Privacy Policy

DemoHook ("we," "us," or "our") operates the website demohook.com and the DemoHook platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service. By using DemoHook, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address
• Full name / display name
• Company name
• Password (stored securely hashed — we never store plaintext passwords)

1.2 Avatar and Voice Data

If you use our avatar and voice cloning features, we collect:

• Facial photographs (front, left, and right angles)
• Voice recordings for voice cloning
• Generated avatar video loops and preview images

This biometric-adjacent data is used solely to generate your personalized AI avatar and voice for demo videos. It is stored securely in our infrastructure and is never sold or shared with third parties for their own purposes.

1.3 Prospect and Lead Data

When you upload leads for video personalization campaigns, we process:

• First name and last name
• Email address
• Company name and industry
• Custom variables you provide (limited to 5KB per lead)

You are the data controller for your prospect data. We process it on your behalf as a data processor to generate personalized demo videos.

1.4 Content You Create

We store content you create through the Service, including:

• Screen recordings and demo flows
• Video scripts and narration templates
• Generated personalized demo videos
• Campaign configurations
• GIF previews and thumbnails

1.5 Billing Information

Payment processing is handled by Stripe. We store your Stripe customer ID, subscription ID, plan details, and billing period dates. We never store credit card numbers, CVVs, or full card details on our servers. All payment data is handled in compliance with PCI-DSS standards by Stripe.

1.6 Usage and Analytics Data

We automatically collect certain information when you use the Service:

• Pages visited and features used
• Browser type, device type, and operating system
• IP address (anonymized for analytics)
• Referral source
• Session duration and interaction patterns

1.7 Video Viewer Data

When a prospect views a shared demo video, we collect view counts and basic viewing analytics. Viewers are not required to create an account or provide personal information to watch a video.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Generate personalized demo videos using AI
• Create and manage your AI avatar and cloned voice
• Process payments and manage your subscription
• Send transactional emails (account confirmation, password resets)
• Analyze usage patterns to improve features and user experience
• Detect and prevent fraud, abuse, or security incidents
• Comply with legal obligations

We do not use your data to train general-purpose AI models. Your avatar, voice, video, and lead data are used solely to provide the Service to you.

3. Third-Party Services

We use the following third-party services to operate the platform. Each processes data as described below:

4. User-Directed Integrations

You may connect third-party services such as Instantly.ai to sync lead data and video links for email outreach campaigns. When you configure these integrations, you authorize us to transmit lead data (name, email, company, video URL) to the connected service. Your API credentials for these integrations are stored encrypted in our database vault. You are responsible for reviewing and agreeing to the privacy policies of any third-party service you connect.

5. Cookies and Tracking Technologies

We use the following cookies and tracking technologies:

You can control cookies through your browser settings. Disabling cookies may affect your ability to use certain features of the Service.

6. Data Security

We implement industry-standard security measures to protect your data:

• All data transmitted over HTTPS with HSTS preloading
• Passwords hashed using bcrypt
• API credentials stored in encrypted database vault
• Content Security Policy (CSP) headers enforced
• Row-Level Security (RLS) on all database tables
• Signed URLs with time-limited access for media files
• Rate limiting on API endpoints

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

7. Data Retention

• Account data: Retained for the duration of your account. Deleted upon account termination.
• Generated videos: Active videos are retained indefinitely while your account is active. Intermediate files from failed video generations are automatically deleted after 7 days.
• Lead data: Retained until you delete the associated campaign or lead.
• Avatar and voice data: Retained until you delete your avatar or close your account.
• Billing records: Retained as required by applicable tax and financial regulations.
• Analytics data: Aggregated and anonymized analytics data may be retained indefinitely.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Update or correct inaccurate personal data via your account settings.
• Deletion: Request deletion of your account and associated data by contacting us.
• Portability: Request your data in a portable format.
• Objection: Object to processing of your data for certain purposes.
• Restriction: Request that we restrict processing of your personal data.

To exercise any of these rights, contact us at privacy@demohook.com. We will respond within 30 days.

9. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal information we collect and how it is used
• The right to request deletion of your personal information
• The right to opt out of the sale of your personal information
• The right to non-discrimination for exercising your rights

We do not sell your personal information to third parties.

10. International Data Transfers

Your data is processed and stored in the United States. If you are accessing the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.

11. Children's Privacy

DemoHook is a business-to-business service designed for sales professionals. We do not knowingly collect information from anyone under the age of 18. If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@demohook.com and we will promptly delete such information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

privacy@demohook.com