Fotogenic AI

Privacy Policy

Last edited: May 17, 2026

This Privacy Policy applies to the Fotogenic service, including the mobile application, the Application Programming Interface (API), and WordPress/WooCommerce plugin integrations (collectively, the “Service”).

Fotogenic (“we”, “us”, or “our”) prioritizes your privacy and aims to be clear and transparent about how data is collected, used, shared, and protected. Where the Service provides specific privacy information in settings, onboarding screens, or app store privacy disclosures, those disclosures form part of this Policy and may provide additional detail for that interface.

DATA COLLECTION AND USE

We may collect personal data (user-identifiable) and/or non-personal data (non user-identifiable, aggregated), depending on which interfaces and features you use.

A. Device and Usage Data

This may include, but are not limited to:

  • Device model, operating system version, language, and region settings.
  • Service version, session duration, feature usage, and interaction events.
  • IP address (required for network communication, security, abuse prevention, and payment/session verification).
  • Diagnostics such as crash reports, performance logs, and error logs.
B. Identifiers

We process identifiers needed to operate and secure the Service. Depending on interface and feature use, this may include, but are not limited to:

  • Random app/device-linked identifiers.
  • API Keys, License Keys, and Authentication Tokens.
  • Session identifiers used to maintain authenticated sessions and revoke sessions when needed.

These identifiers are used for authentication, feature continuity, usage metering, subscription/billing enforcement, abuse prevention, and service security.

If platform advertising identifiers are used (for example IDFA on iOS), this is governed by your device settings and consent choices (see “Your Choices and Controls”).

C. Account and Payment Data

To provide the Service, we process data required to authenticate you and maintain your account, which may include, but are not limited to:

  • Email address and profile fields provided by authentication providers.
  • Authentication/session tokens and related metadata.
  • Purchase, subscription, credit balance, and transaction verification data.

Payment and subscription verification may involve third-party payment/subscription processors used by the Service (for example Stripe and RevenueCat, where applicable).

D. Uploaded Content

The Service allows you to upload or submit content such as photos, images, videos, audio, text, or other materials (“Uploaded Content”). Depending on interface, this may include direct camera/video input.

Uploaded Content may include personal data if it contains identifying information about you or others. Uploaded Content is processed to provide requested features and may be temporarily stored to support:

  • Feature execution and delivery.
  • Reliability operations (including retries and recovery).
  • Security, abuse prevention, and technical troubleshooting.
  • Service quality and performance improvement.

Uploaded Content is retained only as long as necessary for these purposes, then deleted or anonymized where feasible, subject to legal, security, and backup retention requirements.

We do not use Uploaded Content for advertising, marketing, promotional materials, public posting, or showcasing, and we do not publish it outside the Service unless you provide separate, explicit consent.

THIRD-PARTY ADVERTISING

The Service may work with third-party advertising companies to serve ads or measure ad performance. These companies may use tracking technologies when you interact with their ads.

This Policy does not govern independent third-party data practices, and we are not responsible for third-party cookies or similar tracking technologies. You should review those third-party privacy policies directly. Where feasible, we provide disclosures and user controls in product settings.

COOKIES AND WEBSITE TRACKING

We use cookies and similar technologies to operate and secure the website, remember consent choices, understand site performance, provide support chat, and measure marketing or advertising activity where enabled.

We use FAZ Cookie Manager to present cookie choices and record consent preferences locally. You can accept, reject, or customize non-essential cookie categories, and you can reopen your preferences using the consent widget on the website.

Website services may include Google Analytics or Google Site Kit for measurement and Crisp for live chat support. Non-essential analytics, functional, or marketing storage is managed through the cookie banner and Google Consent Mode where applicable.

Consent records may include a consent identifier, timestamp, selected categories, page URL, and limited technical data such as an anonymized IP address. We retain consent records only as needed for audit, security, and legal purposes, subject to the retention settings in our consent-management tool.

THIRD-PARTY APIS

The Service uses third-party services/APIs (for example authentication, cloud hosting, analytics, crash reporting, payments/subscriptions, and content processing) to provide specific features. Depending on integration, providers may process data on our behalf or under their own policies.

If the Service shares data with third-party providers, that processing is subject to their terms and privacy practices. We recommend reviewing their policies.

Examples of provider categories used by the Service may include, but are not limited to:

  • Cloud infrastructure and storage.
  • Authentication and identity.
  • Payment/subscription processing.
  • Content processing providers.
  • Optional third-party storage/integration providers connected by the user.

While we carefully select providers, we are not responsible for third-party privacy practices. We aim to work with providers that provide robust privacy/security protections and will communicate material changes when appropriate.

INTERNET COMMUNICATIONS

The Service requires network access and uses HTTPS/TLS encryption for data in transit to help protect against interception and unauthorized access.

PERMISSIONS

The Service may request device or site permissions such as camera, photo library, microphone, location services, or filesystem access to provide relevant functionality.

Permissions are requested only when needed for feature operation. You can manage permissions at any time in device/browser settings.

DATA RETENTION AND DELETION

We retain data only as long as necessary to:

  • Provide the Service.
  • Fulfill purposes described in this Policy.
  • Comply with legal obligations.
  • Resolve disputes.
  • Enforce agreements.
  • Protect security and service integrity.
A. Uploaded Content Retention

Uploaded Content may be stored for the period required to:

  • Deliver requested outputs.
  • Maintain reliability operations.
  • Investigate abuse or security incidents.
  • Improve service operations and performance.

