Privacy Policy

Last updated: November 5, 2024

Introduction

This Privacy Policy explains how Movie Summary ("we", "us", or "our") collects, uses, and protects your information when you use our website and services (collectively, the "Service"). We are committed to handling your data responsibly and in compliance with major privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and other applicable regulations.

We aim to write this policy in clear, plain English. If anything is unclear, please contact us using the details in the Contact Us section.

Data We Collect

We collect only the information necessary to provide and improve the Service.

  • Account Information: If you create an account, we collect your email address, name, and authentication details through our authentication provider Clerk. Clerk processes authentication data on our behalf in compliance with GDPR and other privacy regulations.
  • Usage Data: We may collect information about how you use the Service (e.g., pages viewed, referring pages, device/browser type, approximate location based on IP), often in aggregate form. Analytics is only collected with your explicit consent in accordance with GDPR and TTDSG requirements.
  • Cookies and Similar Technologies: We use three categories of cookies:
    • Strictly Necessary: Essential for authentication (Clerk), session management, and core site functionality. These cannot be disabled.
    • Analytics (optional): Google Analytics to understand usage patterns and improve the Service. Only loaded with your consent. IP anonymization enabled.
    • Marketing (optional): Currently not in use. Would require your consent if implemented in the future.

    You can manage your cookie preferences at any time using the Cookie Preferences link in the footer.

How We Use Your Information

  • To operate, maintain, and provide the Service.
  • To analyze usage and improve features, performance, and user experience.
  • To communicate with you (e.g., responses to inquiries, optional newsletters if you opt in).
  • To prevent fraud, enforce our Terms, and ensure the security of the Service.
  • To comply with legal obligations.

We do not sell your personal information. We do not use personal data for cross-context behavioral advertising.

Legal Bases for Processing (EEA/UK)

Where the GDPR applies, we rely on the following legal bases:

  • Contract: to provide the Service you request.
  • Consent: for optional analytics and communications. You can withdraw consent at any time.
  • Legitimate Interests: to maintain and improve the Service, and ensure security.
  • Legal Obligation: where we must comply with applicable laws.

How We Share Information

We share information only as necessary to operate the Service or when required by law:

  • Authentication Provider: We use Clerk to handle user authentication and session management. Clerk acts as a data processor and is GDPR, SOC 2, and ISO 27001 compliant.
  • Analytics (Consent Required): If you consent, we use Google Analytics 4 to help us understand usage patterns in aggregate. We have enabled IP anonymization, disabled ad personalization, and disabled Google Signals to protect your privacy.
  • Hosting & Infrastructure: We use cloud hosting and infrastructure providers under contractual confidentiality obligations.
  • Content data sources: We use third-party APIs to fetch public media metadata, such as TMDB. We do not share your personal information with TMDB.
  • Legal and safety: We may disclose information if required by law or to protect rights, property, or safety.

We do not sell or "share" your personal information as defined under the CCPA/CPRA.

Data Retention & Security

  • We retain information only for as long as necessary for the purposes described above.
  • We use industry-standard security measures to protect information in transit and at rest.
  • No method of transmission or storage is 100% secure; we continually work to improve safeguards.

Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal information:

  • Access a copy of your data and obtain information about how we process it.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data, subject to legal limitations.
  • Restrict or object to certain processing, including objection to direct marketing.
  • Data portability, where applicable.
  • Withdraw consent at any time for processing based on consent.
  • Under CCPA/CPRA: right to know, delete, correct, and opt out of sale/share (we do not sell/share). We do not discriminate for exercising these rights.

To exercise any of these rights, please contact us at privacy@movie-summary.com. We will respond to your request within the timeframes required by applicable law (typically 30 days for GDPR requests).

If you have an account, you can manage some information through your account settings. To manage cookie preferences, use the Cookie Preferences link in the footer.

For EU/EEA users: You have the right to lodge a complaint with your local data protection authority if you believe we have not adequately addressed your concerns.

Cookies & Tracking Technologies

We use cookies and similar technologies in compliance with GDPR, TTDSG (German Telecommunications Act), and other applicable privacy laws. We implement an opt-in consent model for all non-essential cookies.

Cookie Categories

Strictly Necessary Cookies

Always Active - Required for core functionality. These cookies enable authentication (via Clerk), session management, security features, and remember your cookie preferences. You cannot opt out of these cookies.

Examples: __session, __client_uat, app_consent_v1

Analytics Cookies (Optional)

Requires Consent - Help us understand how visitors use our site through Google Analytics. IP anonymization enabled. No ad personalization or Google Signals.

Examples: _ga, _gid, _ga_*

Marketing Cookies (Optional)

Requires Consent - Currently not in use. If we add marketing trackers in the future, they will only load with your explicit consent.

Your consent choices are stored for 6 months. You can change your preferences at any time by clicking the Cookie Preferences link in the footer of any page.

International Data Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards, such as Standard Contractual Clauses, to protect your information.

Third-Party Links

Our Service may link to third-party websites. We are not responsible for the privacy practices of those sites. We encourage you to review their policies.

Changes to this Policy

We may update this Privacy Policy from time to time. We will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

Contact Us

If you have questions or requests regarding this Privacy Policy, contact us at privacy@movie-summary.com or contact@movie-summary.com.

Last updated: November 5, 2024