Virl is built with enterprise-grade security from day one. Your content, credentials, and personal data are protected with military-grade encryption and industry-leading practices.
Every layer of Virl is designed with security at its core.
All data is encrypted with AES-256 at rest and TLS 1.3 in transit. Your OAuth tokens for social media platforms are encrypted with rotating keys โ even our engineers cannot read them in plaintext.
We never sell your personal data to third parties. Period. We never share your content with advertisers, data brokers, or any party not directly required to deliver our service.
Your videos, audio, and text are never used to train AI models. Our agreements with Anthropic, OpenAI, and other AI providers explicitly prohibit training on customer data.
Strict access controls ensure that only authorized team members can access production systems, and only for the purpose of delivering and supporting the service. All access is logged and audited.
Uploaded source files (videos, audio) are automatically deleted 90 days after processing. Account data is deleted within 30 days of account closure. You can request immediate deletion anytime.
In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR and India's DPDP Act, with full transparency on what happened and what data was affected.
Full data rights โ no dark patterns, no lock-in.
Found a security vulnerability? We want to hear from you. We take all security reports seriously and commit to responding within 48 hours, working with you to understand and fix the issue, and publicly crediting you (if you wish) after the fix is deployed.
Report a Vulnerability โsecurity@virl.ai ยท We do not pursue legal action against good-faith security researchers.
Our security and privacy team is available to answer any questions.