Privacy Policy

1. Introduction

Welcome to Digital Twin XI ("we," "our," or "us"). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI headshot generation service.

2. Information We Collect

2.1 Information You Provide

• Account information (name, email address) when you sign up via Google OAuth
• Payment information processed securely through Stripe
• Photos and images you upload for headshot generation
• Prompts and preferences you provide for image generation

2.2 Automatically Collected Information

• Usage data (features used, time spent, generation history)
• Device information (browser type, operating system)
• IP address and location data
• Cookies and similar tracking technologies

3. How We Use Your Information

We use your information to:

• Provide and maintain our AI headshot generation service
• Process your payments and manage subscriptions
• Generate AI headshots based on your uploaded images
• Send you service updates and notifications
• Improve our services and develop new features
• Prevent fraud and ensure security
• Comply with legal obligations

4. Data Storage and Security

We take data security seriously and implement industry-standard measures:

• All data is encrypted in transit using HTTPS/TLS
• Data at rest is encrypted using industry-standard encryption
• We use Supabase for secure database and file storage
• Payment information is processed securely by Stripe (PCI-DSS compliant)
• Access to your data is restricted to authorized personnel only

5. Your Uploaded Images

Regarding the photos you upload:

• Your images are used solely for generating your AI headshots
• We do not use your images to train AI models without explicit consent
• You retain all ownership rights to your uploaded images
• You can delete your images at any time from your gallery
• Generated images are stored securely and accessible only to you

6. Third-Party Services

We use the following third-party services:

• Google OAuth: For authentication (subject to Google's Privacy Policy)
• Stripe: For payment processing (subject to Stripe's Privacy Policy)
• Supabase: For database and file storage
• StoryXI API: For AI image generation
• Vercel: For hosting and deployment

7. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data
• Opt-out of marketing communications
• Withdraw consent at any time

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. When you delete your account, we will delete your personal information within 30 days, except where we are required to retain it for legal purposes.

9. Children's Privacy

Our service is not intended for children under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at: