Privacy Policy

1. Introduction

Undefined Ventures OÜ ("we," "our," or "us") operates ZeroEdit, an AI-powered image editing platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Account Information

• Email address (required for account creation)
• Profile information (name, avatar) if provided
• Authentication data from Google OAuth (if you choose to sign in with Google)
• Subscription and billing information

2.2 Usage Data

• Daily edit counts and usage statistics
• IP addresses and device information
• Browser type and version
• Pages visited and time spent on the Service
• Error logs and performance data

2.3 Image Data

• Original images uploaded by you
• Edited images generated by our AI processing
• Text prompts used for image editing
• Image metadata (creation time, edit history)

3. How We Use Your Information

• To provide and maintain the ZeroEdit service
• To process your image editing requests using third-party AI services
• To manage your account and subscription
• To enforce usage limits and prevent abuse
• To improve our Service and develop new features
• To communicate with you about your account and the Service
• To comply with legal obligations

4. Third-Party Services

4.1 Fal AI

We use Fal AI to process your image editing requests. Your uploaded images and editing prompts are sent to Fal AI's servers for processing. Please review Fal AI's privacy policy for information about how they handle your data.

4.2 Google OAuth

If you choose to sign in with Google, we receive basic profile information (email, name, profile picture) from Google. We do not store your Google password or access other Google services.

4.3 Supabase

We use Supabase for database and authentication services. Your account data and usage information are stored on Supabase's secure servers.

4.4 Stripe

Payment processing is handled by Stripe. We do not store your payment card information. Stripe's privacy policy governs how they handle your payment data.

5. Data Storage and Retention

• Account data is retained for as long as your account is active
• Images are stored temporarily during processing and may be cached for performance
• Usage data is retained for analytics and service improvement purposes
• You can request deletion of your data by contacting us
• Some data may be retained for legal compliance even after account deletion

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Secure hosting infrastructure

7. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Request your data in a structured format
• Objection: Object to certain processing of your data
• Account deletion: Delete your account and associated data

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international data transfers in accordance with applicable data protection laws.

9. Children's Privacy

Our Service is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

10. Analytics and Cookies

We may use cookies and similar technologies to:

• Maintain your login session
• Remember your preferences
• Analyze usage patterns
• Improve Service performance

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Significant changes will be communicated via email.

12. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area, our legal basis for processing your personal information includes:

• Contract performance: To provide the Service you requested
• Legitimate interests: To improve and secure our Service
• Consent: Where you have given explicit consent
• Legal compliance: To comply with applicable laws

13. Contact Information