Privacy Policy

آخر تحديث: May 16, 2025

Introduction

Welcome to ImageVibe (the "Service"), operated by Sun Sky Technology Limited Liability Company ("we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (the "Website") and use our Service. It also describes your data protection rights, including a right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the "Your Rights and Choices" section.

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy and our Terms of Service. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any significant changes by updating the "Last Updated" date of this Privacy Policy and may also notify you through the Service or via email. We encourage you to periodically review this Privacy Policy to stay informed of updates.

Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the Service depends on the content and materials you use, and the actions you take, and includes:

Personal Information You Provide

We collect personal information that you voluntarily provide to us when you register for an account, use the Service, or otherwise contact us. The types of personal information we may collect include:

  • Account Information: When you register for an account using Google third-party login, we collect your name, email address, and profile picture (avatar) as provided by Google.
  • User Content: We collect the images you upload to the Service for the purpose of generating prompts. These images may contain personal information if you choose to upload such content.
  • Payment Information: When you subscribe to our paid plans, your payment information is processed by our third-party payment processor, Square. We do not directly collect or store your full payment card details. However, we may receive information associated with your payment, such as your billing address and a unique customer identifier from Square (square_customer_id), which we store.
  • Communications: If you contact us directly, we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

Information Collected Automatically

When you access or use our Service, we may automatically collect certain information about your device and usage of the Service. This information may include:

  • Usage Data: Information about how you use the Service, such as the features you use, the actions you take, the time, frequency, and duration of your activities. This includes tracking your remaining quota for using the image-to-prompt feature.
  • Device Information: Information about your computer or mobile device, such as your IP address, browser type, operating system, device identifiers, and referring URLs.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information about your interaction with our Service.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. When you first visit our Website, we will ask for your consent to use non-essential cookies (e.g., for analytics and advertising, if applicable). You can manage your cookie preferences at any time through our cookie consent management tool (or browser settings for some cookies). Our uses of these technologies fall into the following general categories:

  • Strictly Necessary Cookies: These cookies are essential for you to browse the Website and use its features, such as accessing secure areas of the site. Without these cookies, services like user account logins cannot be provided. These cookies do not require your consent.
  • Performance Cookies (Analytics): We use cookies, such as those from Google Analytics, to collect information about how visitors use our Website. This includes the number of visitors, the websites that referred them, and the pages they visited. We use this information to compile reports and to help us improve the Website. These cookies collect information in an aggregated and anonymous form. We will seek your consent before placing these cookies.
  • Functionality Cookies: These cookies allow the Website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For instance, these cookies can be used to remember your login details. We will seek your consent before placing these cookies.
  • Targeting/Advertising Cookies (If Applicable): These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator's permission.

You can control and/or delete cookies as you wish – for details, see aboutcookies.org. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. However, disabling strictly necessary cookies may limit your ability to use some features of our Website. For non-essential cookies, our consent management tool provides the primary means of control.

If you are an individual in the European Economic Area (EEA) or the United Kingdom (UK), we collect and process information about you only where we have legal bases for doing so under applicable EU and UK laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:

  • We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services (this is performance of a contract);
  • It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services (where consent is not required) and to protect our legal rights and interests;
  • You give us consent to do so for a specific purpose (for example, for non-essential cookies or for sending marketing communications where required); or
  • We need to process your data to comply with a legal obligation.

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. a payment processor) have a legitimate interest to do so, you have the right to object to that use, though, in some cases, this may mean no longer using the Services.

How We Use Your Information

We use the information we collect for various purposes, including:

  • To Provide and Maintain Our Service: To create and manage your account, process your image uploads and generate prompts using the Replicate API, and provide you with customer support.
  • To Process Payments: To process your subscription payments through Square and manage your subscription status and quotas.
  • To Personalize Your Experience: To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
  • To Communicate With You: To send you administrative information, such as updates to our terms, conditions, and policies, security alerts, and support and maintenance advisories. We may also contact you regarding your account or transactions.
  • To Improve Our Service: To understand and analyze how you use our Service, to develop new products, services, features, and functionality, and to monitor and analyze trends, usage, and activities in connection with our Service.
  • For Security and Fraud Prevention: To detect, prevent, and respond to fraud, abuse, security risks, and technical issues.
  • For Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.

How We Share Your Information

We do not sell your personal information, as "sell" is traditionally defined. However, under the California Consumer Privacy Act (CCPA), some sharing of data for analytics or (if applicable) targeted advertising may be considered a "sale."