After no longer needed, data is deleted or anonymized where feasible. Some data may persist temporarily in backups and be removed on backup lifecycle schedules.

B. Account Deletion and User Requests

You may request access, correction, or deletion of personal data, subject to legal and operational constraints. We may require identity verification before fulfilling requests. If we cannot delete certain data due to legal obligations or legitimate purposes (for example security and fraud prevention logs), we will explain the reason where required.

Where account deletion functionality is available in the Service:

  • A deletion request may be accepted and queued.
  • Active sessions may be revoked.
  • Optional connected integrations may be disconnected.
  • Deletion of primary user records may complete through scheduled backend cleanup processes.

This means deletion may not always be instantaneous at request time.

To make a privacy request, contact us using the details in the “Contact” section.

YOUR CHOICES AND CONTROLS

Depending on interface and feature use, you may be able to:

  • Disable certain analytics or collection features in Service settings (where provided).
  • Control ad tracking preferences at operating system level (including ATT prompts where applicable).
  • Revoke device/site permissions in system settings.
  • Request access, correction, or deletion as described in this Policy.

For interface-specific details, refer to specific platform Service settings, app store disclosures, and this Policy.

THIRD-PARTY LINKS

The Service may include links to third-party websites/services not operated by us. We are not responsible for their content, privacy policies, or practices. Please review their policies before using them.

ARTIFICIAL INTELLIGENCE GENERATED CONTENT

The Service allows you to generate content using artificial intelligence technologies (“AI”) based on your provided inputs, which may include real-world images or other materials containing personal or confidential information.

Artificial intelligence based generated content may reflect, derive from, or be influenced by characteristics in input content. Outputs are generated in response to your actions and provided for your intended use.

We do not claim ownership of your inputs or resulting outputs. Unless explicitly disclosed by us, we do not intentionally use Artificial intelligence based generated content content to identify individuals, create biometric profiles, or train general-purpose models outside operation of the Service.

Some related features rely on third-party providers. When those features are used, inputs, prompts, and outputs may be processed by those providers under their own terms and privacy policies, which may change independently. We do not control and are not responsible for third-party policy changes or third-party processing outside our direct control. We encourage you to review the applicable third-party policies.

You are responsible for ensuring you have required rights and permissions to upload input content and use generated outputs.

Probabilistic Nature and Accuracy

AI features are probabilistic. Accordingly:

  • Outputs may be inaccurate, misleading, or offensive.
  • Outputs may not be suitable for your intended purpose.
  • You are solely responsible for reviewing, verifying, and evaluating accuracy, appropriateness, and legality before relying on or publishing outputs, especially for commercial use.
Similarity of Content

Because of how generative systems operate, different users may provide similar inputs and receive similar or identical outputs. The Service does not guarantee exclusivity or uniqueness of AI-generated results.

USER GENERATED CONTENT

The Service allows submission/upload of content, including images, video, audio, text, and other materials. User generated content and related outputs are processed solely to provide requested Service functionality, including AI-based processing where applicable.

We do not use user generated content or outputs for advertising, marketing, promotional activities, or public display, and we do not share/publish it outside the scope of your use unless you explicitly choose to do so or provide separate explicit consent.

Retention is limited to what is operationally necessary, then content is deleted or anonymized where feasible, subject to legal, security, and backup retention requirements.

POLICY REGARDING CHILDREN

The Service is not intended for children under 13 (or higher age where required by applicable law). We do not knowingly collect personal data from children without required parental consent.

If we learn we have collected such data without required consent, we will delete it as soon as possible. Parents or guardians who believe a child has provided personal data should contact us using the Contact section below.

If you are a minor in your jurisdiction, please do not submit personal data without appropriate authorization.

SECURITY MEASURES

We place a high priority on data security and implement physical, technical, and procedural safeguards designed to protect personal data against unauthorized access, use, alteration, disclosure, or destruction.

No security system is fully impenetrable, and we cannot guarantee absolute security. If we become aware of a security incident, we will provide required notices to users and/or authorities in accordance with applicable law.

LEGAL COMPLIANCE

We may disclose personal data where required by law or where reasonably necessary to comply with legal process, enforce rights, prevent fraud/abuse, protect users, or protect the integrity and security of the Service.

LIABILITY

Fotogenic AI shall not be liable for any claim, damages, losses, liabilities, costs, or expenses of any kind, whether direct, indirect, incidental, special, consequential, punitive, exemplary, contractual, tortious, statutory, or otherwise, arising out of or in connection with the software, the Service, or the use of or inability to use the software or Service, including without limitation loss of profits, loss of data, loss of goodwill, business interruption, or loss of business opportunities, even if advised of the possibility of such damages.

To the fullest extent permitted by applicable law, these limitations apply to all causes of action and all theories of liability.

Nothing in these Terms excludes or limits liability to the extent such exclusion or limitation is prohibited by applicable law.

CHANGES TO THE PRIVACY POLICY

We may update this Policy from time to time. Changes become effective when posted on our website or otherwise communicated (for example by email or in-app notice where available). The effective date will be updated accordingly.

For questions or concerns regarding this Privacy Policy, please contact us via support@fotogenic.ai.