Section 1
Introduction
This Privacy Policy explains how ELSE GROUP LLC, a Florida limited liability company (D-U-N-S 12-680-5708) operating under the brand CINERIOS (“CINERIOS,” “we,” “us,” or “our”), processes your personal data. ELSE GROUP LLC is the data controller responsible for the personal data described in this policy.
CINERIOS is an AI-powered media platform. Our content is generated through automated production pipelines that rely on third-party artificial-intelligence providers. We operate a consumer-facing streaming and theater application and a production studio. Users can submit ideas and prompts, and the community can vote on what gets produced.
This policy applies to the cinerios.com website, the CINERIOS streaming and theater mobile application, and the CINERIOS studio application at studio.cinerios.com (together, the “Services”).
This Privacy Policy is a notice of our data-processing practices. It is not a contract, and using the Services is not your “agreement” to it. We process personal data on the legal bases described in Section 9 (such as performance of a contract, our legitimate interests, your consent where required, and compliance with legal obligations), not on the basis of this notice alone.
The Services are intended for users aged 18 and over. The Services are not directed to, and may not be used by, anyone under the age of 18. See Section 13.
Section 2
Information We Collect
(a) Information you provide to us
When you use the Services, you may provide us with:
- Account information — your email address, name, and account credentials.
- Ideas, prompts, and content you submit — the ideas, prompts, text, votes, and other content you create or upload through the Services to drive media generation and community curation.
- Payment information — purchases are processed by Apple and/or Stripe. We do not collect or store full payment card numbers; our payment processors handle that information directly and provide us only with limited transaction confirmation details.
- Communications — information you provide when you contact us, request support, respond to surveys, or sign up for early access.
(b) Information collected automatically
When you use the Services, we may automatically collect:
- Device information — device type, operating system, and application version.
- IP address and the approximate (city- or region-level) location derived from it.
- Usage and analytics data — how you interact with the Services, features used, content viewed, and diagnostic data.
- Cookies and similar technologies — see Section 5 and our Cookie Policy.
(c) Information from third parties
We may receive information about you from third parties that help us deliver the Services, including authentication providers (when you sign in) and payment providers (such as Apple and Stripe) that confirm transactions.
We do not collect biometric data. All voices and likenesses used in CINERIOS content are synthetic or licensed. CINERIOS does not collect, capture, store, or process end-user voiceprints, facial geometry, facial-recognition data, or any other biometric identifiers or biometric information.
Section 3
How We Use Your Information
We use the information we collect to:
- Provide and operate the Services — generate media from your ideas and prompts, run community voting and curation, and maintain platform functionality;
- Manage your account — create, authenticate, and support your account;
- Process payments — complete transactions, deliver purchases, and manage subscriptions and credits;
- Communicate with you — send service and transactional messages, and, where permitted, early-access and marketing emails (you can opt out of marketing at any time without affecting service messages);
- Improve and secure the Services — understand usage, develop and improve features, and detect, prevent, and address fraud, abuse, and security issues; and
- Comply with legal obligations — meet legal, accounting, and regulatory requirements and enforce our terms.
AI Training
We do not use the ideas, prompts, or content you submit to train AI models. When your submissions are sent to third-party AI providers to generate output for you, we use those providers’ no-training and zero-data-retention processing tiers, which contractually prohibit the use of your inputs and outputs to train or improve their models and require deletion after processing. We do not sell your submissions, and we do not use them to build or train our own models.
Section 4
How We Share Your Information
We share information with service providers, processors, and subprocessors who perform services on our behalf. These providers are bound by contract — including data processing agreements meeting GDPR Article 28 and CCPA/CPRA service-provider and contractor terms — to use the information only to provide services to us and to maintain a level of protection equivalent to that described in this policy. They fall into the following categories:
- Cloud hosting and storage — Amazon Web Services (AWS), which hosts the Services and stores data;
- Payment processing — Apple and Stripe;
- AI / machine-learning model providers — OpenAI, Anthropic, Google, Kling, RunwayML, and ElevenLabs, used to generate media and power the Services;
- Analytics — Google Analytics, Google Tag Manager, and Microsoft Clarity, which help us understand how the Services are used;
- Email and communications — providers used to send service and marketing messages to you.
