Privacy
Policy.

At Xerpihan, your privacy is our top priority. This policy explains how PT Xerpihan Kata Digital ("Xerpihan", "We", "Us") manages your information when you use our platform, including Xerpihan Studio (Market Intelligence, Content Studio / Creative Center, Colab Market, social connections, Content Calendar, Enterprise projects), and—when you use those flows—project-based Managed & Language Services (e.g. translation, proofreading, subtitling, transcription, professional content production) that involve human specialists.

By continuing to use our platform, you consent to the practices described in this policy.

We use your information to:

• Provide and maintain our services, including AI content creation, strategy planning, and collaboration.
• Process your inputs through third-party AI models to generate content (images, videos, carousels, blogs).
• Generate content recommendations and marketing strategies via Market Intelligence using your business data and public web research.
• Display your profile on the Colab Market for discovery and collaboration matching.
• Retrieve and display analytics from social media accounts you connect.
• Publish content to connected social media accounts if you authorize that feature.
• Manage your Enterprise account and team collaborations.
• Improve our AI algorithms through anonymized and aggregated data.
• Perform billing and financial administration.
• Process, manage, and fulfill Managed & Language Service orders, including assigning materials to qualified specialists or partners.
• Operate team and assignment flows for specialists and track quality and completion of project work.

AI Model Providers

Your data may be processed by AI models from the following providers, each with their own data processing policies:

• Google: Gemini models for text, image generation, and analysis; Imagen models for images; Veo models for video generation; Google Search for market research grounding; YouTube Data API for trend analysis.
• Anthropic: Claude models for text generation and content analysis.
• OpenAI: GPT models for text generation and content analysis.

Data Sent to AI Models

When using the Creative Center and Market Intelligence, the following data may be sent to AI providers:

• Your prompts, instructions, and chat messages.
• Brand Assets (logos, images) selected for inclusion in content generation.
• File attachments uploaded through the chat interface.
• Business information (description, industry, target markets) for recommendation personalization.
• Website URLs and social media profiles for market research.
• Generated video frames for further video creation.

AI Data Retention

Chat history, generation results (images, videos, text), and request metadata are stored in our cloud infrastructure (Google Firebase). You can delete history and generated assets through your dashboard settings.

Supported Platforms

You may connect the following social media accounts via OAuth:

Token Storage

OAuth tokens and access credentials are securely stored in our Firebase infrastructure. These tokens are only used to retrieve data according to the permissions you granted when connecting the account.

Disconnecting

You may disconnect social media accounts at any time via the dashboard. Once disconnected, we delete the access tokens and stop fetching new data. Previously retrieved analytics data may be retained for historical reporting purposes unless you explicitly request deletion.

Discovery Data

Users who have completed onboarding may be discovered by other users on the Colab Market. The following data is visible on the discovery page:

• First and last name, profile photo.
• Industry, topic, and business description.
• Target markets and social media URLs.
• YouTube channel name (if available).

Collaboration Data

When a collaboration request is sent, the recipient sees: the sender's content metadata (title, platform, format, thumbnail, and first 300 characters of the caption), proposal message, and the sender's basic profile information.

Default Avatars

If you do not have a profile photo, an avatar is generated using the DiceBear service (api.dicebear.com). Your name or initials may be used as a seed to generate a unique avatar.

Who Processes Your Data

To deliver professional services (translation, proofreading, subtitling, transcription, content production, and related offerings), we may disclose source materials, instructions, and necessary order metadata to internal team members and to third-party specialists or providers bound by confidentiality and appropriate-use obligations. Disclosure is limited to what is needed to fulfill the order and project governance.

Storage & Retention

Project files, message threads, and deliverables may be stored in our infrastructure (e.g. Firebase) as needed for fulfillment, quality assurance, legal archive, or contractual requirements. Specific periods may be set in enterprise agreements or orders; otherwise we apply reasonable retention practices consistent with the Security & Retention section of this policy.

We share your data with the following third parties to provide our services:

• AI Providers — Google (Gemini, Imagen, Veo):

  Text processing, image and video generation, market research, Google Search grounding, YouTube Data API, and content analysis.

• AI Providers — Anthropic (Claude):

  Text generation and content analysis.

• AI Providers — OpenAI (GPT):

  Text generation and content analysis.

• Social Media Platforms — Meta, TikTok, Google/YouTube, X:

  Retrieval of analytics and content performance data via official APIs (only if you connect your account).

• Cloud & Hosting Services — Google Firebase:

  Databases (Firestore), file storage (Firebase Storage), authentication, and Cloud Run hosting for backend services.

• Avatar Service — DiceBear:

  Default avatar generation for users without profile photos.

• Payment Gateways:

  Our official payment partners (e.g. Stripe) to process secure transactions, including subscriptions, AI credit purchases, and Managed Service order payments.

• Specialists & service partners:

  Translators, editors, production staff, or other partners assigned to fulfill Managed & Language Services, under confidentiality arrangements with Xerpihan.

International Data Transfer

Your data may be processed on servers located outside Indonesia, including but not limited to the United States, Europe, and Asia-Pacific, depending on the server locations of third-party service providers. We ensure such transfers are protected by adequate data processing agreements.

You have full control over your data:

• Access & Portability

  Download all your Content Assets, AI generation history, and job history at any time.

• Right to be Forgotten

  Request permanent deletion of your account and data via settings dashboard or email. This includes onboarding data, Content Assets, AI chat history, collaboration data, and connected account tokens.

• Profile Visibility Control

  Manage what information is visible on the Colab Market through your profile settings.

• Connection Revocation

  Disconnect connected social media accounts at any time. You may also revoke permissions directly from your social media platform settings.

If you have questions about this policy, wish to exercise your data rights, or wish to report a security issue, please contact our privacy team at: