At PicForge, we believe your images and data belong to you. We process images locally whenever possible, minimize data collection, and never sell your personal information. This policy explains how we protect your privacy while delivering powerful AI image transformation tools.
1. Information We Collect
Information You Provide
Account Information: Email address, name, and profile picture (when using Google Sign-In)
Images: Photos you upload for processing
Prompts & Settings: Text prompts and transformation settings you use
Showcase Content: Images and descriptions you choose to share publicly
Payment Information: Processed securely by our payment providers (we don't store card details)
Information Collected Automatically
Usage Data: Features used, processing frequency, and error logs
IP Address: Used for rate limiting and abuse prevention
Cookies: Session management and preferences (essential cookies only)
Information We DON'T Collect
Tracking cookies or advertising identifiers
Location data (beyond general region from IP)
Biometric data or facial recognition profiles
Contact lists or social media connections
2. How We Use Your Information
Primary Uses
Service Delivery: Process and transform your images as requested
Account Management: Maintain your account, history, and preferences
Communication: Send service updates, respond to support requests
Improvement: Analyze usage patterns to enhance features and fix bugs
Security: Prevent abuse, fraud, and unauthorized access
AI Processing
When you use our AI features:
Images are processed using Google Gemini, OpenAI, or local processing
We don't use your images to train AI models
Prompts may be logged for quality improvement (anonymized after 30 days)
Processed images are deleted from our servers after 30 days unless saved to your account
3. Data Storage and Security
Where Your Data Lives
Local Processing: Many features run entirely in your browser
Temporary Storage: Images in processing queue (deleted after completion)
Account Data: Stored securely on Supabase (PostgreSQL database)
CDN Cache: Processed images cached for performance (30-day retention)
Security Measures
End-to-end encryption for data transmission (HTTPS/TLS)
Encrypted database storage
Regular security audits and updates
Access controls and authentication
Rate limiting to prevent abuse
No storage of payment card details
4. Information Sharing
We Share Data Only When:
You Explicitly Share: Posting to the community showcase
Service Providers: AI processing (Gemini, OpenAI), hosting (Vercel), database (Supabase)
Legal Requirements: Court orders, law enforcement requests (we'll notify you when possible)
Safety: To prevent harm, fraud, or security threats
Business Transfer: If PicForge is acquired (with notice to users)
We NEVER:
Sell your personal information
Share images without your permission
Use your content for advertising
Allow third-party tracking
5. Your Rights and Controls
You Have the Right To:
Access: Download your data and processing history
Correction: Update incorrect information
Deletion: Request account and data deletion
Portability: Export your data in standard formats
Object: Opt-out of certain data uses
Restrict: Limit how we process your data
Privacy Controls
Delete individual images from history
Clear all processing history
Make showcase submissions private
Disable account features while keeping data
Export all data before deletion
6. Cookies and Tracking
PicForge uses only essential cookies for:
Session management (keeping you logged in)
Security tokens (CSRF protection)
User preferences (theme, settings)
Rate limiting (preventing abuse)
We do NOT use advertising cookies, analytics trackers, or third-party cookies.
7. Children's Privacy
PicForge is not intended for children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately for removal.
8. International Data Transfers
Your data may be processed in the United States where our servers are located. We ensure appropriate safeguards are in place for international transfers, including:
Standard contractual clauses with service providers
Encryption for all data transfers
Compliance with GDPR and CCPA requirements
9. Data Retention
Data Type
Retention Period
Uploaded images (not saved)
24 hours
Processed images (not saved)
30 days
Saved images (user account)
Until deleted by user
Account information
Until account deletion
Usage logs
90 days
Payment records
7 years (legal requirement)
10. Privacy Policy Changes
We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes by:
Email notification to registered users
Prominent notice on our website
In-app notification
Continued use after changes indicates acceptance of the updated policy.
11. California Privacy Rights (CCPA)
California residents have additional rights under the CCPA:
Right to know what personal information is collected
Right to know if personal information is sold (we don't sell data)
Right to opt-out of sale (not applicable as we don't sell data)
Right to deletion
Right to non-discrimination for exercising privacy rights
12. European Privacy Rights (GDPR)
If you're in the European Economic Area, you have rights under GDPR including:
Legal basis disclosure (we process based on consent and legitimate interests)
Data protection officer contact (privacy@picforge.com)
Right to lodge complaints with supervisory authorities
Automated decision-making disclosure (AI processing with human oversight)
13. Contact Us
For privacy concerns, questions, or to exercise your rights, contact us at:
Email: privacy@picforge.com Data Protection Officer: dpo@picforge.com Mailing Address: PicForge Privacy Team 123 AI Boulevard San Francisco, CA 94105 United States