Last updated: May 2026

Aive Privacy Policy – Aive.com

Last updated: May 20, 2026

This Privacy Policy explains how Aive collects, uses, shares, and protects personal data in connection with its website and SaaS platform.

This Privacy Policy applies in particular to website visitors, prospects, customers, authorized users of the Aive platform, business partners, and individuals who interact with Aive.

This Privacy Policy should be read together with Aive’s applicable contractual terms and, where relevant, Aive’s Data Processing Agreement.

1. Who is responsible for the processing of your personal data?

The data controller is:

Aive SAS, Société par actions simplifiée, RCS Montpellier,
980 AV JEAN MERMOZ,
34000 Montpellier
France

For any questions relating to personal data protection, you may contact us at: privacy@aive.com.

Depending on the context, Aive may act:

  • as a data controller, when it processes personal data for its own purposes, for example to operate its website, manage prospects, customers, users, billing, support, security, and legal obligations; or
  • as a data processor, when it processes personal data on behalf of its customers in connection with the use of the Aive platform by those customers, in accordance with their documented instructions and the applicable Data Processing Agreement.

2. Which services does this Privacy Policy cover?

Aive provides a SaaS platform enabling companies to analyze, generate, adapt, post-produce, optimize, and download video content at scale using artificial intelligence technologies.

This Privacy Policy covers in particular:

  • the Aive website, including www.aive.com;
  • the Aive platform, including app.aive.com;
  • sales, contractual, and support communications;
  • marketing and product communications;
  • processing activities required for security, administration, and improvement of the services.

When customers use Aive to process their own content, files, video assets, project data, or data relating to their end users, those customers remain responsible for determining the purposes and means of the processing. In that context, Aive acts as a data processor, unless otherwise stated in the applicable contract.

3. What personal data do we collect?

Depending on your relationship with Aive, we may process the following categories of personal data.

3.1 Identification and contact data

  • first and last name;
  • professional email address;
  • professional phone number;
  • company, job title, team, or department;
  • country or geographic area;
  • information provided through a contact form, pilot request, sales request, or other communication with Aive.

3.2 Account and platform usage data

  • account identifiers;
  • role, permissions, and customer organization membership;
  • account settings;
  • connection logs, technical logs, and usage events;
  • activity history required for administration, security, support, and audit purposes;
  • data relating to the use of platform features.

3.3 Customer content and customer data processed through the platform

In connection with the platform, Aive may process content and data provided by customers or their authorized users, such as:

  • video files, images, audio, text;
  • creative briefs, instructions, parameters, exports, and results generated or adapted through the platform;
  • personal data that may be included in content uploaded by the customer.

Where Aive processes Customer Content or Customer Personal Data on behalf of a customer, Aive acts as a data processor and processes such data solely in accordance with the customer’s documented instructions, the applicable agreement, and Aive’s Data Processing Agreement.

Aive does not use Customer Content, AI inputs, AI outputs, or Customer Personal Data to train, validate, test, fine-tune, retrain, or otherwise improve Aive’s general-purpose or cross-customer AI models. Where a customer expressly requests the creation of a dedicated or customer-specific model, such processing is carried out only under a separate written agreement and only using the data authorized by that customer.

3.4 Support and communication data

  • content of support requests;
  • communications by email, chat, video call, or any other communication channel;
  • attachments or information voluntarily provided as part of a request;
  • ticket status, history, and resolution details.

3.5 Technical, cookies, analytics and consent data

When you visit Aive’s website or use the Aive platform, Aive may collect technical information necessary to operate, secure, administer and improve its services, such as:
  • IP address;
  • device type;
  • browser type and version;
  • operating system;
  • connection logs, technical logs, access logs and security events;
  • timestamps, pages or features accessed, and interactions with the website or platform.

When you visit Aive’s public website, Aive may also use cookies and similar technologies. These technologies may collect or store information such as:

  • cookie identifiers and online identifiers;
  • consent preferences;
  • pages viewed;
  • referral source;
  • approximate location;
  • visit timestamps;
  • interactions with the website.

