Privacy Policy

Effective Date: April 13, 2026 · Last Updated: April 13, 2026

---

Our Commitment to Your Privacy

Weftly is built by creators, for creators. We believe your content and data belong to you. We don't sell your information, we don't serve ads, and we only collect what's necessary to make Weftly work for you.

This privacy policy explains what information we collect, how we use it, and your rights to control it.

Who We Are: Weftly is operated by Woven Record Media, Inc., a US-based company.

---

What Information We Collect

Information You Provide to Us

Media Files

• Audio and video files you upload for processing
• Original filenames and file metadata (size, content type, duration)

Payment Information

• When paying via Stripe: your payment is processed entirely by Stripe. We store Stripe session and payment intent identifiers but never see or store your card details.
• When paying via cryptocurrency (MPP/USDC): we store your wallet address to verify payment on the Tempo network.

Communications

• Messages you send to our support team

Information We Generate

Processing Outputs

• AI-generated transcriptions of your audio/video content
• AI-generated text summaries of your content

Information Collected Automatically

Session Data

• A cryptographic session token (stored only as a SHA-256 hash)
• Your IP address (used for rate limiting)

Usage Metrics

• Cloudflare Analytics Engine events: page views, job status, request metrics, processing pipeline performance
• Upload status and processing history
• Error logs to troubleshoot issues

We do not use:

• Cookies or localStorage for tracking
• Advertising trackers
• Third-party analytics services
• Cross-site tracking of any kind

---

How We Use Your Information

We use your information only to provide our services and improve Weftly:

Core Service Delivery

• Transcribe your audio and video files using AI speech recognition
• Generate AI-powered summaries of your content
• Process payments and issue automatic refunds if processing fails
• Provide session-based access to your uploads and results

Service Improvement

• Analyze usage patterns to improve performance and features
• Debug technical issues and errors

We will not:

• Sell your personal information
• Use your media files for AI training or advertising
• Share your content without your permission or as required by law
• Create user profiles or track you across sessions

---

How We Share Your Information

We only share information with trusted service providers who help us run Weftly.

Service Providers

• Cloudflare — Web hosting, media file storage (R2), AI transcription (Workers AI), key-value storage, and first-party analytics
• Anthropic — AI-powered content summarization
• Stripe — Payment processing for credit/debit card transactions
• MPP (Tempo) — Machine-to-machine payment verification for cryptocurrency transactions (Tempo network)

All providers are bound by contract to protect your data and use it only for providing services to Weftly.

Legal Requirements

We may disclose information if required by law, court order, or to protect the rights and safety of Weftly, our users, or the public.

Business Transfers

If Weftly is acquired or merged with another company, your information may be transferred. We'll notify you before this happens.

---

Your Privacy Rights

You have control over your information. Here's what you can do:

All Users

• Delete Your Data — Delete your uploaded files and processing results at any time through the API or MCP tools
• Access Your Data — Download your transcriptions and summaries while your session is active
• Request Information — Contact us to request details about any data we hold related to your session

California Residents (CCPA)

You have the right to:

• Know what personal information we collect and how we use it
• Request deletion of your personal information
• Opt-out of sale of personal information (we do not sell your data)
• Not be discriminated against for exercising these rights

European Users (GDPR)

You have the right to:

• Access your personal data
• Rectify inaccurate data
• Request erasure ("right to be forgotten")
• Restrict or object to processing
• Data portability (receive your data in a structured format)
• Withdraw consent at any time
• Lodge a complaint with your supervisory authority

To exercise any of these rights, email us at: privacy@weftly.ai or support@weftly.ai

---

Data Security

We take security seriously and use industry-standard practices to protect your information:

• Hashed Tokens — Session tokens are hashed with SHA-256 before storage; raw tokens are never persisted
• Secure Transmission — All data is transmitted over encrypted HTTPS connections
• Privacy-Preserving Architecture — Media files are stored with UUID identifiers, not personal information. No user accounts or profiles are created.
• No Cookies — We do not use cookies or browser-based tracking mechanisms
• Access Controls — Session-based authentication ensures only token holders can access their data

No system is 100% secure, but we're committed to protecting your data with the best available technology.

---

Data Retention

Weftly is designed for short-lived, transactional use. We retain data only as long as needed to deliver your results:

• Sessions — Expire and are deleted after 24 hours
• Ephemeral Jobs (cryptocurrency payments) — Media files and results are deleted after 4 hours
• Automated Cleanup — A daily process permanently deletes all expired sessions, jobs, and associated media files from storage
• Audit Trail — File deletion events are logged for operational integrity
• No Long-Term Storage — We do not retain your media files or processing results beyond the session lifetime
• Legal Holds — We may retain information longer if required by law or to resolve disputes

---

Children's Privacy

Weftly is not directed at children under 13. We do not knowingly collect personal information from children under 13 years old in compliance with the Children's Online Privacy Protection Act (COPPA).

If you believe we have inadvertently collected information from a child under 13, please contact us immediately at privacy@weftly.ai and we will delete it.

---

International Data Transfers

Weftly is based in the United States. Your data is processed on Cloudflare's global edge network and may be stored in the United States.

For European users, we implement appropriate safeguards to protect your data in accordance with GDPR requirements.

---

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements.

How We'll Notify You:

• Post the updated policy on our website with a new "Last Updated" date
• Provide 30 days notice before material changes take effect

Your continued use of Weftly after changes take effect means you accept the updated policy.

---

Contact Us

Questions about this privacy policy or how we handle your information?

• Email: privacy@weftly.ai or support@weftly.ai
• Subject Line: "Privacy Policy Question"
• Response Time: We aim to respond to all privacy inquiries within 7 business days.

---

Your Trust Matters

We built Weftly because we're creators too, and we understand how important it is to trust the tools you use. Weftly is designed from the ground up to be privacy-respecting: no accounts, no tracking, no long-term data retention. Your files come in, your results go out, and everything is cleaned up automatically.

If you have concerns about your privacy on Weftly, we want to hear from you.