Account Information

When you sign up using GitHub or Google OAuth, we collect:

• Email address (required for account identification)
• Name (optional, from your OAuth provider)
• Profile image URL (optional, from your OAuth provider)
• OAuth provider account ID (for authentication)

Usage Data

• Image generation prompts and selected attributes
• Generated images and associated metadata
• Gem usage statistics (remaining, used, purchased)
• API request logs (for debugging and rate limiting)

Payment Information

• Stripe customer ID and transaction details
• Payment amounts and transaction history
• Billing email address

Database Storage

Your data is stored in a secure PostgreSQL database with:

• Encrypted connections and data at rest
• User-specific data isolation
• Automatic data deletion when accounts are removed

Image Storage

Generated images are stored securely in AWS S3 with:

• Private access with presigned URLs (7-day expiration)
• User-specific folder organization
• Automatic cleanup of expired URLs

Authentication

We use NextAuth.js with GitHub and Google OAuth providers. These services collect and process your authentication data according to their own privacy policies.

AI Services

We use OpenAI's DALL-E 3 API for image generation. Your prompts are sent to OpenAI and processed according to their privacy policy and terms of service.

Payment Processing

We use Stripe for payment processing. Payment data is handled by Stripe according to their privacy policy and PCI compliance standards.

Cloud Storage

We use AWS S3 for image storage. Images are stored securely in AWS data centers with appropriate access controls.