Privacy Policy

1. Introduction

GenPrinting ("we", "us", or "our") values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI-powered poster generation and printing service.

By using GenPrinting, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect different types of information to provide and improve our service:

2.1 Account Information

• Email address
• Automatically generated account ID
• Google account details if you sign in with Google (name, email, profile picture)

2.2 AI-Generated Content

• Text prompts you provide to generate images
• Generated and upscaled images stored in your account

2.3 Order Information

• Shipping address and contact details
• Order history and product preferences

2.4 Payment Information

Payment card details are processed securely by Stripe. We do not store your payment card information on our servers.

2.5 Technical and Analytics Data

• IP address (used for security and rate limiting)
• Browser type, device information, and session data
• Anonymous page views and performance metrics via Vercel Analytics
• Credit usage data

3. How We Use Your Information

We use your data to:

• Provide our service: Generate AI images, process orders, and fulfill print orders
• Process payments: Complete transactions securely through Stripe
• Fulfill orders: Send your design to our print partner (Gelato) for production and shipping
• Send notifications: Order confirmations, shipping updates, and service-related emails
• Prevent abuse: Enforce wallet credits and anti-abuse throttles to maintain service quality
• Improve our service: Analyze anonymous usage patterns to enhance user experience
• Provide customer support: Respond to inquiries and resolve issues
• Comply with legal obligations: Maintain records as required by law

We may also use de-identified, aggregate data to improve our service. This data cannot identify individual users, and we never use your specific prompts or images for marketing without your consent.

4. Third-Party Services

We use trusted third-party services to operate GenPrinting. Each processes data according to their own privacy policies:

• Supabase– Authentication, database, and file storage. Supabase Privacy Policy
• Stripe– Payment processing (card details never touch our servers). Stripe Privacy Policy
• Gelato– Print fulfillment and shipping (receives your address and image after payment). Gelato Privacy Policy
• fal.ai – AI image generation and upscaling. fal.ai Privacy Policy
• Resend– Transactional emails (magic links, order confirmations, shipping updates). Resend Privacy Policy
• Cloudflare– Turnstile bot protection on the sign-in page. Cloudflare Privacy Policy
• Vercel – Hosting and anonymous analytics. Vercel Privacy Policy
• Upstash Redis– Temporary rate-limiting counters for abuse prevention. Upstash Privacy Policy

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We only share data as necessary to provide our services:

• Service providers: Shared with third-party services listed above to operate our platform
• Legal requirements: Disclosed if required by law, court order, or government request
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner
• With your consent: Any other sharing requires your explicit permission

6. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest
• Access controls: Row-level security policies ensure you can only access your own data
• Authentication: Secure authentication via Supabase Auth with magic links or Google OAuth
• Regular monitoring: Automated systems monitor for suspicious activity
• Limited access: Only authorized personnel can access systems containing personal data

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

7. Cookies and Tracking

We use the following cookies and local storage:

• Authentication and security cookies to maintain your login session (essential)
• Vercel Analytics and Speed Insights for anonymous performance monitoring (no personal data)

We do not use advertising cookies or third-party tracking pixels.

8. Data Retention

We retain your data as follows:

• Account data: Retained for the lifetime of your account. Contact us at support@genprinting.com to request account deletion
• Generated images: Stored indefinitely unless you delete them
• Order history: Retained for 7 years for legal and accounting purposes
• Payment records: Maintained by Stripe according to their retention policy
• Credit and anti-abuse counters: Retained according to operational and fraud-prevention needs
• Analytics data: Anonymous data retained indefinitely for service improvement

9. Your Privacy Rights

Under UK GDPR, you have the right to:

• Access a copy of your personal data
• Correct incorrect or incomplete data
• Request deletion of your account and data (subject to legal retention requirements)
• Receive your data in a portable format
• Object to or restrict certain processing of your data
• Withdraw consent at any time
• Lodge a complaint with the ICO (Information Commissioner's Office)

To exercise your rights, contact us at support@genprinting.com. We aim to respond within 7 business days. Under UK GDPR we must respond without undue delay and in any event within one calendar month of your request (we may extend this by up to two further months in complex cases, and we will tell you if that applies).

10. Children's Privacy

GenPrinting is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately and we will delete such information.

11. International Data Transfers

Some of our third-party service providers (listed in Section 4) may process data outside the UK. All providers comply with applicable data protection regulations.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

• Posting the updated policy on this page
• Updating the "Last Updated" date at the top

Your continued use of GenPrinting after changes become effective constitutes acceptance of the updated policy.

13. ICO registration

PD DIGITAL LTD is registered with the UK Information Commissioner's Office (ICO) as a data controller and pays the data protection fee. Registration reference: ZC108289. View our entry on the ICO register

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us: