Last updated: June 24, 2026
This Privacy Policy explains how Dreamtide LLC (“Dreamtide,” “we,” “us”) — a Delaware, USA company with operations conducted from El Salvador — collects, uses, shares, and protects your personal data when you use dreamtide.co and the Dreamtide platform (the “Platform”). It applies to all visitors and users. By using the Platform, you agree to this Policy. For how we use cookies, see our Cookie Policy.
We collect the following categories of personal data:
Identity & Account
Name, email address, password (stored hashed, never in plain text), and profile photo if you add one.
Payment & Billing
Subscription plan, transaction history, and billing country/postal code. Payments are processed by Stripe — we do not collect or store your full card number.
Content You Create & Upload
Briefs, prompts, scripts, reference images and brand assets you upload, and the videos, audio, and images you generate (your “Projects”).
Usage & Device Data
IP address, device and browser type, pages visited, features used, generation history, and approximate location derived from your IP.
Marketing & Attribution
The URL parameters (UTM tags) and referrer that brought you to the Platform, and advertising/analytics identifiers set by the Meta Pixel and Google Analytics (see Section 4).
Communications
Emails and messages you send us (e.g., support requests) and your marketing preferences.
We collect data: (a) directly from you when you create an account, upload content, subscribe, or contact us; (b) automatically through cookies and similar technologies as you use the Platform; and (c) from third parties, such as Stripe (payment confirmation and billing location) and Google/Meta (advertising and analytics signals).
We use your data to provide and operate the Platform, generate your content, process payments, secure accounts and prevent abuse, provide support, send service and (with your consent where required) marketing communications, measure and improve our advertising and the Platform, and comply with legal obligations. We do not sell your personal data.
Where the GDPR or similar laws apply, our legal bases are: performance of a contract (to provide the Platform you signed up for), legitimate interests (to secure, analyze, and improve the Platform and measure marketing), consent (for non-essential cookies and marketing where required, which you may withdraw at any time), and legal obligation (for tax, accounting, and compliance).
To measure and improve our marketing, we use the Meta Pixel and Meta’s Conversions API (server-to-server events), Google Analytics 4, and may use Google Ads conversion measurement. These tools record events such as page views, sign-ups, checkout, and purchases so we understand which campaigns work.
Advanced Matching: with advanced matching enabled, we send certain identifiers — such as a hashed email address, name, and a Dreamtide user ID — to Meta in hashed (SHA-256) form. Meta never receives this information in plaintext from us; the hashes are used only to attribute conversions to the right campaign and build advertising audiences. You can opt out via your Facebook Ad Preferences, Google Ad Settings, your browser, or by contacting [email protected].
We share data with trusted providers who process it on our behalf to run the Platform. Each operates under its own privacy terms:
We may also disclose data to comply with law, enforce our Terms, protect rights and safety, or in connection with a merger, acquisition, or sale of assets. We do not sell your personal data for money.
Dreamtide is a U.S. company that operates from El Salvador and uses service providers in the United States and other countries. Your data may therefore be processed in, and transferred to, the United States, El Salvador, and other jurisdictions whose data-protection laws may differ from those where you live. Where required (for example, for transfers of EU/UK personal data), we rely on appropriate safeguards such as Standard Contractual Clauses or your consent.
We keep account data while your account is active. Projects and generated content are retained until you delete them or close your account. After you delete your account, your projects, brand kits, and personal data are permanently erased within 30 days, except a minimal anonymized record (e.g., a Stripe customer ID, with no name or email) kept for invoicing and tax compliance. Payment records are retained as required by law.
Depending on where you live, you may have the right to access, correct, delete, or export your personal data, to object to or restrict certain processing, and to withdraw consent. You can manage most data from the Settings page or by emailing [email protected]. You may delete your account at any time from Settings › Profile › Delete Account.
EU/UK (GDPR): you may also lodge a complaint with your local data-protection authority. California (CCPA/CPRA): you have the right to know what personal information we collect, to delete it, to correct it, and to opt out of “sharing” for cross-context behavioral advertising; we do not sell personal information for money, and we will not discriminate against you for exercising your rights. To exercise any right, contact us at the email above; we will verify and respond within the timeframes required by law.
We may send you service-related emails (such as account, billing, and security notices), which are necessary to provide the Platform. We may also send occasional marketing or product-update emails. You can opt out of marketing emails at any time by emailing [email protected] with the subject “Unsubscribe,” or by using any unsubscribe link we provide. Opting out of marketing does not affect essential service emails.
We protect your data with encryption in transit and at rest, hashed passwords, signed authentication tokens, row-level security on database queries, and access controls. Generated media is stored on Cloudflare R2 and served from media.dreamtide.co. Sensitive credentials are stored as encrypted environment variables and never exposed to your browser. No method of transmission or storage is 100% secure, but we work to protect your data and will notify you of breaches where required by law.
The Platform is not intended for anyone under 18, and we do not knowingly collect personal data from children. If we learn we have collected data from a child, we will delete it promptly.
We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you by email or on the Platform. Continued use after changes take effect means you accept the updated Policy.
For privacy questions or to exercise your rights, contact us at [email protected].