Privacy Policy
This Privacy Policy explains how ElTigreLabs ("the Service"), operated by ElTigre Labs ("we"), collects, uses, and protects information when you use the Service. ElTigreLabs is a single-user personal AI assistant โ the data handled by the Service belongs to the account owner.
1. Information we collect
- Content you create: photos, videos, text, captions, and related metadata you upload to the Service.
- Connected accounts: when you link TikTok or other platforms, we store the OAuth access token, refresh token, and your public profile identifier (open_id, display name, avatar URL) locally in the Service's database.
- Usage data: timestamps of actions performed inside the Service (e.g., when a video was generated or published) for debugging and audit.
2. How we use it
- To generate videos, captions, and related content on your behalf.
- To publish content to connected third-party platforms when you explicitly request it.
- To maintain a history of your own posts so you can review or retry failed publishes.
3. Where the data lives
All user data is stored locally on the server you control, in a SQLite database. We do not transmit your content to any third-party server except:
- The platform you explicitly chose to publish to (e.g., TikTok), solely to fulfill your publish request.
- AI providers used for optional caption generation (Ollama running locally; or, at your configuration, Cerebras, Groq, Mistral, or Anthropic APIs) โ only the caption prompt is sent, never your tokens or media.
4. Third-party platforms
When you connect TikTok, the Service requests the scopes user.info.basic, video.upload, and video.publish. These scopes are used only to identify your account and to upload videos you explicitly request to publish. We never read your TikTok inbox, followers, or any data outside the requested scopes.
5. Data retention and deletion
You may delete any stored content, token, or post history at any time by removing the rows from the local database or by using the "Disconnect" action in the Studio dashboard, which deletes the OAuth tokens for the disconnected platform.
6. Security
Access tokens and refresh tokens are stored in the local database with filesystem-level access controls. Requests to the Service's API require a private API key configured by the account owner. We use HTTPS for all outbound requests to third-party APIs.
7. Children
The Service is not directed to children under 18 and we do not knowingly collect data from them.
8. Your rights
Because the Service runs entirely under your control, you retain full rights over your data, including the right to access, export, or permanently delete it.
9. Changes to this Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect the most recent change.
10. Contact
For questions about privacy, contact firstclassremodelingtx@gmail.com.