Privacy Policy

1. Introduction

Welcome to LookArt.ai ("Platform," "we," "us," or "our"). We respect your privacy and are committed to protecting your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other international privacy regulations.

This Privacy Policy describes how we collect, use, store, and share information about you when you use our Services. By using LookArt.ai, you consent to the practices described in this Policy.

If you have questions or concerns about this Policy or our data practices, please contact us at support@lookart.ai.

2. Data We Collect

We collect different types of information depending on how you interact with our Services.

2.1 Account Data

When you create an account, we collect:

Contact Information: Name, email address, and any other information you provide during registration.
Authentication Data: If you sign up using a third-party service (e.g., Google OAuth), we receive your email, name, and profile information from that provider.
Account Preferences: Settings, language preferences, and notification preferences.

2.2 Usage Data

We collect information about how you use the Platform, including:

Pages visited, features used, and actions taken (e.g., generation tasks, template selections).
Date and time of activity.
Referral sources (how you arrived at the Platform).
Credits consumed, subscription status, and billing history.

2.3 Device and Log Data

We automatically collect technical information when you access the Platform:

Device Information: Device type, operating system, browser type and version, screen resolution.
IP Address: Your IP address and approximate geographic location (country/city level).
Log Data: Server logs, error reports, and performance metrics.

2.4 Payment Data

When you make a purchase, payment information is processed by our third-party merchant of record (e.g., Paddle, Stripe). We do not store your full credit card details. We receive limited payment data, such as:

Transaction ID, payment status, and amount.
Billing address and country.
Last four digits of your payment method (for display purposes).

Your payment information is subject to the privacy policy of the payment processor.

2.5 User Content

We collect and process the content you upload to the Platform ("User Input"), including:

Images and videos you upload for AI generation.
Text prompts or instructions you provide.
AI-generated outputs.

User Content is processed solely for the purpose of providing the Services. We may retain User Content temporarily for operational purposes and may review it for safety and moderation purposes.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds (applicable under GDPR and similar regulations):

Contractual Necessity: To provide the Services you have requested (e.g., account management, generation tasks, payment processing).
Consent: Where you have given explicit consent for specific processing activities (e.g., marketing communications, optional cookies).
Legitimate Interests: For our legitimate business interests, such as improving the Platform, preventing fraud, ensuring security, and conducting analytics—provided these interests do not override your rights.
Legal Obligation: To comply with applicable laws, regulations, or legal processes.

4. How We Use Your Data

We use the information we collect for the following purposes:

Provide and Improve Services: To operate the Platform, process generation tasks, manage your account, and improve user experience.
Process Payments: To handle billing, subscriptions, and credit purchases.
Communicate with You: To send service-related emails (e.g., account notifications, password resets), respond to inquiries, and provide customer support.
Security and Fraud Prevention: To detect and prevent abuse, fraud, and security threats.
Content Moderation: To review User Content for compliance with our Acceptable Use Policy and applicable laws.
Analytics and Research: To analyze usage patterns, measure performance, and conduct research to improve our Services (using aggregated, anonymized data where possible).
Marketing (with consent): To send promotional emails, newsletters, or updates about new features, if you have opted in. You may opt out at any time.
Legal Compliance: To comply with legal obligations, respond to lawful requests, and enforce our Terms.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and provide targeted content. Cookies are small text files stored on your device.

Types of Cookies We Use:

Essential Cookies: Required for the Platform to function (e.g., session management, authentication). These cannot be disabled.
Analytics Cookies: Help us understand how users interact with the Platform (e.g., Google Analytics, Mixpanel). These cookies collect aggregated, anonymized data.
Functional Cookies: Remember your preferences and settings.
Advertising Cookies: Used to deliver relevant ads (if applicable). You can opt out of targeted advertising via your browser settings or industry opt-out tools.

You can control cookie preferences through your browser settings. Disabling certain cookies may limit functionality.

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes described in this Policy or as required by law.

Account Data: Retained while your account is active and for a reasonable period after account closure (to comply with legal obligations and resolve disputes).
User Content: Retained temporarily for operational purposes (e.g., generation processing, moderation). Generated outputs may be stored in your account history unless you delete them. We may retain de-identified or anonymized data indefinitely for analytics.
Payment Data: Transaction records are retained as required by tax and accounting laws (typically 7–10 years).
Log Data: Server logs are retained for security and troubleshooting purposes (typically 30–90 days).

You may request deletion of your data at any time, subject to legal retention requirements.

8. Data Security

We implement industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, or destruction. These measures include:

Encryption of data in transit (HTTPS/TLS) and at rest.
Access controls and authentication requirements for internal systems.
Regular security audits and vulnerability assessments.
Secure data centers and cloud infrastructure.

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

9. International Data Transfers

LookArt.ai operates globally, and your data may be transferred to and processed in countries other than your own. These countries may have different data protection laws.

When we transfer data internationally, we implement appropriate safeguards, such as:

Standard Contractual Clauses (SCCs) approved by the European Commission (for transfers from the EU/EEA).
Ensuring that third-party processors provide adequate data protection.

By using the Services, you consent to the transfer of your data as described in this Policy.

10. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right to Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure ("Right to be Forgotten"): Request deletion of your data, subject to legal retention requirements.
Right to Restriction: Request that we limit how we use your data in certain circumstances.
Right to Data Portability: Request a copy of your data in a structured, machine-readable format.
Right to Object: Object to processing based on legitimate interests or for marketing purposes.
Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time (without affecting prior processing).
Right to Lodge a Complaint: File a complaint with your local data protection authority if you believe your rights have been violated.

To exercise any of these rights, contact us at support@lookart.ai. We will respond to your request within the timeframe required by applicable law (typically 30 days).

We may require verification of your identity before fulfilling requests.

11. Children's Privacy

The Services are not intended for use by individuals under the minimum age required by applicable law (typically 13 or 16 years old, depending on jurisdiction). We do not knowingly collect personal data from children.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@lookart.ai. We will promptly delete such data.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Services. When we make changes, we will update the "Last Updated" date at the top of this page.

If changes are material, we will provide additional notice (e.g., via email or an in-app notification). Your continued use of the Services after changes are posted constitutes acceptance of the revised Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@lookart.ai

For GDPR-related inquiries or to exercise your privacy rights, you may also contact our Data Protection Officer (if appointed) at the same email address.

This Privacy Policy is part of our commitment to transparency and data protection. We encourage you to review it periodically and contact us with any questions.