This Privacy Policy explains what data Skerly ("we", "us", "the app") collects when you use the Skerly iOS app, how we collect it, how we use it, who we share it with, and what rights you have. By using Skerly you agree to this policy.
1. Data we collect
Account information
Apple ID email (or relay email) and full name when you sign in with Apple. Used only to identify your account.
Email and hashed password if you choose to sign up with email/password. Handled by Firebase Authentication; we never see your plaintext password.
Content you submit for AI generation
Text prompts you type for video, image, ad, prompt-enhancement, and voice generation.
Photos and images you upload from your photo library or camera roll, only when you explicitly attach them to a generation (for example a reference image, a brand logo, or an image for upscaling or background removal).
Generated outputs (videos, images, and audio) are stored in your private Firebase Storage area so you can re-open them later.
Skerly Agent (multi-clip video assistant)
When you use Skerly Agent — an optional assistant that turns a brief into a multi-scene AI video — we may also process:
Prompts, PDFs, scripts, and briefs you provide to plan a multi-scene video. Uploaded documents are read so we can extract the text used for planning.
Reference images and videos (faces, logos, product shots, clips, or other media you choose) — sent only after you confirm you own or have permission to use them.
Intermediate clips generated for each scene, and the final stitched video produced from them.
Optional voiceover and captions — when you enable these, text from your plan is sent for speech (voiceover) or subtitle (caption) generation.
Brand Kit & Agent Memory (optional)
If you choose to set up a Brand Kit (also called Agent Memory), we store the following scoped to your account only — it is never shared across users or mixed with anyone else's data:
Brand details you type in — such as brand, product, and app names, target audience, tone, brand colors, call-to-action examples, and style notes.
Safe text descriptions of reference images and videos you choose to add to memory. These are short written descriptions only — not the image or video files themselves.
Embeddings (numeric vectors) computed from those text descriptions and notes so the agent can search your own brand memory for relevant context. Your raw uploaded images, videos, and files are never turned into embeddings or sent to the embeddings provider.
Brand Kit memory is shown to you for confirmation before generation and is never applied automatically. You can review, edit, or clear any Brand Kit field in the app at any time; clearing a field removes the stored value, and deleting your account removes all Brand Kit details, notes, and embeddings. Brand Kit data is retained until you change it, clear it, or delete your account (see Section 7).
How Skerly Agent shares this data
To plan and produce your video, Skerly Agent sends the inputs above to third-party AI providers that process your content solely to generate the output you request. Replicate is the primary processor for generating clips, images, and audio; OpenRouter is used for text planning and for computing Brand Kit embeddings; and we may fall back to OpenAI, Anthropic, or Fal when needed. Each provider operates under its own privacy policy and is required to provide equal data protection (see Section 4). As elsewhere in the app, we do not show underlying model names in the app interface.
Ownership of uploads. By using reference uploads in Skerly Agent you confirm that you own or have permission to use any uploaded face, photo, video, logo, or reference file.
Usage and technical data
Job records: which model you used, when, the credit cost, whether the job succeeded or failed.
App diagnostics and crash data: crash logs and basic performance metrics via Firebase Crashlytics (no personally identifiable information).
Push notification token (FCM registration token) so we can notify you when a generation completes.
Device identifiers: anonymized identifiers used by Firebase App Check to confirm requests come from a genuine copy of the app and to prevent abuse of our API.
Purchase data
When you buy credits or a subscription via Apple In-App Purchase, we receive a signed transaction receipt from Apple. We validate the receipt server-side and store a hash of it plus the product ID and transaction ID. We never see your payment card or Apple ID password.
2. How we collect your data
Information you enter: your account details and the text prompts you write.
Files you upload: the photos and images you choose to attach to a generation.
Information collected automatically: job and usage records, crash data, push notification tokens, and anonymized device identifiers, gathered as you use the app.
Information from Apple: your sign-in details and In-App Purchase receipts.
3. How we use your data
To generate your AI content — your text prompts and uploaded images are sent to third-party AI providers (see Section 4) to produce the videos, images, and audio you request.
To operate and secure the service — to run your account, store your results, prevent abuse, and keep the app working reliably.
To process payments — to validate your purchases and grant the credits or subscription you bought.
To improve the app — to diagnose crashes and understand which features are used, using aggregated and anonymized data.
4. Third-party AI providers we share your data with
To make AI generations work, we send the text prompts you enter and any photos or images you upload to third-party AI providers for the sole purpose of generating the content you request. The AI providers we use include:
OpenAI
Google
Black Forest Labs
MiniMax
ByteDance
Kling
Luma
Pika
Alibaba
Ideogram
Recraft
These providers are accessed through our processing partners Replicate and fal.ai, which route your prompt and any uploaded image to the specific model you selected. OpenAI is additionally used for optional prompt enhancement and for safety moderation of every prompt (see Section 5). Each provider operates under its own privacy policy.
Equal data protection. We require all third-party AI providers we work with to provide the same or equal level of data protection as described in this policy, and to use submitted data solely for generating your requested content.
You give your permission for this sharing the first time you open the app, and you can review or withdraw it at any time in Settings → AI Data Processing. If you withdraw consent, generation features are disabled and no further prompts or images are sent.
Other service providers
Google Firebase — hosts our database, file storage, Cloud Functions, App Check, and Cloud Messaging.
Resend — sends transactional email (password resets) from noreply@skerly.com.
Apple App Store Server API — validates In-App Purchase receipts and processes server-to-server subscription notifications.
We do not sell your data, share it with advertisers, or use it for ad tracking. We do not include any ad SDKs in the app. We do not use the IDFA.
5. AI content moderation
Every prompt is automatically checked by OpenAI's Moderation API before we forward it to any provider. Prompts that are flagged for violence, sexual content involving minors, self-harm, hate, or similar policy violations are rejected and not sent to any provider. The blocked prompt is stored only for abuse-prevention auditing for 30 days, then deleted.
6. AI-generated content disclosure
All videos and images generated through this app are produced by artificial intelligence. They are synthetic and do not represent real events, real people, or real places, even when they appear realistic. Some providers (such as OpenAI Sora 2 and Google Veo) require their AI-generated outputs to retain a visible or invisible watermark — we do not remove these.
7. Data retention
Your account and content stay until you delete them.
You can delete your account at any time from Settings → Sign Out → Delete Account, or email info@kousarglobal.com.
Deletion permanently removes your generated content, prompts, and account record within 30 days. Aggregate, anonymized usage statistics may be retained.
Skerly Agent & Brand Kit data — your plan inputs, reference descriptions, Brand Kit details, notes, and embeddings are kept until you change or clear them in the app, or delete your account (which removes them within 30 days).
Moderation logs and tax-relevant purchase records are kept for up to 7 years per applicable law.
8. Your rights
Subject to your local law (including GDPR for EU users and CCPA for California users), you have the right to:
Access a copy of your stored data.
Correct inaccurate data.
Delete your account and content.
Object to processing or withdraw consent — including by turning off AI Data Processing in Settings.
Portability — receive your generated content in a machine-readable format.
Data is transmitted over HTTPS/TLS. Database access is restricted by Firebase Security Rules — users can only read their own data, and all writes go through audited Cloud Functions. Provider API keys are stored in Google Cloud Secret Manager and never shipped in the app.
10. Children
Skerly is not directed at children under 13 and we do not knowingly collect data from anyone under that age. If you believe a child has provided us data, contact info@kousarglobal.com and we will delete it.
11. Changes to this policy
Material changes will be posted here with a new "last updated" date. If the change is significant we will also notify you in-app at next launch.