Security & Trust

Secure AI Workflow

Every AI job runs through an execution engine with credit checks, approval gates, error classification and explicit retry controls. Rejected jobs are never re-run automatically and approved outputs are never overwritten.

Private Projects

Projects are scoped to your studio. Access is enforced by row-level security policies on the managed backend so that only invited members of a studio can read or modify its projects, scenes, shots and outputs.

API Key Protection

Third-party AI provider API keys are stored server-side and used only to fulfill your generation requests. Keys are never exposed in client bundles, shared review packages or activity logs.

Studio Data Isolation

Each studio's data — stories, characters, locations, scenes, shots, storyboards and outputs — is isolated by studio identity. Cross-studio access requires an explicit invitation accepted by the receiving studio.

Client Review Privacy

Client review packages share only the items you select. Internal notes, AI provider settings, credit usage and hidden prompts are never visible to clients. Approvals and change requests are tied back to the original scene, shot or output.

Credit Control

Before any expensive generation, Cinexa surfaces a cost preview with Safe → Very High warning levels. You decide whether to proceed, edit the prompt, change provider or cancel.