Privacy Policy

Data Controller: PhotoGuru AI

Contact Email: privacy@photoguruai.com

Data Protection Officer: dpo@photoguruai.com

Address: Available upon request

Account Information

• Email address (required for account creation)
• Name (first and last name)
• Profile information you provide
• Authentication data (managed by Clerk)

Photos and Training Data

• Training photos you upload for AI model creation
• Generated headshot images
• Appearance details and preferences
• Photo metadata (file names, upload timestamps)

Usage and Analytics Data

• IP address and browser information
• Device type and operating system
• Pages visited and time spent on our website
• User interactions and feature usage
• Referral sources and marketing attribution

Payment Information

• Payment processing data (handled by Stripe)
• Billing address and transaction history
• Subscription status and usage credits

We process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide our AI headshot generation services
• Legitimate Interest: Analytics, service improvement, fraud prevention, and marketing
• Consent: Marketing communications and optional analytics cookies
• Legal Obligation: Tax records, compliance with applicable laws

Service Provision

• Creating and training your personalized AI model
• Generating professional headshots based on your photos
• Managing your account and subscription
• Providing customer support

Service Improvement

• Analyzing usage patterns to improve our service
• Developing new features and capabilities
• Monitoring service performance and reliability
• Conducting research and development

Communication

• Sending service notifications and updates
• Responding to your inquiries and support requests
• Marketing communications (with your consent)
• Important account and security notifications

We may share your data with the following third parties:

Service Providers

• Clerk: User authentication and account management
• AWS: Cloud storage and computing services
• Stripe: Payment processing and billing
• FAL.ai: AI model training and inference

Analytics Providers

• PostHog: Product analytics and user behavior tracking
• Google Analytics & Ads: Website analytics and advertising
• Facebook Pixel: Social media advertising and analytics
• Plausible: Privacy-focused website analytics
• DataFast: Goal tracking and conversion analytics

All third-party processors are bound by data processing agreements and must comply with GDPR requirements.

• Account Data: Retained while your account is active
• Training Photos: Stored securely for model generation and can be deleted anytime
• Generated Photos: Available for download indefinitely unless you delete them
• Payment Data: Retained for 7 years for legal and tax obligations
• Analytics Data: Anonymized and retained for up to 26 months
• Inactive Accounts: Automatically deleted after 3 years of inactivity

As a data subject, you have the following rights:

Right to Access

You can request information about what personal data we hold about you.

Right to Rectification

You can correct inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, including:

• Complete account deletion
• Specific training photos
• Generated images
• All associated AI models

Right to Data Portability

You can export your data in a structured, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or for marketing purposes.

Right to Restrict Processing

You can request limitation of processing in certain circumstances.

To exercise any of these rights, contact us at privacy@photoguruai.com. We will respond within 30 days.

We implement comprehensive security measures to protect your data:

• Encryption: All data encrypted in transit and at rest
• Access Controls: Strict employee access controls with multi-factor authentication
• Infrastructure: Enterprise-grade AWS cloud security
• Monitoring: 24/7 security monitoring and threat detection
• Isolation: User data processed in isolated environments
• Regular Audits: Third-party security assessments and compliance reviews

Your data may be transferred to and processed in countries outside the EEA, including the United States. We ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) with all processors
• Adequacy decisions where applicable
• Additional technical and organizational measures
• Regular assessment of third-country security levels

We use cookies and similar technologies for analytics, marketing, and service functionality. For detailed information, please see our Cookie Policy.

You can manage your cookie preferences through our cookie consent banner or your browser settings.

Our service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

In the event of a data breach that poses a high risk to your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach. We will provide information about the nature of the breach, potential consequences, and measures taken to address it.

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with applicable data protection laws. A list of supervisory authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will provide additional notice via email or prominent website notification.

For any questions about this Privacy Policy or your personal data, contact us:

• Privacy Team: privacy@photoguruai.com
• Data Protection Officer: dpo@photoguruai.com
• General Support: ray@photoguruai.com