Privacy Policy
Effective: April 22, 2026
This Privacy Policy explains how PT. Modulo Digitalisasi Indonesia ("Assetry," "we," "us") collects, uses, and protects information when you use the Assetry platform at assetry.cc (the "Service").
By using the Service, you agree to this policy. If you do not agree, do not use the Service.
1. Information We Collect
1.1 Information you provide
- Account data: email address and password hash when you register (via Supabase Auth).
- Content you create: prompts, generated videos, images, captions, and analytics notes you save in the Service.
- Communications: emails, waitlist signups, and support messages.
1.2 Information from connected platforms (TikTok, Instagram, Meta)
If you choose to connect a TikTok or Instagram account, we access the following with your explicit consent via OAuth:
- TikTok (Login Kit, scopes
user.info.basicandvideo.list): your TikTokopen_id, display name, avatar, and your own published videos with their public metrics (view count, like count, comment count, share count, title, cover image, creation time). - Meta / Instagram (Instagram Graph API): your Instagram Business/Creator account ID, username, profile picture, and your own published media with their public and insight metrics (reach, impressions, likes, comments, saves, shares).
We do not access private messages, post on your behalf, edit, or delete content on any connected platform.
1.3 Information collected automatically
- Technical data: IP address, browser type, device type, operating system, referring URL.
- Usage data: pages visited, features used, timestamps, and error logs.
- Cookies: session cookies for authentication and preferences. We do not use third-party advertising cookies.
2. How We Use Information
- To provide the Service, including video generation, analytics dashboards, and account management.
- To display your own connected-platform data back to you in the analytics dashboard.
- To authenticate you and secure the Service.
- To communicate with you about your account, product updates, and support requests.
- To improve the Service (aggregated, non-identifying usage analysis).
- To comply with legal obligations.
We do not sell your personal data. We do not use TikTok, Instagram, or Meta data for advertising, training AI models, or sharing with third parties beyond the processors listed below.
3. How We Share Information
We share data only with the following categories of processors, under contract, strictly to run the Service:
- Supabase (database, auth) — stores account data and encrypted access tokens.
- Cloudflare (hosting, Workers, Pages) — serves the site and runs backend API calls.
- fal.ai / Google Gemini / Anthropic (AI providers) — process prompts you submit to generate video, images, and text. Prompts and outputs are transmitted to these providers subject to their own terms.
- Apify — used to fetch public metrics for URLs you paste into the analytics tool.
- TikTok, Meta — only when you use their OAuth flow; we do not send them additional data beyond what their APIs require.
We may disclose information if required by law, subpoena, or to protect the rights, safety, or property of Assetry, our users, or the public.
4. Data Retention
- Account and content data: kept while your account is active. Deleted within 30 days of account deletion.
- OAuth access and refresh tokens: kept until you disconnect the integration from the analytics page, after which they are deleted and we revoke them with the provider.
- Log and usage data: retained for up to 90 days for security and debugging, then automatically purged.
5. Security
We use industry-standard measures: HTTPS everywhere, encryption at rest for tokens, row-level security in the database, scoped service credentials, and the principle of least privilege in our backend. No system is perfectly secure; you use the Service at your own risk.
6. Your Rights
Depending on your jurisdiction (including under GDPR and equivalent laws), you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Delete your data ("right to be forgotten").
- Port your data to another service.
- Withdraw consent for connected-platform integrations at any time.
- Object to or restrict certain processing.
- Lodge a complaint with a supervisory authority.
To exercise any of these rights, email privacy@assetry.cc. You can also disconnect TikTok or Instagram at any time from the analytics page, and delete your account from settings.
7. TikTok- and Meta-Specific Disclosures
If you connect TikTok, your use of TikTok data through the Service is also governed by TikTok's Privacy Policy. You can revoke Assetry's access at any time via your TikTok account settings under Manage app permissions.
If you connect Instagram/Meta, your use is also governed by Meta's Privacy Policy. You can revoke access via your Facebook Business Integrations settings.
8. Children's Privacy
The Service is not directed to children under 13 (or under 16 in the EU). We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.
9. International Transfers
Assetry is operated from Indonesia. Data may be processed in countries where our providers operate (including the United States and the European Union). By using the Service you consent to these transfers.
10. Changes to This Policy
We may update this policy from time to time. Material changes will be posted here with a new effective date, and where appropriate, notified by email. Continued use of the Service after changes means you accept the updated policy.
11. Contact
Questions, requests, or complaints:
PT. Modulo Digitalisasi Indonesia
Email: privacy@assetry.cc
Website: https://assetry.cc