Snapitect Privacy Policy

Effective Date: October 21, 2025 Last Updated: October 21, 2025

1. Introduction

Snapitect ("we," "us," or "our") values your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information.

This policy applies to:

  • snapitect.com and all subdomains
  • All services and features we provide

Regulatory Compliance:

  • California Consumer Privacy Act (CCPA)
  • General Data Protection Regulation (GDPR)

By using our services, you consent to the terms of this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

Account Information:

  • Email address
  • Password (encrypted storage)
  • Name (optional)

OAuth Login Information:

  • When using Google login: profile picture, email, name

Uploaded Content:

  • Product images
  • Prompts and generation parameters

Payment Information:

  • Processed and hosted by Stripe
  • We do not store your credit card numbers

2.2 Automatically Collected Information

Device and Network Information:

  • IP address
  • Browser type and version
  • Operating system
  • Device fingerprint (for abuse prevention)

Usage Data:

  • API call logs
  • Generation history (count, timestamps, status)
  • Page visit records
  • Credit usage

Cookies:

  • Session management
  • User preferences
  • Security protection (CSRF)

2.3 Generated Content

AI Outputs:

  • Generated images
  • Prompts and parameters
  • Generation metadata (timestamps, model version, costs)

3. How We Use Information

3.1 Providing Services

  • Process your image generation requests
  • Manage accounts and subscriptions
  • Handle payments and refunds
  • Provide customer support

3.2 Improving Services

  • Analyze usage patterns and trends
  • Optimize AI model performance
  • Fix bugs and technical issues
  • Develop new features

3.3 Security and Abuse Prevention

  • Detect anomalous behavior and fraud
  • Prevent mass registration and abuse
  • Implement rate limiting
  • Protect platform and user security

3.4 Communications

  • Service Notifications (essential):

    • Account security alerts
    • Subscription status changes
    • Service interruption notices

  • Marketing Emails (optional):

    • Product updates
    • New feature announcements
    • Promotional campaigns
    • You can unsubscribe anytime

4. Information Sharing

4.1 Third-Party Service Providers

To operate Snapitect, we use the following third-party services:

Payment Processing:

  • We use Stripe to process all payments
  • Your payment information is submitted directly to Stripe
  • We do not store credit card numbers or CVV codes

Third-Party Login:

  • If you choose to use Google login
  • Google provides your basic information (email, profile picture)

Cloud Service Providers:

  • For data storage, AI processing, and content delivery
  • These providers may access portions of your data to provide services

All service providers are bound by confidentiality agreements requiring them to protect your data.

4.2 Legal Requirements

We may disclose your information when:

  • Complying with laws, regulations, subpoenas, or court orders
  • Protecting Snapitect's or users' rights and safety
  • Preventing fraud or illegal activity
  • Protecting personal safety in emergencies

4.3 Business Transfers

If Snapitect is acquired, merged, or sells assets, your data may be transferred as a business asset. We will notify you in advance.

4.4 We Do Not Sell Your Data

  • We do not sell your personal information to advertisers
  • We do not sell your information to data brokers

5. Data Security

5.1 Security Measures

We implement the following measures to protect your data:

Technical Measures:

  • Transmission Encryption: HTTPS/TLS encryption for all data transmission
  • Password Encryption: bcrypt encryption for password storage
  • Access Control: Row-level security (RLS) policies
  • Regular Audits: Security vulnerability scanning

Organizational Measures:

  • Principle of least privilege
  • Employee confidentiality agreements
  • Security training

5.2 Data Storage Location

  • Primary Servers: United States (AWS/Supabase)
  • CDN Distribution: Global (Cloudflare)

5.3 Data Retention Periods

Data TypeRetention Period
Active AccountsRetained continuously
Deleted AccountsPermanently deleted after 30 days
Generation History90 days (for billing audits)
Backup DataPurged from backups after 30 days

6. Your Privacy Rights

6.1 Right to Access

  • Request to view data we've collected about you
  • Contact [email protected]
  • Response within 5 business days

6.2 Right to Deletion

  • Delete your account and all associated data
  • Accessible in account settings
  • Permanently deleted after 30 days

6.3 Right to Correction

  • Update inaccurate personal information
  • Modify in account settings

6.4 Right to Data Portability

  • Download all your data (JSON format)
  • Includes:
    • Uploaded images
    • Generated images
    • Usage history
    • Account information

6.5 Right to Opt-Out of Marketing

  • Unsubscribe from marketing emails
  • Click "Unsubscribe" link at the bottom of emails
  • Service notifications cannot be unsubscribed (security-related)

6.6 Do Not Sell My Information

  • We do not sell personal information
  • If future policy changes, opt-out option will be provided

7. Cookie Policy

7.1 Essential Cookies (Cannot Be Disabled)

  • Session Management: Maintain login state
  • Security Protection: CSRF protection
  • Load Balancing: Server request distribution

7.2 Functional Cookies (Can Be Disabled)

  • Remember user preferences
  • Language selection
  • Interface settings

7.3 Analytics Cookies (Can Be Disabled)

  • Usage statistics
  • Performance monitoring
  • Error tracking

7.4 Managing Cookies

  • Clear cookies in browser settings
  • Use privacy/incognito mode
  • Disable functional and analytics cookies (may affect experience)

8. Children's Privacy

  • This service is for users 13 years and older
  • We do not knowingly collect information from children under 13
  • If such information is discovered, it will be immediately deleted
  • If you are a parent and discover your child has provided information, please contact us

9. California Residents' Rights (CCPA)

If you are a California resident, you have these additional rights:

9.1 Right to Know

You have the right to know:

  • Categories of personal information we collect
  • Sources of information
  • Purpose of collection
  • Third parties we share with

9.2 Right to Delete

  • Request deletion of personal information we've collected
  • Certain exceptions apply:
    • Completing transactions
    • Detecting security incidents
    • Complying with legal obligations

9.3 Right to Non-Discrimination

  • Exercising privacy rights won't affect service quality or pricing
  • We won't deny service or charge higher fees

9.4 How to Exercise Your Rights

Email: [email protected] Subject: "CCPA Rights Request"

10. International Users

  • This service primarily targets United States users
  • If you're from another country, your data may be transferred to the US
  • Using the service indicates consent to cross-border data transfer
  • EU users have rights under GDPR

11. Privacy Policy Updates

11.1 Update Notifications

  • We may update this policy from time to time
  • Significant changes will be notified via email
  • Continued use of service indicates acceptance of new policy

11.2 Recommendations

  • Review this policy periodically
  • Effective date displayed at top of page

12. Contact Us

For questions about this Privacy Policy or to exercise your rights, please contact:

Email: [email protected] Website: https://snapitect.com Response Time: Within 5 business days

© 2025 Snapitect. All rights reserved.