Aive’s services are not intended to collect or process special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning sex life or sexual orientation, unless a customer imports such content into the platform under its own responsibility and within an appropriate contractual framework.

Users should not transmit sensitive personal data to Aive unless this is strictly necessary, legally permitted, and covered by the applicable contract.

Where a customer uploads content containing special categories of personal data, the customer is responsible for ensuring that such processing is legally permitted, based on a valid legal basis and, where required, an applicable GDPR Article 9 condition, and subject to appropriate safeguards.

4. Why do we use your personal data and on what legal bases?

The legal basis depends on the specific purpose for which the personal data is processed. The table below identifies, for each processing purpose, the categories of personal data concerned and the applicable legal basis.

Data Subject Categories of Personal Data Purpose of Processing Legal Basis
Customer
  • Identification and professional contact data, including first name, last name, company, job title, professional email address and phone number.
  • Contractual and commercial information, including contracts, quotes, orders and customer relationship history.
  • Financial, billing and payment information, including invoices and payment-related information.
  • Any other information you share with us in the context of your customer relationship with Aive.
  • To provide the Services requested under the applicable agreement.
  • To create, configure, administer and maintain customer accounts and workspaces.
  • To manage the customer relationship, including contracts, orders, invoices, billing and account management.
  • To provide support and assist you in your use of the Services.
  • To send service-related, administrative, security or product communications.
  • To manage unpaid amounts, disputes, pre-litigation and litigation, respond to public authority requests, and comply with legal, accounting and tax obligations.
  • Performance of a contract, where you are party to the contract or where processing is necessary to take pre-contractual steps at your request.
  • Legitimate interest of Aive in managing its contractual relationship with customer organizations and providing, securing and improving its Services.
  • Legal obligation, in particular for accounting, tax, invoicing and legal compliance purposes.
  • Consent, where required for certain marketing communications.
Prospect
  • Identification and professional contact data, including first name, last name, company, job title, professional email address and phone number.
  • Information relating to your request, including demo requests, pilot requests, sales discussions, quotes and commercial exchanges.
  • To respond to your requests.
  • To contact you for a demo, pilot or commercial discussion.
  • To prepare and send quotes or commercial proposals.
  • To send business communications about Aive’s Services.
  • To manage and develop Aive’s B2B commercial relationships.
  • Pre-contractual steps, where you request information, a demo, a pilot or a quote from Aive.
  • Consent, where you have expressly agreed to be contacted or where consent is required by applicable law.
  • Legitimate interest of Aive in responding to business inquiries and developing relationships with potential customers, partners and business contacts.
Application User
  • Identification and professional contact data, including first name, last name, company, job title, professional email address and phone number.
  • Account data, including account identifiers, role, permissions, organization membership and account settings.
  • Authentication data, technical data, access logs, audit logs and platform usage data.
  • Customer content and platform data processed through the Services, including uploaded files, video content, project or video parameters, render settings, generated versions, subtitles, translations, dubbing outputs, analysis outputs and exports.
  • Support and communication data, including support requests, messages, attachments and ticket history.
  • To create, administer and secure user accounts.
  • To provide access to the Aive platform and enable users to use the Services.
  • To process customer content and generate outputs requested by the customer.
  • To provide support, troubleshoot issues and resolve incidents.
  • To monitor, secure and audit access to the platform.
  • To maintain, improve and develop the Services.
  • To prevent fraud, abuse, unauthorized access and security incidents.
  • To comply with legal obligations and protect Aive’s rights.
  • Performance of a contract, where the individual is party to the contract or where processing is necessary to provide the Services requested by the customer organization.
  • Legitimate interest of Aive and/or the customer organization in providing, administering, securing, maintaining and improving the Services for customer organizations and their authorized users.
  • Legal obligation, where processing is necessary to comply with applicable legal, regulatory, accounting, security or authority requirements.
Website visitor
  • Technical data, cookie identifiers, online identifiers, browsing data, pages viewed, referral source, approximate location, consent preferences.
  • To operate and secure the website.
  • To remember cookie choices.
  • To measure website audience and understand how visitors use the website.
  • To improve website content and performance.
  • Legitimate interest for website operation, security and strictly necessary consent-management cookies.
  • Consent for Google Analytics and other non-essential audience-measurement cookies/trackers where required by law.

