Privacy Policy

Last updated: 2026-04-21

banner·hook is a tool that turns short-form video clips into banner-hook captions. This page lists what we collect, what we do with it, and how you can delete it. We try to keep data collection minimal.

Who runs this

banner·hook is operated as a personal project by the developer reachable at hello@bannerhook.com. Infrastructure is hosted on Railway (US).

What we collect

• Account info (via Clerk). Your email address and display name when you sign in. Clerk handles authentication; see Clerk's privacy policy.
• Clips you submit. The transcript text you paste, the URL you paste (Instagram / TikTok / YouTube / Google Drive / Dropbox), or the audio file you upload. These are processed to generate banner hooks.
• Generation history. Your past generations (transcript + banners + clip metadata) are stored so you can revisit them. Stored up to 30 days, then auto-deleted.
• Usage metrics. Counts of requests (generate, refine), error codes, and truncated IP addresses (/24 for IPv4, /48 for IPv6). Used for abuse monitoring and improving reliability. 30-day retention.
• Request logs. Standard HTTP access logs kept by Railway. These include IP addresses and user-agents. Railway manages their retention.

What we don't collect

• No analytics pixels, no ad trackers, no cross-site cookies.
• No fingerprinting beyond the IP+User-Agent binding on admin sessions (for security only).
• We do not sell data to anyone. Ever.

Third-party processors

To turn your clip into banner hooks we send your transcript (and sometimes your audio) to a small number of AI and scraping providers. Your data is processed by each under their own terms:

• Anthropic Claude (banner generation) — Privacy.
• Google Gemini (banner generation fallback) — Privacy.
• Groq (audio transcription) — Privacy.
• AssemblyAI (audio transcription fallback) — Privacy.
• Apify (Instagram / TikTok URL resolution) — Privacy.
• Clerk (authentication) — Privacy.
• Railway (hosting) — Privacy.

Retention + deletion

• Generation history: deleted after 30 days automatically.
• Metrics: rolling 30-day window.
• You can delete your own generation history at any time from the app ("Clear history") or by emailing hello@bannerhook.com.
• Account deletion: email hello@bannerhook.com with the subject "Delete my account". We confirm within 14 days.

Your rights (GDPR / CCPA)

You can request a copy of the data we hold about you, have it corrected, or have it deleted. Email hello@bannerhook.com. We respond within 14 days.

Security

Traffic is HTTPS-only with HSTS preload. Admin access requires a secret slug, a static secret, and TOTP (RFC 6238). API keys used to call third-party providers live only in Railway's secret store. See Terms for acceptable use.

Changes to this policy

Material changes will be announced via the contact email associated with your account. The "Last updated" date above tracks revisions.

← Back to banner·hook