AI processing of your submissions. The ideas, prompts, and content you submit are processed by the third-party AI model providers listed above in order to generate the output you request. As described in Section 3, this processing is performed under no-training and zero-retention terms.
We may also disclose information:
- For legal and safety reasons — to comply with applicable law, legal process, or lawful requests, and to protect the rights, property, or safety of CINERIOS, our users, or others; and
- In a business transfer — in connection with a merger, acquisition, financing, reorganization, or sale of assets, where information may be transferred as part of that transaction, subject to this policy.
We do not sell your personal information. Under California law, disclosing personal information for “cross-context behavioral advertising” may be considered “sharing” even where no money changes hands. CINERIOS does not currently sell or share your personal information for cross-context behavioral advertising. If this ever changes, we will provide and honor the opt-out rights described in Sections 9 and 10, including recognition of opt-out preference signals.
Section 5
Cookies and Tracking Technologies
We and our providers use cookies and similar technologies to operate the Services, remember your preferences, secure your session, and understand usage. We use Google Analytics and Google Tag Manager, as well as Microsoft Clarity, to measure and analyze how the Services are used.
For details about the specific cookies we use, their purposes, and how to manage your preferences, please see our Cookie Policy.
Section 6
Data Retention and Deletion
We retain personal data only for as long as necessary for the purposes described in this policy. Our standard retention periods are:
- Account data — deleted within 30 days of account closure;
- Billing and tax records — retained for 7 years to meet legal, accounting, and financial obligations;
- Backups — purged within 90 days, after which residual copies in backup media are no longer retained; and
- Anonymized or aggregated data — which can no longer be associated with you, may be retained indefinitely for analytics and Service improvement.
You can delete your account and associated data at any time through our account deletion process, or by contacting us using the methods in Section 9. Where we rely on your consent to process personal data, you may withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
Section 7
Automated Processing and Profiling
We use automated processing to recommend content and personalize your experience — for example, suggesting titles to watch or ideas to vote on based on your activity and preferences.
This personalization is not used to make decisions that produce legal effects concerning you or that similarly significantly affect you. We do not use automated decision-making, including profiling, of the kind described in Article 22 of the GDPR for such decisions.
If you are in the EEA or UK, you have the right to object to processing based on our legitimate interests, including profiling for personalization. California residents have transparency and opt-out rights regarding automated decision-making technology (ADMT) under the CPRA. To exercise these rights, contact us using the methods in Section 9.
Section 8
Sensitive Personal Information
We do not seek to collect “sensitive personal information” as defined under the CPRA (such as government identifiers, precise geolocation, racial or ethnic origin, religious beliefs, health information, or biometric identifiers). As stated in Section 2, we do not collect biometric identifiers.
The only sensitive information we may process is information you voluntarily choose to include in the ideas, prompts, or content you submit. We ask that you do not include sensitive personal information in your submissions. To the extent any such information is processed, we use it solely to provide the Services and you have the right to limit its use and disclosure. To exercise this right, contact us using the methods in Section 9.
Section 9
Your Privacy Rights
(a) EEA / UK (GDPR and UK GDPR)
If you are in the European Economic Area or the United Kingdom, we process your personal data on one or more of the following legal bases:
- Performance of a contract — to provide the Services you request, manage your account, and process payments;
- Legitimate interests — to secure, improve, and analyze the Services and to communicate with you, balanced against your rights;
- Consent — for marketing communications and non-essential cookies, where required; and
- Legal obligation — to comply with applicable law, including tax and accounting requirements.
Subject to applicable law, you have the right to:
- Access the personal data we hold about you;
- Rectify inaccurate or incomplete data;
- Erase your data (the “right to be forgotten”);
- Restrict processing in certain circumstances;
- Data portability — receive your data in a structured, commonly used, machine-readable format;
- Object to processing based on legitimate interests or to direct marketing;
- Withdraw consent at any time where processing is based on consent; and
- Lodge a complaint with your local data protection supervisory authority (in the EEA) or the UK Information Commissioner’s Office (in the UK).
