This policy explains what data posemyphoto collects, how we use it, and your rights.
What we collect
Account data (email, hashed password, name, locale preference); reference photos you upload (used only to generate your portraits); generation metadata (prompt text, timestamps, Stripe customer ID for billing). We do not collect biometric profiles for any purpose other than serving your generation requests.
Cookies
We set a session cookie to keep you signed in and a CSRF token cookie. Both expire when you sign out or after 30 days of inactivity. We do not use third-party advertising trackers.
Third parties
We share the minimum data necessary with: Stripe (payment processing), our image generation provider APIMart (the prompt and reference image URLs), and OpenAI (only to check that uploads contain a face, when configured). These providers act as data processors.
Retention & deletion
Reference photos and generated images are retained until you delete them or your account. You can request full account deletion by emailing the address below; we honor it within 30 days.
Your rights
Subject to applicable law (GDPR / CCPA / etc.), you may request access, correction, portability, or deletion of your personal data.
Contact
cokiss@foxmail.com