future, we will publish an updated cookie notice and refresh the banner.
14. Changes to this notice
We will update this notice when our practices change. Material changes will be announced in-app and by email at least 30 days before they take effect. The “Last updated” date at the top tracks each revision; older versions are available on request.
15. Jurisdiction-specific provisions
15.1 EEA, UK, and Switzerland (GDPR / UK GDPR / nFADP)
In addition to the rights in §10, you have the right to:
- Lodge a complaint with your local supervisory authority — for example, the Irish Data Protection Commission (Ireland), CNIL (France), BfDI (Germany), the UK Information Commissioner’s Office (United Kingdom), or the FDPIC (Switzerland).
- Object to processing carried out on the basis of legitimate interest (Art. 21 GDPR).
- Withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
Where we rely on legitimate interest, we have carried out a balancing test against your rights and concluded that our interest does not override them; a summary is available on request.
For data we transfer outside the EEA, see §7. EEA and UK B2B customers can also enter into our Data Processing Addendum, which incorporates the European Commission Standard Contractual Clauses and the UK International Data Transfer Addendum.
15.2 California (CCPA / CPRA)
If you are a California resident, you have the right to:
- Know what categories and specific pieces of personal information we have collected, the sources, the business purpose, and the categories of third parties with whom we share it.
- Delete personal information we hold about you.
- Correct inaccurate personal information.
- Opt out of the sale or sharing of personal information for cross-context behavioral advertising.
- Limit the use of sensitive personal information.
- Not be retaliated against for exercising these rights.
We do not sell your personal information and we do not share it for cross-context behavioral advertising. We have not done so in the last 12 months.
Because Cinelog does not sell or share personal information for cross-context behavioral advertising, we do not display a “Do Not Sell or Share My Personal Information” link on our website. To exercise your other CCPA rights, see the channels described in this Section.
The categories of personal information we have collected in the last 12 months (using CCPA categories), the source of each, the business or commercial purpose for which it is used, and the categories of third parties with whom it is shared:
| CCPA category | Source (§) | Business / commercial purpose | Shared with |
|---|---|---|---|
| Identifiers (name, email, account ID, IP address) | You (4.1, 4.5) | Provide and authenticate access to the Service; security; transactional email | Sub-processors (Appendix A) |
| Personal information under Cal. Civ. Code §1798.80(e) (contact details for crew/cast you enter) | You (4.3) | Provide the Service to you (Cinelog is your processor for this data — see §6) | Sub-processors (Appendix A) |
| Commercial information (subscription, billing, plan history) | Stripe / Apple / Google (4.4) | Process payment; meet tax-recordkeeping obligations; provide support | Payment-processor sub-processors (Appendix A) |
| Internet / electronic network activity (device-technical data) | Automatic (4.5) | Diagnose crashes; secure the Service; improve reliability | Sentry (sub-processor; pseudonymous only) |
| Internet / electronic network activity (usage analytics) | Automatic with consent in EEA/UK/CH; opt-out elsewhere (4.6) | Understand product usage; improve features | Firebase Analytics, Mixpanel (sub-processors) |
| Geolocation data (call-sheet location text you type) | You (4.8) | Resolve and display shoot locations on call sheets | Google Maps Platform (sub-processor) |
| Professional / employment-related information (crew & cast roles, departments) | You (4.3) | Provide the Service to you (Cinelog is your processor for this data) | Sub-processors (Appendix A) |
| Inferences (where consented to analytics) | Derived from 4.6 | Improve features; benchmark engagement at the aggregate level | Firebase Analytics, Mixpanel (sub-processors) |
We do not collect sensitive personal information unless you enter it (e.g. dietary or medical notes on a call sheet); we use such information only to provide the Service.
To exercise CCPA rights, email privacy@cinelog.com or use the in-app controls. You may also designate an authorized agent.
15.3 Texas (Texas Data Privacy and Security Act)
Cinelog, LLC is a Texas-registered company. If you are a Texas resident, you have the right to:
- Confirm whether Cinelog is processing your personal data, and obtain a copy.
- Correct inaccurate personal data.
