Your Security, Our Priority

Data is a highly valuable asset that demands secure handling throughout its entire lifecycle. On the PlayPlay platform, we systematically encrypt data both at rest using AES 256 and in transit with HTTPS, employing TLS 1.2 or higher along with strong cipher suites. PlayPlay is dedicated to ensuring the confidentiality, integrity, and availability of customer data, fostering trust and confidence among our users.

The PlayPlay platform, along with its data and services, is hosted in the European datacenters of Google Cloud Platform, with the primary site located in Belgium. PlayPlay leverages Google's best practices to enhance security, including high availability and redundancy of services.

PlayPlay is fully compliant with applicable data privacy legislation, including the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in California, USA. PlayPlay also maintains all necessary measures as outlined by European legislation and the CNIL (French Data Protection Agency).

Customers retain ownership of all data they import into PlayPlay's products. PlayPlay use your data solely for the purposes you define, and it remains your exclusive property.

PlayPlay's expert support team may access your data if required, but only with your approval. If you choose to make your videos private, access is strictly limited, and support will only intervene with explicit authorisation from the end user. For security reasons, the PlayPlay security team may also access customer content when necessary.

Customer data related to video creation (including media and final video) is stored and retained for the duration of the contract.

We comply with international security and privacy regulations, including GDPR and CCPA. PlayPlay has made significant strides in establishing and maintaining a robust security posture, as demonstrated by our ISO 27001:2022 certification obtained in 2024, along with our SOC 2 Type I and Type II attestations.

You can access our Trust Center portal here - https://security.playplay.com. In this Trust Center, you will find our Security Whitepaper which provides an overview of our cybersecurity strategy and the technical and organisational measures we maintain.

Customers can authenticate their accounts using a unique login ID and password, along with two-factor authentication (2FA) to ensure that only authorised users can access their accounts. Additionally, PlayPlay integrate with customers' Single Sign-On (SSO) solutions, allowing them to log in to the PlayPlay platform with existing credentials from their identity provider, streamlining the login process while enhancing security.

PlayPlay allows you to manage user roles and permissions with flexibility through Role-Based Access Control (RBAC). You can assign the appropriate level of control to each team member, ensuring that everyone has access only to the features and content they need based on their specific roles.

PlayPlay provides the option to make your video projects private, ensuring that they are not shared with other users on the platform. When a project is set to private, it helps maintain confidentiality and protects your content from unauthorised access. Additionally, you can add an extra layer of security to your shared videos by protecting them with a password. This ensures that only the intended recipients with the correct password can access the content.

PlayPlay employs several key strategies to ensure service continuity in the event of a major incident or disaster, including redundant services and backups, automated deployment tools, provider independence, and a comprehensive disaster recovery plan.

Data loss is mitigated through redundant architectures, with databases and file storage replicated across different data centers to ensure continuity during major incidents. Daily backups are also stored in another datacenter to protect against accidental deletion or outages. Access to these backups follows strict security criteria based on the principle of least privilege.

At PlayPlay, we prioritize total transparency with our customers regarding the security of their data. We have established an immediate and transparent communication plan for informing our customers about any security breaches. This plan remains in effect until the resolution of the security breach and the precise identification any potential consequences.

PlayPlay provides several AI-powered features, including AI Video Assistant, AI Voiceover, AI Copywriting, AI Subtitles, and AI Translation. These features help automate video creation processes, making it easier to generate high-quality content with less manual effort.

PlayPlay does not use customer data or content to train AI models, and customer data is not shared with third parties for machine learning purposes. The input you provide and the output you receive from AI features are solely used within the context of your video creation needs.

The content generated by PlayPlay AI features, such as text, voiceovers, or subtitles, remains the property of the customer. Both the input you provide and the output generated are considered Customer Content, ensuring that you retain full ownership.

Since October 2022, PlayPlay has relied on a private Bug Bounty program that engages over 100 ethical hunters to continuously identify potential vulnerabilities on our platform. This initiative provides valuable, consistent insights that enhance our platform's security and help raise awareness among our teams about concrete scenarios.

PlayPlay is committed to protecting the customer’s data and we take education & training a high priority. From the onboarding and during all the employment, PlayPlay’s employees receive awareness or training relevant to their job functions.

For any suspicious events, incidents, or security-related inquiries, please contact us at [email protected]. We take all security concerns seriously and will investigate them promptly.