This Privacy Policy explains how AIfonts.art ("we", "us", "our") collects, uses, and protects your personal data when you use our AI-powered font generation service.
1. Data We Collect
We collect the following categories of personal data:
- Account information: email address, display name, and hashed password when you create an account.
- Uploaded content: images, logos, handwriting samples, and other files you upload to generate fonts.
- Payment data: billing information processed securely by our payment providers (Stripe and PayPal). We never store your full credit card number or payment credentials on our servers.
- Usage data: pages visited, features used, font generation history, and interaction patterns to improve the service.
- Technical data: IP address, browser type, device information, and operating system collected automatically through server logs.
2. How We Use Your Data
We process your data for the following purposes:
- Font generation: processing your uploaded images through our AI pipeline to create custom fonts.
- Account management: creating and maintaining your account, managing credits and subscriptions.
- Payment processing: handling purchases, issuing invoices, and managing refunds.
- Service improvement: analyzing usage patterns to enhance features, fix bugs, and optimize performance.
- Communication: sending transactional emails (order confirmations, password resets) and, only with your consent, occasional product updates.
- Security: detecting fraud, preventing abuse, and maintaining platform integrity.
3. Cookies and Tracking
We use only essential cookies required for the service to function:
- Session cookie: maintains your authenticated session while browsing.
- CSRF token: protects against cross-site request forgery attacks.
- Preferences cookie: remembers your language and display settings.
We do not use third-party tracking cookies, advertising pixels, or analytics services that track you across websites.
4. Data Sharing and Third Parties
We do not sell, rent, or trade your personal data. We share data only with the following service providers, strictly necessary for operating the platform:
- Stripe & PayPal: secure payment processing. Subject to their respective privacy policies.
- Cloudflare: CDN, DDoS protection, and DNS. May process IP addresses and request metadata.
- OpenAI: AI processing for font generation. Uploaded images are sent to OpenAI's API for analysis. OpenAI does not use API inputs to train their models.
We may also disclose data if required by law, court order, or to protect our legal rights.
5. Your Uploaded Content
Your uploads are your property. Specifically:
- You retain all intellectual property rights over your uploaded images and the fonts generated from them.
- We do not use your uploads to train AI models, build datasets, or for any purpose other than generating the fonts you request.
- Uploaded images are stored securely and accessible only to you and our font generation pipeline.
- You can request deletion of all your uploaded content at any time.
6. Data Retention
- Your account data, generated fonts, and uploaded content are retained for as long as your account is active.
- If you delete your account, all personal data is permanently removed within 30 days, except where retention is required by law (e.g., invoicing records for tax purposes, retained for up to 10 years).
- Server logs containing IP addresses are automatically purged after 90 days.
- You can request immediate deletion of specific uploads or your entire account at any time.
7. GDPR Rights (EU/EEA Users)
Under the General Data Protection Regulation, you have the following rights:
- Right of access: request a copy of all personal data we hold about you.
- Right to rectification: correct inaccurate or incomplete data.
- Right to erasure: request deletion of your personal data ("right to be forgotten").
- Right to data portability: receive your data in a structured, machine-readable format (JSON export).
- Right to restrict processing: limit how we use your data in certain circumstances.
- Right to object: object to processing based on legitimate interests.
- Right to withdraw consent: withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us at the address below. We will respond within 30 days.
8. Data Security
We implement industry-standard security measures including encryption in transit (TLS 1.3), encrypted storage, access controls, and regular security audits. While no system is 100% secure, we take reasonable precautions to protect your data from unauthorized access, alteration, or destruction.
9. Children's Privacy
AIfonts.art is not intended for users under 16 years of age. We do not knowingly collect data from children. If you believe a child has provided us personal data, please contact us and we will promptly delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify you via email or a prominent notice on the platform. Continued use of AIfonts.art after changes constitutes acceptance of the updated policy.
11. Contact Us
For any privacy-related questions, data requests, or concerns:
If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority (for Italian residents: Garante per la protezione dei dati personali).