We may share your information with third parties in the following situations:

  • With Service Providers: We may share your information with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We conduct due diligence on our service providers and have contracts in place that require them to protect your information and only use it for the purposes for which it was disclosed. Examples include:
    • Replicate: When you upload an image to generate a prompt, the image is sent to Replicate's API for processing. Replicate's use of your information is governed by their privacy policy.
    • Square: For processing subscription payments. Square's use of your payment information is governed by their privacy policy.
    • Supabase: For database hosting, user authentication, and storage of your account information and usage data. Supabase's use of your information is governed by their privacy policy.
    • Google Analytics: For website analytics and to understand service usage (subject to your consent for cookies). Google's use of your information is governed by their privacy policy.
  • For Legal Reasons: We may disclose your information if we are required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency). This includes to meet national security or law enforcement requirements.
  • To Protect Rights and Property: We may disclose your information when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, your personal information may be transferred.

International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), your personal data may be transferred to countries outside of the EEA or UK, including the United States, where we and our third-party service providers operate. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. For such transfers, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission or the UK Information Commissioner's Office, or other lawful transfer mechanisms, to ensure that your personal data receives an adequate level of protection. You may request a copy of these safeguards by contacting us.

Data Security

We implement a variety of security measures designed to protect the security of your personal information. We use Supabase for our database and authentication needs, which provides robust security features. However, please remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Specifically:

  • Account information is retained as long as your account is active, and for a reasonable period thereafter in case you decide to re-activate the Service.
  • Uploaded images are processed by Replicate and we do not store them long-term on our primary servers after the prompt is generated, unless necessary for a specific feature you opt into.
  • Usage data may be retained for analytical purposes for a longer period, typically in an aggregated or anonymized form.

Your Rights and Choices

Depending on your location and applicable law (such as GDPR for EEA/UK residents or CCPA for California residents), you may have certain rights regarding the personal information we hold about you. These may include the right to:

  • Access: Request access to the personal information we hold about you and receive a copy of it.
  • Rectification: Request correction of inaccurate or incomplete personal information.
  • Erasure (Right to be Forgotten): Request deletion of your personal information, subject to certain exceptions (e.g., where processing is necessary for compliance with a legal obligation or for the establishment, exercise, or defense of legal claims).
  • Restrict Processing: Request that we restrict the processing of your personal information under certain conditions.
  • Data Portability: Request to receive your personal information in a structured, commonly used, and machine-readable format, and to have it transmitted to another controller where technically feasible.
  • Object to Processing: Object to our processing of your personal information, under certain conditions, particularly where we are processing your data based on legitimate interests or for direct marketing purposes.
  • Withdraw Consent: If we are processing your personal information based on your consent (e.g., for non-essential cookies or marketing), you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
  • Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority (data protection authority) in your jurisdiction if you believe that our processing of your personal information infringes applicable data protection laws. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance.
  • Not Be Subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (unless certain conditions apply).
  • CCPA Specific Rights (for California Residents):
    • Right to Know/Access: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months.
    • Right to Delete: You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions.
    • Right to Opt-Out of Sale: As mentioned above, while we do not "sell" personal information in the traditional sense, you have the right to opt-out of practices that may be considered a "sale" under CCPA.
    • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise any of these rights, please contact us using the contact details provided below. We will respond to your request in accordance with applicable law, typically within one month of receipt of your request (this period may be extended by two further months where necessary, taking into account the complexity and number of the requests). We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

You can manage your Google account settings and the information shared with us through Google's own privacy settings.

Children's Privacy

Our Service is not directed to children. We do not knowingly collect personal information from children under the age of 16. If you are a parent or guardian and you believe that your child under 16 has provided us with personal information without your verifiable consent (or, if applicable, under the age of 13 in jurisdictions where this is the threshold and verifiable parental consent is required by laws like COPPA), please contact us. If we become aware that we have collected personal information from a child under the applicable age threshold without verification of parental consent, we will take steps to remove that information from our servers. If you are under 16, please do not use the Service or provide any personal information to us without parental consent.

Third-Party Services

Our Service relies on functionalities provided by third-party services, including but not limited to Replicate, Square, Supabase, and Google (for authentication and analytics). This Privacy Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage. We encourage you to review the privacy policies of these third-party services to understand how they collect, use, and share your information.

Data Protection Contact

While we may not be formally required to appoint a Data Protection Officer (DPO) under GDPR, we have designated a point of contact for data protection matters. If you have any questions or concerns about our data protection practices or this Privacy Policy, please contact our data protection lead via the details in the "Contact Us" section.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. In some cases, we may provide more prominent notice (such as adding a statement to our homepage or sending you a notification).

Contact Us

If you have any questions or concerns about this Privacy Policy, your data protection rights, or our data practices, please contact us at:

Sun Sky Technology Limited Liability Company Attn: Data Protection Lead 1942 Broadway St. STE 314C, Boulder, CO 80302 Email: [email protected]

By using ImageVibe, you consent to the terms of this Privacy Policy, subject to your rights under applicable law.