Privacy Policy

Effective date: 20 February 2025
Last updated: 20 February 2025

ImageAnimatorAI ("we", "our", "us") respects your privacy and is committed to safeguarding the personal data we handle. This Privacy Policy explains what information we collect, how we use it, and the choices you have. It applies to the ImageAnimatorAI website, applications, APIs, and services (collectively, the "Service").

If you have questions, please contact us at [email protected].

1. Information we collect

1.1 Information you provide

• Account details: Name, email address, password hashes, profile photo, preferred locale, referral codes.
• Billing data: Payment method tokens, billing address, VAT/GST information, purchase history (processed securely via Stripe).
• Uploads & prompts: Images, URLs, prompt text, and job metadata submitted to the Service.
• Support & feedback: Messages you send to support, survey responses, feature requests.

1.2 Information collected automatically

• Usage analytics: Feature interactions, timestamps, generation volumes, referral source, session length.
• Device & log data: IP address, browser type, operating system, language, user agent, error diagnostics.
• Cookies & similar technologies: Essential cookies for authentication, security, load balancing, and consent; preference cookies (e.g., locale, theme); optional analytics/marketing cookies where permitted by your settings. We also use local storage and pixels with similar purposes.

1.3 Information from partners

• Authentication partners: OAuth profile details when you sign in with Google, GitHub, or similar providers.
• Model providers: Result artifacts and moderation feedback returned by OpenRouter and downstream model vendors when you run a job.
• Fraud prevention & analytics: Signals from anti-abuse services (e.g., Turnstile, bot detection) and product analytics tools.

2. How we use your information

We process data to:

1. Provide and maintain the Service – authenticate users, queue jobs, deliver outputs, issue invoices, and offer customer support.
2. Improve performance & safety – monitor reliability, detect abuse, triage harmful content, and evaluate new features.
3. Personalise experience – remember preferences, localise content, tailor recommendations, and provide in-product messaging.
4. Communicate with you – send transactional notices, respond to support tickets, update you on policy changes, and deliver product announcements (you can opt out of non-essential communications).
5. Comply with legal obligations – meet tax requirements, respond to law enforcement requests, and enforce our Terms of Service.

We rely on the following legal bases under the GDPR (where applicable): performance of a contract, legitimate interests, consent (for optional cookies/marketing), and compliance with legal obligations.

3. How we share information

We do not sell your personal data. We share information only with:

• Service providers: Hosting (Vercel, Cloudflare), storage (R2/S3-compatible), analytics (PostHog), error monitoring, and customer support platforms under strict data processing agreements.
• Payment processors: Stripe for secure payment handling.
• OpenRouter and integrated model vendors: When you initiate a generation task, relevant inputs may be transmitted in accordance with their policies.
• Legal & compliance recipients: Regulators, courts, or law enforcement when required by law or to protect rights, safety, and property.
• Business transfers: In the event of a merger, acquisition, or asset sale, subject to continued protection of your data.

4. International transfers

We store and process data in the United States, the European Union, and Singapore. When transferring personal data internationally we implement safeguards such as Standard Contractual Clauses, data minimisation, and encryption in transit and at rest.

5. Data retention

• Account data: Retained while your account is active and for up to 24 months after closure to comply with bookkeeping and anti-fraud requirements.
• Generated assets & jobs: Stored for 30 days by default; you can delete assets sooner via the dashboard. Aggregated, anonymised analytics may be retained longer.
• Cookies: Stored according to category (e.g., essential, preference, analytics/marketing). Expiry depends on provider and your browser settings.
• Support records: Retained for 24 months for quality assurance and compliance.

You may request deletion earlier unless we must retain information for legal reasons.

6. Cookies & preferences

• Consent banner: On initial visits (and periodically thereafter) you can accept all cookies or customise non-essential categories. Choices are stored for up to 12 months unless you clear browser data.
• Browser controls: Most browsers let you block or delete cookies. Blocking essential cookies may prevent the Service from working properly.
• Do Not Track: Due to inconsistent standards we do not respond to DNT signals, but you can opt out of analytics/marketing via the consent banner or settings when available.

7. Your rights

Depending on your jurisdiction, you may have the right to:

• Access a copy of the personal data we hold about you.
• Request correction of inaccurate or incomplete information.
• Request deletion (subject to legal exemptions).
• Object to or restrict certain processing activities.
• Withdraw consent for optional processing (e.g., marketing emails).
• Port data to another service in a machine-readable format.

Submit requests via [email protected]. We will verify your identity before acting on requests and respond within statutory timelines.

8. Security measures

We implement administrative, technical, and physical measures to protect your data, including encryption, access controls, network isolation, rate limiting, and regular security reviews. Despite our efforts, no system is entirely secure; report suspected vulnerabilities to [email protected].

9. Children’s privacy

The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a minor has provided us with personal information, contact us so we can delete it.

10. Changes to this policy

We may update this Privacy Policy to reflect product changes, legal requirements, or industry best practices. Changes will be posted here with a revised date. For material updates we will provide additional notice (e.g., email or in-app alert). Continued use of the Service after the effective date means you accept the revised policy.

---

By using ImageAnimatorAI you agree to the practices described above. Thank you for trusting us to animate your ideas responsibly.