Security

To report a security issue, suspected vulnerability, account compromise, or data exposure, email security@martini.film . Please include reproduction steps, affected URLs or project IDs where available, and any relevant timestamps.

• Martini uses authenticated account access for projects and team-scoped permissions.
• Data is encrypted in transit using HTTPS.
• Production storage and database providers are configured with access controls and audit-oriented logs.
• Payment card details are processed by our payment processor and are not stored on Martini servers.
• Operational error data is used for debugging, reliability, abuse prevention, and security response.

Martini’s MCP connector uses OAuth-based authorization where supported. MCP tool calls run with the same Martini project permissions as the signed-in user, and browser-based MCP requests are restricted to allowed origins. Tool responses are returned to the assistant or MCP client the user connects.

See Martini MCP Connector for setup, data handling, and disconnect instructions.

Martini relies on third-party providers for hosting, storage, authentication, payments, analytics, error monitoring, email or support workflows, and AI model processing. These providers process data only as needed to provide the Service, support security and reliability, or fulfill generation requests.

Our Privacy Policy describes categories of recipients, data retention, and user controls.