Privacy Policy

We collect three buckets of data: account, content, and usage.

• Account: email, OAuth identifiers (Apple ID, Google sub), Stripe customer ID, display name, avatar.
• Content: photos and prompts you upload; generations you produce; metadata about each generation (template, engine, cost, duration).
• Usage: events about how you navigate the Service — page views, button clicks, generation success/failure.

To run the Service: store your work, sync across devices, run generations through AI providers, debit credits accurately, send receipts.

To improve the Service: aggregate analytics on which tools are used, which generations succeed, which UIs convert. Never tied back to your face or content.

We do not train models on your face or private generations by default. If you opt in via Account → Privacy & data, we use a privacy-preserving pipeline (face-redacted samples) to improve template quality.

When you run a generation, the input image and prompt are sent to a third-party AI provider via SyncNode. These providers handle data under their own privacy policies. We delete the cached copy from their side within 24 hours where we have control.

You can, at any time:

• See everything we have on you (Account → Privacy → Request full export).
• Delete your account and all associated data (Account → Profile → Delete).
• Opt out of any non-essential cookies and analytics.
• File a GDPR or CCPA request via the form in Account → Privacy.

We use exactly three cookies: session, theme preference, and feature-flag identifier. We do not use ad-targeting cookies. No third-party trackers run on pixiedust.app.

Account data is kept while your account is active. Generations are kept until you delete them. After account deletion, we keep minimal billing records for 7 years to comply with tax law; everything else is purged within 30 days.

For anything privacy-related: privacy@pixiedust.app. Our DPO responds within 14 business days.