Privacy Policy

Dec 5, 2025

Last Updated: December 5, 2025

Effective Date: December 5, 2025

1. Introduction

Welcome to AISnapEdit ("we," "us," "our," or the "Company"). We operate the website https://aisnapedit.com (the "Service"), an All-In-One AI SaaS platform that empowers users to generate images, videos, and audio.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services. This policy applies to all visitors, users, and others who access the Service (collectively, "Users" or "you").

We are committed to protecting your privacy and complying with applicable data protection laws, including:

General Data Protection Regulation (GDPR) – European Union
UK General Data Protection Regulation (UK GDPR) – United Kingdom
California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA) – California, USA
Virginia Consumer Data Protection Act (VCDPA) – Virginia, USA
Colorado Privacy Act (CPA) – Colorado, USA
Other applicable privacy laws

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

2. Data Controller Information

For Users in the European Economic Area (EEA), United Kingdom, and Switzerland:

The data controller responsible for your personal data is:

AISnapEdit Email: [email protected] Website: https://aisnapedit.com

For privacy-related inquiries, please contact us at [email protected].

3. Information We Collect

3.1 Information You Provide Directly

Category	Data Types	Purpose
Account Information	Name, email address, username, password (hashed)	Account creation, authentication, customer support
Profile Information	Profile picture, preferences, settings	Personalization of services
Payment Information	Payment method details, billing address, transaction history	Payment processing, subscription management
Communications	Email correspondence, support tickets, feedback	Customer support, service improvement
User Content	Images, videos, or audio you upload for processing, prompts, generated content	AI generation services

3.2 Information Collected Automatically

Category	Data Types	Purpose
Device Information	Device type, operating system, browser type and version, device identifiers	Service optimization, security
Usage Data	Pages visited, features used, click patterns, session duration, timestamps	Analytics, service improvement
Log Data	IP address, access times, referring URLs, error logs	Security, troubleshooting
Cookies & Similar Technologies	Session cookies, preference cookies, analytics cookies	See Section 9 (Cookies Policy)

3.3 Information from Third Parties

Source	Data Types	Purpose
OAuth Providers (Google, GitHub, etc.)	Name, email, profile picture (with your consent)	Social login functionality
Payment Processors	Transaction status, payment confirmation	Payment verification
Analytics Providers	Aggregated usage statistics	Service improvement

4. How We Use Your Information

We process your personal data based on the following legal bases under GDPR:

Creating and managing your user account
Providing AI generation services (images, videos, audio)
Processing payments and managing subscriptions
Delivering customer support
Sending transactional communications (e.g., order confirmations, service updates)

Improving and optimizing our Service
Preventing fraud and ensuring security
Analyzing usage patterns and trends
Developing new features and services
Marketing our services to existing customers (with opt-out option)

Complying with legal obligations
Responding to lawful requests from authorities
Maintaining records as required by law

Sending marketing communications (where required)
Using certain cookies and tracking technologies
Processing sensitive data categories (if applicable)

You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

5. AI Generation and Your Data

5.1 How We Process Your Content

When you use our AI generation services:

Input Processing: Text prompts and media files (images, videos, audio) you submit are sent to our AI model providers for processing
Model Used: We utilize advanced AI models (e.g., Google's Gemini) for generating high-quality content
Data Handling: Your inputs are processed in real-time and are not used to train AI models without your explicit consent
Output Delivery: Generated content is delivered to you and stored in your account

We share necessary data with our AI providers to deliver the Service:

Provider	Data Shared	Purpose
Google (Gemini)	Prompts, uploaded media	AI content generation

Important: Our AI providers may process your data according to their own privacy policies. We encourage you to review:

Google Privacy Policy

5.3 Data Retention for AI Processing

Temporary Processing: Inputs submitted for processing are temporarily stored during the generation process
Generated Content: Output content is stored in your account until you delete it or close your account
Logs: Processing logs are retained for up to 90 days for troubleshooting purposes

6. Disclosure of Your Information

6.1 Service Providers

We engage trusted third-party companies to perform services on our behalf:

Category	Providers	Purpose
Payment Processing	Stripe, PayPal, Creem	Secure payment transactions
Cloud Infrastructure	Cloudflare	Hosting, CDN, security
Analytics	Google Analytics, Microsoft Clarity, Plausible, OpenPanel	Usage analytics
Email Services	Resend	Transactional emails
Customer Support	Crisp, Tawk	Live chat support
Storage	AWS S3, Cloudflare R2	File storage

6.2 Legal Requirements

We may disclose your information:

To comply with applicable laws, regulations, or legal processes
To respond to lawful requests from public authorities
To protect and defend our rights or property
To prevent or investigate possible wrongdoing
To protect the safety of our users or the public

6.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

We may share your information for other purposes with your explicit consent.

7. International Data Transfers

7.1 Transfer Mechanisms

Your personal data may be transferred to and processed in countries outside your country of residence. For transfers from the EEA, UK, or Switzerland to countries not deemed adequate by relevant authorities, we use:

Standard Contractual Clauses (SCCs) approved by the European Commission
UK International Data Transfer Agreement (IDTA) for UK transfers
Data Processing Agreements with all service providers

7.2 Countries Receiving Data

Data may be transferred to:

United States – Cloud infrastructure, AI processing, payment processing
European Union – Certain infrastructure services

7.3 Your Rights Regarding Transfers

You may request information about the safeguards in place for international transfers by contacting us at [email protected].

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

Data Category	Retention Period	Basis
Account Data	Duration of account + 30 days after deletion	Contract performance
Transaction Records	7 years	Legal/tax requirements
Usage Analytics	26 months (aggregated)	Legitimate interest
Support Communications	3 years after resolution	Legitimate interest
AI Processing Logs	90 days	Troubleshooting
Generated Content	Until deletion by user	Contract performance
Marketing Data	Until consent withdrawal	Consent

After the retention period, data is securely deleted or anonymized.

