Cookie Policy
Comprehensive Cookie Policy - How we use cookies and similar technologies
2025/10/08
IMPORTANT LEGAL NOTICE AND DISCLAIMER
Sora2Videos ("we," "our," or "us") is an independent educational and informational platform that provides guides, tutorials, demonstrations, and information about video generation technology.
WE ARE NOT AFFILIATED WITH, ENDORSED BY, OR ASSOCIATED WITH OPENAI, CHATGPT, SORA, OR ANY OF THEIR PARENT COMPANIES, SUBSIDIARIES, OR AFFILIATES IN ANY WAY.
OpenAI, ChatGPT, and Sora are trademarks or registered trademarks of OpenAI, Inc. Our use of these terms is purely for descriptive and educational purposes to identify the subject matter of our content. We do not claim any ownership rights to these trademarks.
This Cookie Policy was last updated on October 8, 2025, and applies to all users worldwide.
1. SCOPE AND APPLICATION
This Cookie Policy ("Policy") explains how Sora2Videos uses cookies and similar tracking technologies on our website (the "Service"). This Policy forms part of our Privacy Policy and should be read in conjunction with our Terms of Service.
By using our Service, you acknowledge that you have read and understood this Policy. Your continued use of our Service constitutes acceptance of this Policy and any updates.
This Policy complies with applicable data protection laws including but not limited to:
- General Data Protection Regulation (GDPR) - European Union
- California Consumer Privacy Act (CCPA) - United States
- Lei Geral de Proteção de Dados (LGPD) - Brazil
- Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
- Data Protection Act 2018 - United Kingdom
- Privacy Act 1988 - Australia
2. WHAT ARE COOKIES AND SIMILAR TECHNOLOGIES
2.1 Definition
Cookies are small data files (typically 4KB or less) placed on your device when you visit a website. They contain a unique identifier and may include information about your visit, preferences, and interactions with our Service.
2.2 Technologies We Use
- HTTP Cookies: Standard cookies stored in your browser
- Local Storage: HTML5 local storage for persistent data
- Session Storage: Temporary storage cleared when browser closes
- Web Beacons/Pixels: Transparent images for tracking and analytics
- Device Fingerprinting: Technical information about your device
- JavaScript Tags: Code snippets for functionality and tracking
3. LEGAL BASIS FOR PROCESSING
Under the GDPR and similar regulations, we process personal data through cookies based on the following legal grounds:
3.1 Consent (Article 6(1)(a) GDPR)
For non-essential cookies (analytics, marketing, preference cookies), we obtain your explicit consent before placement.
3.2 Legitimate Interests (Article 6(1)(f) GDPR)
For essential cookies necessary for security, fraud prevention, and basic functionality, we rely on our legitimate interests to provide a secure and functional service.
3.3 Contract Performance (Article 6(1)(b) GDPR)
For cookies necessary to provide services you've requested (e.g., maintaining your session when logged in).
4. CATEGORIES OF COOKIES WE USE
4.1 STRICTLY NECESSARY COOKIES (Legal Basis: Legitimate Interest)
Purpose: Essential for website operation, security, and legal compliance. Cannot be disabled: These cookies are required for the Service to function.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| __cf_bm | Cloudflare | Bot detection and security | 30 minutes |
| sessionId | Sora2Videos | User session management | Session |
| auth-token | Sora2Videos | Authentication state | 7 days |
| csrf-token | Sora2Videos | Security - CSRF protection | Session |
| cookie-consent | Sora2Videos | Cookie consent preferences | 365 days |
4.2 FUNCTIONAL COOKIES (Legal Basis: Consent)
Purpose: Enable enhanced functionality and personalization. User Control: Can be disabled but may impact user experience.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| language | Sora2Videos | Language preference | 365 days |
| theme | Sora2Videos | Light/dark mode preference | 365 days |
| timezone | Sora2Videos | User timezone setting | 30 days |
4.3 ANALYTICS COOKIES (Legal Basis: Consent)
Purpose: Understand how visitors interact with our Service to improve user experience. Data Minimization: IP addresses are anonymized where technically feasible.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics | Distinguish unique users | 2 years |
| _gid | Google Analytics | Distinguish unique users | 24 hours |
| _gat | Google Analytics | Throttle request rate | 1 minute |
| ga* | Google Analytics 4 | Maintain session state | 2 years |
Google Analytics Data Processing: We have implemented:
- IP Anonymization
- Data Processing Amendment with Google
- Disabled data sharing with Google products
- Regular data deletion (26 months retention)
4.4 MARKETING COOKIES (Legal Basis: Consent)
Purpose: Deliver relevant content and measure advertising effectiveness. Third-Party Involvement: These cookies may share data with advertising partners.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _fbp | Track visits for advertising | 90 days | |
| _ttp | TikTok | Measure ad performance | 13 months |
| IDE | Google/DoubleClick | Advertising targeting | 13 months |
5. THIRD-PARTY SERVICES AND COOKIES
We integrate the following third-party services that may set their own cookies:
5.1 Payment Processors
- Stripe: Payment processing (PCI-compliant)
- Privacy Policy: https://stripe.com/privacy
- Cookies: Fraud prevention and payment security
5.2 Customer Support
- Crisp Chat: Customer support widget
- Privacy Policy: https://crisp.chat/privacy
- Cookies: Chat session and user preferences
5.3 Content Delivery
- Cloudflare: CDN and security services
- Privacy Policy: https://www.cloudflare.com/privacypolicy
- Cookies: Security and performance optimization
5.4 Authentication Providers
- Google Sign-In: OAuth authentication
- Privacy Policy: https://policies.google.com/privacy
- Cookies: Authentication state
6. YOUR RIGHTS AND CHOICES
6.1 Rights by Jurisdiction
European Union (GDPR)
- Right to Access: Request a copy of data collected via cookies
- Right to Rectification: Correct inaccurate data
- Right to Erasure: Request deletion of cookie data
- Right to Restrict Processing: Limit how we use cookie data
- Right to Data Portability: Receive data in machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for non-essential cookies
California (CCPA/CPRA)
- Right to Know: Information about data collection and sharing
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: Opt-out of sale/sharing of personal information
- Right to Non-Discrimination: Equal service regardless of privacy choices
- Right to Correct: Correct inaccurate personal information
- Right to Limit Use: Limit use of sensitive personal information
Other Jurisdictions
Similar rights may apply under LGPD (Brazil), PIPEDA (Canada), and other privacy laws. Contact us for jurisdiction-specific information.
