Privacy Policy

1. Information We Collect

Account Information

When you create an account via Clerk authentication, we collect:

• Email address
• Name (if provided)
• Authentication credentials (managed by Clerk)

Usage Data

When you use our Service, we automatically collect:

• Job metadata (creation time, status, processing duration)
• Usage statistics (number of images generated, quota usage)
• Error logs (for troubleshooting and service improvement)
• IP address and browser information (via standard web logs)

Content You Upload

Product images you upload for processing. Important privacy protections:

• EXIF metadata is automatically stripped from uploads
• Images are stored in secure Google Cloud Storage buckets
• Uploaded images are automatically deleted after 7 days
• Generated images are automatically deleted after 30 days

2. How We Use Your Information

We use collected information to:

• Provide and operate the Service
• Process your image generation requests
• Enforce usage quotas and prevent abuse
• Send service-related notifications (job completion, errors)
• Improve the Service through anonymized usage analysis
• Comply with legal obligations

3. AI Processing

Your uploaded images are processed by Google Gemini AI. Key points:

• Images are sent to Google Cloud AI Platform for generation
• Google processes images according to their AI Terms of Service
• We do not train AI models on your content
• Google may use de-identified data to improve their AI models (per Google's terms)

4. Data Storage and Security

We implement industry-standard security measures:

• All data stored in Google Cloud Platform (GCP) infrastructure
• Encryption in transit (HTTPS/TLS) and at rest
• Access control via service accounts with least-privilege permissions
• API keys stored in Secret Manager (not in code)
• Rate limiting and quota enforcement to prevent abuse
• Regular security audits and monitoring

5. Data Retention

We retain data for the following periods:

• Uploaded Images: 7 days (automatic deletion)
• Generated Images: 30 days (automatic deletion)
• Job Metadata: 90 days (for billing and support)
• Account Information: Until account deletion
• Usage Statistics: Anonymized data retained indefinitely

6. Third-Party Services

We use the following third-party services:

• Clerk: Authentication and user management
• Google Cloud Platform: Infrastructure and AI processing
• Vercel: Hosting and deployment
• Sentry: Error monitoring and performance tracking

Each service has its own privacy policy. We recommend reviewing them.

7. Cookies and Tracking

We use essential cookies for:

• Authentication session management (Clerk)
• Service functionality (Next.js)
• Error tracking (Sentry)

We do not use advertising or third-party tracking cookies.

8. Your Rights

You have the right to:

• Access your personal data
• Request data deletion (via account deletion)
• Download your generated images before 30-day expiration
• Opt out of marketing communications (we don't send marketing by default)
• Request data portability

9. Children's Privacy

Our Service is not intended for users under 18. We do not knowingly collect information from minors. If you believe a minor has provided us with personal information, please contact us.

10. International Data Transfers

Data is processed in Google Cloud's us-central1 region (United States). By using the Service, you consent to international data transfer as necessary for service operation.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or prominent notice in the Service.

12. Contact Us

For privacy-related questions or requests, please contact us through the support channels provided in the Service.