(b) California (CCPA / CPRA)
If you are a California resident, subject to applicable law you have the right to:
- Know what personal information we collect, use, disclose, and the purposes for doing so;
- Delete personal information we have collected from you;
- Correct inaccurate personal information;
- Opt out of the sale or sharing of personal information (see Section 10);
- Limit the use and disclosure of sensitive personal information (see Section 8); and
- Non-discrimination — you will not be discriminated against for exercising your rights.
(c) How to exercise your rights
You can submit a privacy request through either of two methods:
- Email us at privacy@cinerios.com; or
- Use our privacy request webform / in-app privacy flow.
We will verify your identity before responding, as required by law, and we may ask for information sufficient to confirm you are the person to whom the data relates. You may use an authorized agent to submit a request on your behalf where permitted by law.
Response timelines. For California (CCPA/CPRA) requests, we will respond within 45 days, which may be extended by an additional 45 days (up to 90 days total) where reasonably necessary, with notice to you. For EEA/UK (GDPR) requests, we will respond without undue delay and within one month of receipt, extendable by up to two further months for complex or numerous requests, with notice to you.
Section 10
Do Not Sell or Share My Personal Information
CINERIOS does not sell or share your personal information.
We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising. Because we do not engage in these activities, there is currently nothing to opt out of.
Should this ever change, you will be able to opt out at any time, and we will honor browser-based opt-out preference signals, including the Global Privacy Control (GPC), as a valid request to opt out of the sale or sharing of personal information for the browser or device from which the signal is sent. You may also exercise this right using either method described in Section 9.
Section 11
International Data Transfers
CINERIOS is operated from the United States, and your personal data is processed and stored in the United States and in other countries where we or our service providers operate. These countries may have data protection laws that differ from those in your country.
Where we transfer personal data out of the EEA or the UK, we rely on appropriate safeguards, including the European Commission’s Standard Contractual Clauses (and the UK International Data Transfer Addendum), and, where the recipient is certified, the EU-US Data Privacy Framework (including the UK Extension and the Swiss-US Data Privacy Framework). You may request a copy of the relevant safeguards by contacting us using the methods in Section 9.
Section 12
EU and UK Representatives
Because we offer the Services to individuals in the European Economic Area and the United Kingdom, ELSE GROUP LLC has appointed a representative in the European Union pursuant to Article 27 of the GDPR, and a representative in the United Kingdom pursuant to Article 27 of the UK GDPR. You may contact our representatives on matters relating to the processing of your personal data, in addition to or instead of contacting us directly.
EU Representative (GDPR Art. 27): Contact our EU representative at privacy@cinerios.com (please mark your message “EU Representative”).
UK Representative (UK GDPR Art. 27): Contact our UK representative at privacy@cinerios.com (please mark your message “UK Representative”).
Section 13
Children’s Privacy
The Services are intended for users aged 18 and over. The Services are not directed to children, and they may not be used by anyone under the age of 18.
We do not knowingly collect personal information from anyone under 18. If you believe that someone under 18 has provided us with personal information, please contact us at privacy@cinerios.com so that we can delete it.
Section 14
Security
We use reasonable administrative, technical, and organizational measures designed to protect your information against unauthorized access, loss, misuse, and alteration. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Section 15
Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. Material changes may be communicated to you through the Services or by other means. We encourage you to review this policy periodically.
Section 16
Contact Us
If you have questions about this Privacy Policy or our privacy practices, or wish to exercise your rights, contact us at:
ELSE GROUP LLC
7901 4th St N, Ste 300
Saint Petersburg, Florida 33702
United States
Privacy: privacy@cinerios.com
General: hello@cinerios.com
You may also contact our EU and UK representatives as described in Section 12. This Privacy Policy is governed by the laws of the State of Florida, United States, without prejudice to the rights available to you under the data protection laws of your country of residence.