Privacy Policy
Last updated: January 2025
How We Handle Your Data
This policy explains how ImageGPT collects, uses, and protects your information.
1. Information We Collect
We collect information necessary to provide our B2B image generation service: • Account Information: Email address, name, and organization details provided during registration. • API Usage Data: Prompts submitted, API calls made, timestamps, and associated project identifiers. • Technical Data: IP addresses, browser type, and device information for security and analytics. • Payment Information: Billing details processed securely through our payment provider (Stripe). We do not collect sensitive personal data beyond what is necessary for service delivery.
2. How We Use Your Information
We use collected information to: • Provide and maintain the ImageGPT service • Process API requests and generate images • Manage your account and billing • Communicate service updates and support responses • Improve service performance and security • Comply with legal obligations We process data based on contractual necessity, legitimate business interests, and where applicable, your consent.
3. Data Retention
• Account Data: Retained while your account is active and for a reasonable period after closure for legal compliance. • Generated Images: Cached for performance optimization; cache duration varies by plan. • Prompts: Retained only as necessary for service delivery and abuse prevention. • Logs: Technical logs retained for up to 90 days for security and debugging purposes. You may request deletion of your data at any time, subject to legal retention requirements.
4. Data Sharing and Subprocessors
We use third-party service providers (subprocessors) to deliver our service, including cloud infrastructure, payment processing, and AI model providers for image generation. Data is shared with these providers only as necessary to support the functionality of the service. We may also share data when required by law, court order, or to protect our rights and safety, and in connection with business transfers such as mergers or acquisitions. We do not sell your personal data or use it for advertising purposes. For a detailed list of our subprocessors, please see our Subprocessors page.
5. Security
We implement industry-standard security measures including: • Encryption in transit (TLS) and at rest • Access controls and authentication • Regular security assessments • Incident response procedures While we strive to protect your data, no system is completely secure. Please report security concerns using the contact link on our website.
6. Your Rights
Depending on your jurisdiction, you may have rights to: • Access your personal data • Correct inaccurate data • Request deletion of your data • Export your data in a portable format • Object to certain processing activities • Withdraw consent where applicable To exercise these rights, please use the contact link on our website. We respond to requests within 30 days.
7. International Transfers
We operate globally and may transfer data to countries outside your jurisdiction. We use appropriate safeguards for international transfers, including standard contractual clauses where required by applicable law.
8. Cookies and Tracking
We use essential cookies for authentication and session management. We do not use third-party tracking cookies for advertising. Analytics data is collected in aggregate form to improve service performance.
9. Children's Privacy
ImageGPT is a B2B service not directed at individuals under 18. We do not knowingly collect data from children. If you believe we have collected data from a minor, please contact us immediately.
10. Changes to This Policy
We may update this policy periodically. The most current version will always be available on this page. Continued use of the service constitutes acceptance of the updated policy.
11. Contact Us
For privacy-related inquiries or to exercise your rights, please use the contact link on our website.