Privacy Policy

1. Introduction

At CreateVision AI, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI image generation service. By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect information to provide and improve our AI image generation service:

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide, maintain, and improve the AI image generation service
• Process payments and manage your subscription
• Store and display your generated images in your gallery
• Send service updates, security alerts, and support messages
• Detect, prevent, and address fraud, abuse, and security issues
• Analyze usage patterns to improve user experience
• Comply with legal obligations and enforce our terms

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Contractual Necessity: Processing required to provide services you have subscribed to, including account management and image generation
• Consent: For marketing communications and optional features where you have given explicit consent
• Legitimate Interests: Service improvement, security measures, fraud prevention, and analytics
• Legal Obligation: Tax records, financial reporting, and compliance with applicable laws

5. Information Sharing & Third Parties

We work with trusted service providers to operate our platform. Your information may be shared with:

• Supabase: Authentication services and secure database storage
• Stripe: Secure payment processing and subscription management
• Cloudinary: Image storage, optimization, and content delivery
• AI Model Providers: OpenAI, Replicate, and other providers for image generation and prompt enhancement
• OAuth Providers: Google and GitHub for social login authentication
• Analytics Services: Anonymous usage statistics to improve our service

We do not sell your personal information to third parties for marketing or advertising purposes.

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Account data is retained while your account remains active
• Generated images remain in your gallery until you choose to delete them
• Payment and transaction records are retained for 7 years as required by tax and accounting laws
• Upon account deletion request, your personal data is removed within 30 days, except where retention is legally required
• Security and access logs are retained for up to 12 months for security purposes

7. Data Security

We implement industry-standard security measures to protect your information, including encrypted connections (HTTPS/TLS), secure data storage with encryption at rest, access controls and authentication, regular security assessments, and secure third-party service providers. While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Correction: Request correction of inaccurate or incomplete data
• Right to Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Right to Portability: Request your data in a commonly used, machine-readable format
• Right to Opt-out: Unsubscribe from marketing communications at any time
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time
• Right to Restrict: Request restriction of processing in certain circumstances

To exercise any of these rights, please contact us at support@createvision.ai. We will respond to your request within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States where our servers and service providers are located. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses approved by relevant authorities. By using our Service, you consent to the transfer of your information to these countries.

10. Children's Privacy

Our Service is not intended for users under 13 years of age (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at support@createvision.ai, and we will take steps to delete such information.

11. Cookies & Similar Technologies

We use cookies and similar technologies to provide and improve our Service:

• Essential Cookies: Required for authentication, security, and core functionality of the Service
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how users interact with our Service to improve it

You can manage your cookie preferences through your browser settings. Note that disabling essential cookies may affect your ability to use certain features of our Service.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will notify you by email (if you have an account) or by posting a prominent notice on our website. The "Last updated" date at the top indicates when the policy was last revised. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 30 days.

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You may request information about the categories and specific pieces of personal information we have collected
• Right to Delete: You may request deletion of your personal information
• Right to Opt-Out: You have the right to opt-out of the sale of your personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

15. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

• You may contact our data protection team at support@createvision.ai
• You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights
• We rely on Standard Contractual Clauses for transfers of personal data outside the EEA