Privacy Policy

1. Introduction

This Privacy Policy (hereinafter referred to as the “Policy”) describes how GenTattoo (hereinafter referred to as the “Service”) collects, uses, stores, and protects the personal data of its users.

By using the Service, you agree to the terms of this Policy. If you do not agree with any part of this Policy, please do not use the Service.

2. Data We Collect

We may collect the following categories of data:

• Registration data: name, email address, and hashed password.
• OAuth data: name, email, and profile picture provided by third-party authentication services (e.g., Google).
• Generation data: text prompts, selected styles, and generated images.
• Payment data: transaction information (amount, status). Payment card details are processed by our payment provider and are never stored on our servers.
• Technical data: IP address, browser type, cookies, and session information.

3. How We Use Your Data

We process personal data for the following purposes:

• providing access to Service features and functionality;
• user identification and authentication;
• processing payments and crediting your account;
• improving the quality of the Service and user experience;
• communicating updates, promotions, and service notifications;
• complying with applicable legal obligations.

4. Data Storage and Security

Personal data is stored on secure servers. We implement appropriate technical and organizational measures to prevent unauthorized access, loss, or alteration of data, including:

• encryption of data in transit (HTTPS/TLS);
• password hashing (bcrypt);
• restricted access to databases;
• regular backups.

Data is retained for the duration of your account. Upon account deletion, all personal data is removed within 30 days.

5. Third-Party Data Sharing

We do not sell or share personal data with third parties, except in the following cases:

• payment processing through certified payment providers;
• image generation through AI provider APIs (only text prompts are transmitted; no personal data is shared);
• compliance with applicable law or valid legal requests from authorized governmental bodies.

6. Cookies

The Service uses cookies for authentication and session management. You may disable cookies in your browser settings; however, this may affect the functionality of the Service. We use only essential cookies required for the Service to operate properly.

7. Your Rights

You have the right to:

• access and obtain a copy of your personal data;
• request correction, restriction, or deletion of your data;
• withdraw your consent to data processing at any time;
• delete your account and all associated data.

To exercise any of these rights, please contact us at hello@gentattoo.io.

8. Changes to This Policy

We reserve the right to update this Policy at any time. The most current version will always be available on this page. Your continued use of the Service after any changes constitutes acceptance of the updated Policy.

9. Contact Information