Skip to content

Privacy Policy

How we collect, use, and protect your personal data.

Last updated: 18 April 2026

SelfTape Studio ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you use our service at selftapestudio.com.

1. Data Controller

SelfTape Studio is the data controller responsible for your personal data. If you have any questions, contact us at privacy@selftapestudio.com.

2. Data We Collect

We collect the following categories of personal data:

  • Account information — name, email address, and authentication provider used (e.g. Google sign-in or email magic link). We do not collect or store passwords.
  • Payment information — processed securely by our payment provider (Stripe). We do not store card details.
  • Video recordings and audio files you create within the service.
  • Script files you upload or enter.
  • Usage data — pages visited, features used, device type, browser.
  • Cookies — see section 8.

3. How We Use Your Data

We use your data to:

  • Provide and operate the SelfTape Studio service.
  • Process your payments.
  • Send your self-tapes to your nominated recipients.
  • Process script content through AI features (see section 5).
  • Improve our service and fix bugs.
  • Send essential service communications (e.g. sign-in links, account notifications).
  • Comply with legal obligations (e.g. tax reporting, responding to lawful requests from authorities).

4. Legal Basis for Processing

Under UK GDPR, we process your data on the following bases:

  • Contract performance — to provide the service you signed up for.
  • Legitimate interests — to improve our product and prevent fraud.
  • Consent — for optional marketing communications.
  • Legal obligation — tax, accounting, and regulatory requirements.

5. Data Sharing

We do not sell your personal data. We share data only with the following categories of third party:

  • Hosting and infrastructure providers (Vercel, Supabase, Google Cloud) — for service operation.
  • Payment processor (Stripe) — for transaction processing.
  • AI service providers — script content may be transmitted to third-party AI providers' APIs for script processing features such as script analysis and text-to-speech. We currently use Anthropic (Claude) and OpenAI. Content sent via API is processed under our data processing agreements and is not used to train their models.
  • Your nominated recipient — when you choose to send a self-tape to an agent, casting director, or other recipient.
  • Law enforcement or regulators — when required by law.

All third-party processors are bound by data processing agreements that require them to handle your data in accordance with UK GDPR.

6. Data Retention

  • Account data — retained for as long as your account is active. An account is considered inactive if you have not logged in for 12 months. We will send a notification email after 11 months of inactivity giving you 30 days to log in before your account and associated data are deleted.
  • Video recordings, audio files, and scripts — retained until you delete them or your account is closed.
  • Sharing links — expire after 7 days.
  • After account deletion — we remove your personal data within 30 days, except where retention is required by law (e.g. transaction records retained for 6 years for tax purposes).

7. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data.
  • Correct inaccurate data.
  • Request deletion of your data.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time.

To exercise these rights, contact privacy@selftapestudio.com.

8. Cookies

We use essential cookies required for the service to function, including authentication, theme preference, and language selection. We do not currently use analytics cookies. If we introduce analytics or non-essential cookies in the future, we will update this policy and request your consent before setting them.

9. International Transfers

Your data may be processed outside the UK by our infrastructure providers. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the ICO.

10. Security

We implement appropriate technical and organisational measures to protect your data, including encryption in transit (TLS) and at rest, access controls, and regular security reviews.

11. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours and inform affected users without undue delay, as required by UK GDPR.

12. Automated Decision-Making

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

13. Children

Users must be aged 13 or over to use SelfTape Studio. We do not knowingly collect data from children under 13.

14. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or an in-app notification.

15. Contact

For privacy-related enquiries, contact us at privacy@selftapestudio.com.