- Delete personal data we hold about you.
- Obtain a portable copy of your personal data in a structured, commonly-used, machine-readable format.
- Opt out of (i) the sale of personal data, (ii) targeted advertising, and (iii) profiling in furtherance of decisions that produce legal or similarly significant effects. We do not engage in any of these activities.
- Appeal any denial of a rights request.
To exercise these rights, email privacy@cinelog.com or use the in-app controls. We respond within the 30 days described in §10, and in any event within the 45-day statutory maximum under the Texas Data Privacy and Security Act.
Appeals. If we deny your request, you may appeal within a reasonable time by emailing privacy@cinelog.com with the subject “TDPSA appeal”. We will respond to the appeal within 60 days. If the appeal is denied, you may submit a complaint to the Texas Attorney General at https://www.texasattorneygeneral.gov/consumer-protection/file-consumer-complaint.
Sensitive data. Cinelog does not request or maintain dedicated fields for sensitive personal data as defined by the TDPSA (racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, citizenship or immigration status, genetic or biometric data, precise geolocation, or children’s data). Any sensitive information you choose to enter into free-form notes is processed only to provide the Service to you, and is never used for targeted advertising, profiling, or sale.
Universal Opt-Out Mechanism. Cinelog honors recognized opt-out preference signals — including the Global Privacy Control (GPC) browser signal — sent from your device for any covered processing on cinelog.com.
15.4 Other US states with privacy laws
Residents of Colorado, Connecticut, Delaware, Indiana, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Utah, and Virginia (and similar regimes that may come into force) have rights substantially similar to those in §10 and §15.2. To exercise them, use the same channel: privacy@cinelog.com.
15.5 Canada (PIPEDA)
If you reside in a Canadian province whose private-sector privacy law is PIPEDA (or a substantially-similar provincial law), you have rights of access and correction over personal information we hold about you, and the right to withdraw consent subject to legal or contractual restrictions. Our privacy officer in Canada can be reached via privacy@cinelog.com.
You can complain to the Office of the Privacy Commissioner of Canada at priv.gc.ca.
15.6 Quebec (Law 25)
If you reside in Quebec, in addition to PIPEDA-equivalent rights, you have the right to:
- be informed of the categories of personal data we hold, the third parties with whom we share it, and the data’s location (see §6 and §7);
- be informed of any automated decision and the principal factors and parameters that led to it (we do not currently use automated individual decision-making);
- data portability under §10.
Our designated person in charge of personal-information protection is Ivan Shcherbina, Co-founder and Software Architect, reachable at privacy@cinelog.com. You can complain to the Commission d’accès à l’information du Québec at cai.gouv.qc.ca.
15.7 Australia, New Zealand, and other regions
If your jurisdiction grants you privacy rights that this notice does not specifically address, we will still honor any such rights to the extent they apply. Contact privacy@cinelog.com.
15.8 Purchases through Apple’s App Store and Google Play
If you purchase a Cinelog subscription through Apple’s App Store or Google Play, the purchase, renewal, and refund are handled by Apple or Google under their respective terms — not by Cinelog. Apple and Google receive your payment details and act as independent controllers of the data necessary to process that purchase.
To cancel an App Store subscription, go to Settings → Apple ID → Subscriptions on your device.
To cancel a Google Play subscription, go to play.google.com/store/account/subscriptions.
Refunds for these purchases must be requested from Apple or Google; Cinelog cannot issue them.
Appendix A — Sub-processors
The current list of Sub-processors that may process Cinelog customer data, together with the legal entity, location, purpose, and transfer mechanism for each, is published and maintained on our Sub-processor List. That page is the authoritative version and is dated on every change.
Apple Inc. (United States) and Google LLC (United States) receive payment data for App Store and Google Play purchases. They act as independent controllers of that data, not as Cinelog sub-processors.
Appendix B — Notice of changes to sub-processors
Sub-processor additions are announced on the Sub-processor List at least 30 days before the new Sub-processor begins processing Cinelog customer content. To receive change notices by email, write to privacy@cinelog.com with the subject “Subscribe: sub-processors”.