1. Introduction

At Raphael, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your information when you use our AI image generation service at raphael.app ("the Service").

2. Information We Collect and Process

We follow a minimal data collection approach. Depending on how you use the Service, we may process:

Account information, such as your email address, login details, session information, and account preferences
Generation-related information, such as prompts, uploaded files, generated outputs, history, and project data
Subscription and billing information, such as plan details, credits, order records, payment status, and subscription status
Technical, analytics, and security information, such as device information, browser information, IP address, logs, and anti-abuse signals
Cookies and similar technologies used for authentication, session management, security, language preferences, analytics, and product functionality

3. How We Use Information

We use processed information to:

Provide image and video generation, editing, history, account, and subscription features
Authenticate users, manage sessions, and support account recovery and verification
Process orders, subscriptions, credits, and related customer support requests
Maintain service quality, improve performance, debug issues, and prevent fraud or abuse
Understand product usage through analytics and improve the Service

4. How Data Is Shared

We may share limited data with service providers that help us operate the Service, including providers for:

Authentication and account services
Payments, subscriptions, and billing operations
Cloud storage, image and video processing, and infrastructure hosting
Email delivery, analytics, security monitoring, and abuse prevention

5. Data Retention

We retain data based on operational, security, support, and legal needs. Requests from users who are not signed in are typically processed temporarily, except where retention is needed for security, abuse prevention, debugging, or service reliability. For signed-in users, we may retain account-related prompts, outputs, history, subscription records, billing records, and support records for as long as needed to provide account features, history, subscriptions, support, security protections, and compliance.

6. Security Measures

We implement appropriate technical measures to protect against unauthorized access, alteration, or destruction of the limited data we process. Our service operates on secure, encrypted connections.

7. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect or process information from children under 13.

8. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes by posting the new Privacy Policy on this page.

9. Your Rights

Subject to applicable law, you may request to:

Access or receive a copy of account-related personal data
Correct inaccurate account information
Request deletion of eligible personal data
Request export of certain account-related information

Some information may need to be retained for security, fraud prevention, tax, accounting, dispute resolution, or other legal compliance purposes.

10. Contact Information

If you have any questions about this Privacy Policy, please contact us at [email protected].

11. Legal Basis

We process the minimal required information based on legitimate interests in providing and improving the Service while maintaining user privacy and security.