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential Cookies	Authentication, security, basic functionality	Session / Persistent
Preference Cookies	Language, theme, user settings	1 year
Analytics Cookies	Usage statistics, performance monitoring	Up to 2 years
Marketing Cookies	Personalized ads (if applicable)	Up to 1 year

9.2 Third-Party Cookies

Provider	Purpose	Opt-Out
Google Analytics	Website analytics	Google Opt-Out
Microsoft Clarity	User behavior analytics	Microsoft Privacy

9.3 Managing Cookies

You can control cookies through:

Browser Settings: Most browsers allow you to block or delete cookies
Cookie Consent Tool: Use our cookie consent banner to manage preferences
Opt-Out Links: Use provider-specific opt-out mechanisms listed above

Note: Disabling essential cookies may impair Service functionality.

10. Your Privacy Rights

If you are in the European Economic Area, United Kingdom, or Switzerland, you have the following rights:

Right	Description
Right of Access	Request a copy of your personal data
Right to Rectification	Request correction of inaccurate data
Right to Erasure	Request deletion of your data ("right to be forgotten")
Right to Restrict Processing	Request limitation of data processing
Right to Data Portability	Receive your data in a machine-readable format
Right to Object	Object to processing based on legitimate interests
Right to Withdraw Consent	Withdraw consent at any time
Right Not to be Subject to Automated Decision-Making	Right regarding automated profiling decisions

To exercise your rights: Email [email protected] with your request. We will respond within 30 days (extendable by 60 days for complex requests).

Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority. A list of EU data protection authorities is available at https://edpb.europa.eu/.

10.2 Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the following rights:

Right	Description
Right to Know	Request disclosure of personal information collected, used, and shared
Right to Delete	Request deletion of your personal information
Right to Correct	Request correction of inaccurate personal information
Right to Opt-Out of Sale/Sharing	Opt out of the sale or sharing of personal information
Right to Limit Use of Sensitive Personal Information	Limit use of sensitive personal information
Right to Non-Discrimination	Not be discriminated against for exercising your rights

We Do Not Sell Your Personal Information. We do not sell personal information for monetary consideration as defined under CCPA/CPRA.

To exercise your rights: Email [email protected] or submit a request through our website. We will verify your identity and respond within 45 days.

Authorized Agents: You may designate an authorized agent to submit requests on your behalf with proper verification.

10.3 Rights Under Other U.S. State Laws

Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA) Residents:

You may have similar rights to access, delete, correct, and opt-out of certain data processing. Contact us at [email protected] to exercise these rights.

Appeals: If we deny your request, you have the right to appeal. Contact us for the appeals process.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

11.1 Technical Measures

Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access with multi-factor authentication
Infrastructure Security: Enterprise-grade cloud providers (Cloudflare)
Regular Audits: Periodic security assessments and penetration testing
Monitoring: 24/7 security monitoring and intrusion detection

11.2 Organizational Measures

Data Minimization: We collect only data necessary for our purposes
Staff Training: Regular privacy and security training
Vendor Assessment: Due diligence on all third-party providers
Incident Response: Documented procedures for data breach response

11.3 Data Breach Notification

In the event of a data breach affecting your personal data:

We will notify relevant data protection authorities within 72 hours (GDPR requirement)
We will notify affected individuals without undue delay when the breach is likely to result in high risk
We will document all breaches and our response actions

12. Children's Privacy

Our Service is not directed to children under the age of 16 (or 13 in the United States under COPPA).

We do not knowingly collect personal information from children
If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected]

13. Third-Party Links

Our Service may contain links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you.

We do not control these third-party websites
We are not responsible for their privacy practices
We encourage you to read the privacy policy of every website you visit

14. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Our Service currently does not respond to DNT signals. However, you can use the privacy controls described in Section 9 to manage tracking preferences.

15. Automated Decision-Making and Profiling

15.1 AI-Powered Features

Our Service uses AI for content generation. This processing:

Is based on your explicit input (prompts and media you provide)
Does not produce legal or similarly significant effects on you
Is necessary for the performance of our contract with you

15.2 Your Rights

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. Our AI generation does not fall into this category, but if you have concerns, please contact us.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be effective when posted on this page.

Material Changes: We will notify you by email and/or prominent notice on our website at least 30 days before changes take effect
Continued Use: Your continued use of the Service after changes become effective constitutes acceptance of the revised policy
Review Regularly: We encourage you to review this policy periodically

The "Last Updated" date at the top of this page indicates when this policy was last revised.

17. California Shine the Light

Under California Civil Code Section 1798.83, California residents may request information about disclosure of personal information to third parties for direct marketing purposes. We do not share your personal information with third parties for their direct marketing purposes.

18. Nevada Privacy Rights

Nevada residents may opt out of the sale of certain personal information. We do not currently sell personal information as defined under Nevada law, but you may submit an opt-out request to [email protected].

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

AISnapEdit Email: [email protected] Website: https://aisnapedit.com

For GDPR-related inquiries (EEA/UK residents): Data Protection Contact: [email protected]

We will respond to your request within the timeframes required by applicable law:

GDPR: 30 days (extendable by 60 days)
CCPA/CPRA: 45 days (extendable by 45 days)
Other laws: As required

20. Dispute Resolution

If you have an unresolved privacy concern that we have not addressed satisfactorily, you may contact:

EU Residents: Your local data protection authority
UK Residents: Information Commissioner's Office (ICO) at https://ico.org.uk
US Residents: Federal Trade Commission (FTC) at https://ftc.gov

By using AISnapEdit, you acknowledge that you have read, understood, and agree to this Privacy Policy.