Where processing is based on Aive’s legitimate interests, Aive ensures that such interests do not disproportionately affect the rights and freedoms of the individuals concerned.

5. Data processed on behalf of our customers

When customers use the Aive platform for their own video workflows, Aive may process personal data included in content, files, projects or metadata provided by the customer.

In this context:

  • the customer determines the purposes and means of the processing;
  • Aive acts as a data processor;
  • Aive’s commitments are set out in the applicable Data Processing Agreement;
  • requests relating to data processed on behalf of a customer should generally be addressed directly to the relevant customer.

6. Who can access your personal data?

Personal data may be accessed, on a need-to-know basis, by the following categories of recipients:

  • authorized Aive teams, including sales, support, product, engineering, security, and finance;
  • hosting, cloud infrastructure, storage, security, monitoring, and backup providers;
  • CRM, customer support, contract management, billing, payment, analytics, consent management, or collaboration tools, including providers such as Google Analytics and Axeptio where applicable;
  • professional advisers, auditors, accountants, lawyers, insurers, or competent authorities where necessary;
  • subprocessors listed or made available in the applicable Data Processing Agreement or contractual documentation.

Aive only discloses personal data to third parties where necessary to provide the services, comply with legal obligations, protect its rights, or with the individual’s consent where consent is required.

The list of subprocessors, including their role, country of processing, hosting location where relevant, and applicable transfer mechanism, is made available to customers in the applicable DPA or contractual documentation and may be updated from time to time.

7. Where is personal data processed?

Aive is established in the European Union and prioritizes processing and hosting personal data within the European Union or the European Economic Area for its core platform services.

However, certain personal data may be transferred to, or accessed from, countries outside the EU/EEA where necessary to provide the Services, for example where an authorized subprocessor or service provider is located outside the EEA, where an authorized customer user accesses the Services from outside the EEA, or where such transfer is required by applicable law.

Where personal data is transferred to the United States, Aive relies on appropriate safeguards under applicable data protection laws, such as the EU–US Data Privacy Framework where the recipient is certified under that framework, Standard Contractual Clauses, or another lawful transfer mechanism.

8. Cookies and similar technologies

Aive uses cookies and similar technologies on its website. Cookies and trackers may be placed or read on your device when you visit the website, depending on your choices and the applicable legal requirements.

Aive uses cookies and similar technologies for the following purposes:

  • Strictly necessary cookies and technical trackers, which are required to operate the website, ensure security, manage sessions, remember user choices, or provide a service requested by the user. These cookies do not require consent where permitted by applicable law.
  • Consent management cookies, used through Axeptio to record and manage your cookie choices.
  • Audience measurement cookies, including Google Analytics, used to understand how visitors use the website, measure traffic, analyze performance, and improve Aive’s website and communications. These cookies are used only with your consent where required by applicable law.

You can accept, refuse, or configure non-essential cookies through the cookie banner or cookie preference tool available on the website. You may withdraw or change your consent at any time using the same tool.

Non-essential cookies are not placed or read before your consent, except where they are exempt from consent under applicable law.

More detailed information about the cookies and trackers used by Aive, including their providers, purposes, retention periods, and how to manage your choices, is available through Aive’s cookie preference tool.

9. How long do we retain personal data?

Aive retains personal data only for as long as necessary for the purposes for which it is processed, unless a longer period is required or permitted by law, contract, or the establishment, exercise, or defense of legal claims.