6.2 How to Exercise Your Rights
Cookie Management Options
-
Browser Settings
- Chrome: chrome://settings/cookies
- Firefox: about:preferences#privacy
- Safari: Preferences > Privacy
- Edge: edge://settings/privacy
-
Cookie Consent Banner
- Manage preferences through our consent banner
- Withdraw consent at any time via the cookie settings link
-
Opt-Out Tools
- Google Analytics Opt-out: https://tools.google.com/dlpage/gaoptout
- Facebook Opt-out: https://www.facebook.com/help/568137493302217
- Network Advertising Initiative: https://optout.networkadvertising.org
- Digital Advertising Alliance: https://optout.aboutads.info
-
Global Privacy Control (GPC)
- We honor GPC signals where legally required
- Enable GPC in supported browsers for automatic opt-out
7. DATA RETENTION
| Cookie Category | Retention Period | Deletion Method |
|---|---|---|
| Strictly Necessary | Session to 365 days | Automatic expiry or browser clear |
| Functional | 30-365 days | User preference or browser clear |
| Analytics | Up to 26 months | Automatic deletion or user request |
| Marketing | 90 days to 13 months | Automatic expiry or opt-out |
We regularly review and delete unnecessary cookie data in compliance with data minimization principles.
8. CHILDREN'S PRIVACY
Our Service is not directed to individuals under 16 years of age (or applicable age of consent in your jurisdiction). We do not knowingly collect personal information via cookies from children. If you believe we have inadvertently collected such information, please contact us immediately for deletion.
9. INTERNATIONAL DATA TRANSFERS
Cookie data may be transferred to and processed in countries outside your jurisdiction, including:
- United States (Cloudflare, Google Analytics, Stripe)
- European Union (data centers)
We ensure appropriate safeguards through:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions where applicable
- Technical and organizational measures
- Compliance with Privacy Shield principles where applicable
10. SECURITY MEASURES
We implement appropriate technical and organizational measures to protect cookie data:
- Encryption in transit (TLS 1.3)
- Secure cookie flags (HttpOnly, Secure, SameSite)
- Regular security audits
- Access controls and authentication
- Incident response procedures
11. DO NOT TRACK SIGNALS
Some browsers transmit "Do Not Track" (DNT) signals. While no universal standard exists for DNT response, we strive to honor user privacy preferences through our consent mechanism and opt-out options.
12. UPDATES TO THIS POLICY
We may update this Policy to reflect:
- Changes in law or regulation
- New technologies or cookies
- Business practice changes
- User feedback
Material changes will be notified via:
- Prominent website notice
- Email notification (registered users)
- Consent renewal for significant changes
Check the "Last Updated" date for the most recent version.
13. ACCESSIBILITY
We are committed to making this Policy accessible to all users. If you need this Policy in an alternative format or have accessibility concerns, please contact us.
14. CONTACT INFORMATION
For questions, concerns, or to exercise your rights regarding this Cookie Policy:
Sora2Videos Support Team
- Email: help@sora2videos.com
- Contact Form: https://sora2videos.com/contact
- Response Time: Within 30 days (or as required by law)
Data Protection Officer
For privacy-specific inquiries:
- Email: help@sora2videos.com
Supervisory Authorities
EU residents may lodge complaints with their local Data Protection Authority.
- List of EU DPAs: https://edpb.europa.eu/about-edpb/board/members_en
California residents may contact:
- California Attorney General: https://oag.ca.gov/privacy
15. LEGAL DISCLAIMER
THE INFORMATION IN THIS POLICY IS PROVIDED FOR TRANSPARENCY AND COMPLIANCE PURPOSES. NOTHING IN THIS POLICY CREATES ANY LEGAL RELATIONSHIP BETWEEN SORA2VIDEOS AND OPENAI, INC. OR ITS AFFILIATES.
By using our Service, you acknowledge that:
- Sora2Videos operates independently from OpenAI
- We provide educational content and guides only
- We do not provide access to OpenAI's official Sora service
- Users must comply with all applicable laws and third-party terms
APPENDIX: COOKIE GLOSSARY
- First-party cookie: Set by the website you're visiting
- Third-party cookie: Set by a different domain than the one visited
- Persistent cookie: Remains on device for set period
- Session cookie: Deleted when browser closes
- Secure cookie: Only transmitted over HTTPS
- HttpOnly cookie: Cannot be accessed by JavaScript (security feature)
- SameSite cookie: Controls cross-site request behavior
This Cookie Policy is effective as of October 8, 2025 Version: 1.0 Language: English (authoritative version)