AI Video Detector

Trust & Transparency

Security

How AI Video Detector protects your data, accounts, and infrastructure.

Infrastructure

Hosting & edge network

AI Video Detector runs on Cloudflare Workers, a serverless edge computing platform. All traffic is served over HTTPS. Cloudflare provides DDoS protection, WAF, and edge caching.

Database & storage

User data, scan metadata, and subscription records are stored in Cloudflare D1 (SQLite-based database). Uploaded videos and evidence frames are stored in Cloudflare R2 (S3-compatible object storage). Both run within Cloudflare's infrastructure.

Encryption in transit

All connections between your browser and AI Video Detector use TLS 1.2+. API calls to detection providers use HTTPS. No data is transmitted over unencrypted channels.

Encryption at rest

Cloudflare D1 and R2 encrypt data at rest by default using industry-standard encryption. We do not implement additional application-level encryption for stored data.

Access controls

  • Authentication: User accounts use Google OAuth. We do not store passwords.
  • Session management: Sessions are managed via signed HTTP-only cookies with CSRF protection.
  • API access: API endpoints use authentication middleware and rate limiting. Scan results are tied to the authenticated session or anonymous fingerprint.
  • Admin access: Administrative functions are protected by role-based access controls. Access is limited to essential personnel.
  • Third-party providers: For Free and Starter plans, extracted frames are sent to Sightengine for analysis. For Pro plans, the full video is sent to BitMind. Regardless of plan, providers do not receive user account data, billing information, or unrelated metadata.

Data handling

  • Upload retention: Free plan uploads and evidence frames are deleted within 24 hours. Pro plan retention is 7 days by default.
  • Scan metadata: Scan scores, verdicts, and metadata are retained for account functionality and usage tracking.
  • No training use: We do not use uploaded videos to train our own models. Detection providers process submitted data only for analysis under their own privacy policies and data processing terms.
  • Data deletion: Users can request data deletion by contacting privacy@aivideodetector.dev. See also Data Deletion.

Responsible disclosure

If you discover a security vulnerability in AI Video Detector, please report it responsibly. Do not publicly disclose the vulnerability until we have had a chance to address it.

Security contact

Email: security@aivideodetector.dev

Please include a description of the vulnerability, steps to reproduce, and the potential impact. We aim to acknowledge reports within 48 hours.

Compliance notes

  • AI Video Detector is not SOC 2 or ISO 27001 certified. We follow industry best practices for data protection and access control.
  • For EU/UK users: data processing details, legal basis, and transfer information are in our Privacy Policy.
  • For cookie and tracking details, see our Cookie Policy.