As an indication:

Categories of Personal Data Retention Period Reason for Retention
Customer
  • Customer and contractual data: 5 years after the end of the contract.
  • Customer account data: 2 years after the end of the contract or account deactivation.
  • Invoices and accounting records: 10 years after the end of the contract.
 To manage the contractual relationship, provide the Services, ensure customer follow-up, manage billing and accounting, establish statistics, and retain evidence where necessary for legal claims, compliance obligations, and the protection of Aive’s rights.
Prospect
  • 3 years after the last contact, or until the individual requests deletion or objects to the processing, where applicable and unless a legal obligation requires otherwise.
  • Data linked to a demo or pilot account may be kept for up to 1 year after the last contact.
 To respond to requests, organize demos or pilots, manage commercial follow-up, establish statistics, and contact prospects about Aive’s Services.
Application User
  • Account data: 2 years after the end of the contract or account deactivation.
  • Authentication data, technical data, access logs, and audit logs: 1 year after creation.
  • Customer Content and Customer Personal Data processed on behalf of customers are retained for the duration necessary to provide the Services and in accordance with the applicable agreement, the Data Processing Agreement, and the customer’s documented instructions. Unless otherwise agreed, such data is deleted or returned following termination within the timeframe set out in the applicable contract or DPA, subject to backup retention, legal obligations, or the establishment, exercise, or defense of legal claims.
 To provide, administer, secure, maintain, troubleshoot, audit, and improve the operation and reliability of the Service.
Website visitor
  • Google Analytics cookies  have a default duration of up to 2 years.
  • Consent preferences are retained for the period necessary to remember and evidence the user’s choices.
 To operate and secure the website, remember cookie choices, measure website audience, improve website performance, and demonstrate consent where required.

10. Data security

Aive implements technical and organizational measures designed to protect personal data against destruction, loss, alteration, unauthorized disclosure, or unauthorized access.

These measures may include in particular:

  • secure authentication;
  • restricted access to production environments;
  • access logging and monitoring;
  • encryption of data in transit (TLS1.2+);
  • encryption of data at rest;
  • backups and continuity procedures;
  • vulnerability and incident management;
  • team awareness and training on confidentiality, security, and data protection obligations.

Aive also requires its providers and subprocessors to provide appropriate guarantees regarding confidentiality, security, and data protection.

More information about Aive’s security practices, certifications, and compliance documentation may be available in Aive’s Trust Center.

11. Artificial intelligence and customer content

The Aive platform uses artificial intelligence technologies to enable customers to analyze, generate, adapt, post-produce, and optimize video content.

Where content or data is provided by a customer:

  • Aive processes it to provide the features requested by the customer;
  • Aive does not use customer content to train or improve its artificial intelligence models. 

Where artificial intelligence features produce recommendations, adaptations, or creative outputs, users remain responsible for verifying that the content is appropriate for their intended use, compliant with their obligations, and respectful of third-party rights.

12. Your rights under the GDPR

Where the GDPR applies, you have the following rights, subject to the conditions set out by applicable law:

Right of access: the right to be informed about and request access to the personal data we process about you.

Right to rectification: the right to ask us to correct inaccurate or incomplete personal data.

Right to erasure: also known as the “right to be forgotten”, the right to ask us to permanently delete personal data where you consider that we no longer have a valid reason to collect or process it.

Right to restriction of processing: the right to ask us to temporarily suspend the processing of all or part of your personal data.

Right to object: the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data where such processing is based on our legitimate interests. Unless we demonstrate compelling legitimate grounds for the processing, we will no longer process the relevant personal data.

Right to data portability: the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to a third party where technically feasible.

Right to withdraw consent: where processing is based on your consent, the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Right to decide what happens to your data after your death: where provided by applicable law, the right to define instructions regarding the retention, deletion, or communication of your personal data after your death.

Right to lodge a complaint: the right to lodge a complaint with a competent supervisory authority, including the CNIL in France, or to seek a remedy before the competent courts.

To exercise your rights, you may contact Aive at: privacy@aive.com.

Aive may ask you for additional information where necessary to confirm your identity or process your request.

13. Changes to this Privacy Policy

Aive may update this Privacy Policy to reflect changes in its services, practices, legal obligations, or security measures.

The date of the latest update will appear at the top of the document.

In the event of a material change, Aive may inform individuals by any appropriate means, for example through the website, the platform, or by email where relevant.