Privacy Policy
Effective Date: January 31, 2025
🔒 Our Privacy Promise
We NEVER sell your data. Ever. Your personal information, creative content, and usage patterns are never sold, rented, traded, or monetized through third parties. Your privacy is not for sale.
At CloudPix.ai ("CloudPix," "we," "our," or "us"), operated by Foothill AI, your privacy is fundamental to our mission. This Privacy Policy explains how we collect, use, protect, and never sell your information when you use our AI-powered image generation platform and services (the "Service").
1. Information We Collect
1.1 Information You Provide Directly
- Account Information: Email address, name, and profile information from Google or Apple authentication
- Creative Content: Text prompts, uploaded images, and generated artwork
- Communication: Messages you send to our support team or community features
- Payment Information: Billing details for paid services (processed securely by Stripe, never stored on our servers)
- Preferences: Theme settings, generation preferences, and customization choices
1.2 Information We Collect Automatically
- Usage Data: Features used, time spent, generation history, and interaction patterns
- Technical Data: Browser type, operating system, IP address, device identifiers, and screen resolution
- Performance Data: Loading times, error reports, and service quality metrics
- Analytics: Aggregated usage statistics to improve our Service (anonymized)
1.3 Information We Do NOT Collect
🚫 What We Don't Track
- Social media activity outside our platform
- Personal browsing history on other websites
- Private conversations or communications outside our Service
- Financial information beyond what's necessary for billing
- Biometric data or facial recognition patterns
2. How We Use Your Information
✅ How We DO Use Your Data
We use your information solely to provide, improve, and secure our Service:
- Process AI generation requests and deliver results
- Authenticate and secure your account
- Process payments and manage subscriptions
- Provide customer support and respond to inquiries
- Improve our AI models and Service quality
- Detect and prevent fraud or abuse
- Comply with legal obligations
❌ How We DON'T Use Your Data
- We NEVER sell your data to third parties
- We don't use your content for advertising targeting
- We don't share your personal information for marketing purposes
- We don't track you across other websites
- We don't use your data to build profiles for other companies
3. Data Sharing and Disclosure
3.1 We Do Not Sell Your Information
Foothill AI does not sell, rent, or trade your personal information. This includes all data categories: personal details, creative content, usage patterns, and technical information.
3.2 Limited Service Providers
We share minimal data with carefully selected service providers who help us operate our Service:
| Service Provider | Purpose | Data Shared | Privacy Protection |
|---|---|---|---|
| Google Cloud | AI processing & storage | Prompts, generated images | Enterprise-grade security, data processing agreements |
| Firebase | Authentication & hosting | Email, basic profile | Google's privacy standards, minimal data retention |
| Stripe | Payment processing | Billing information only | PCI DSS compliant, no data stored on our servers |
3.3 Legal Requirements
We may disclose information only when required by law, such as:
- Valid court orders or subpoenas
- Legal obligations to report illegal content
- Protection of our rights, property, or safety
- Prevention of fraud or security threats
4. Data Security and Protection
We implement comprehensive security measures to protect your information:
4.1 Technical Safeguards
- Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Multi-factor authentication for all team members
- Network Security: Firewalls, intrusion detection, and regular security audits
- Secure Infrastructure: Enterprise-grade cloud platforms with SOC 2 compliance
4.2 Operational Safeguards
- Regular security training for all employees
- Incident response procedures and monitoring
- Principle of least privilege for data access
- Regular penetration testing and vulnerability assessments
5. Data Retention and Deletion
5.1 Retention Periods
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Active account + 90 days after deletion | Service provision and account recovery |
| Generated Images | Active account + 30 days after deletion | Service delivery and user access |
| Usage Analytics | 24 months (anonymized) | Service improvement and performance monitoring |
| Support Communications | 36 months | Customer service quality and issue resolution |
5.2 Secure Deletion
When data reaches its retention limit or you request deletion, we securely and permanently remove it from our systems using industry-standard data destruction methods.
6. Your Privacy Rights and Controls
6.1 Universal Rights
Regardless of your location, you have the right to:
- Access: Request copies of your personal information
- Correct: Update inaccurate or incomplete data
- Delete: Request deletion of your account and data
- Export: Download your generated content and account data
- Restrict: Limit how we process your information
- Object: Opt out of certain data processing activities
6.2 How to Exercise Your Rights
Contact us at privacy@foothill.ai with your request. We'll respond within 48 hours and fulfill verified requests within 30 days.
7. Regional Privacy Laws
7.1 California Residents (CCPA/CPRA)
California residents have additional rights including:
- Right to know what personal information we collect and how it's used
- Right to delete personal information (with certain exceptions)
- Right to opt-out of the sale of personal information (not applicable - we don't sell data)
- Right to non-discrimination for exercising privacy rights
- Right to correct inaccurate personal information
7.2 European Users (GDPR)
Under GDPR, you have rights including:
- Data portability and the right to receive your data in a structured format
- Right to withdraw consent at any time
- Right to lodge a complaint with supervisory authorities
- Right to object to processing based on legitimate interests
8. Children's Privacy
Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will:
- Delete the information immediately
- Notify the parents/guardians if possible
- Implement additional safeguards to prevent future collection
For users aged 13-17, we require parental consent and provide additional privacy protections.
9. International Data Transfers
Your information may be processed and stored in the United States and other countries. We ensure appropriate safeguards for international transfers through:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions for certain countries
- Binding Corporate Rules where applicable
- Your explicit consent when required
10. Cookies and Tracking Technologies
10.1 How We Use Cookies
| Cookie Type | Purpose | Duration | Required? |
|---|---|---|---|
| Essential | Authentication, security, core functionality | Session/30 days | Yes |
| Performance | Analytics, error tracking, service improvement | 24 months | Optional |
| Preferences | Theme settings, language, user preferences | 12 months | Optional |
10.2 Cookie Management
You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality.
11. Third-Party Links and Services
Our Service may contain links to third-party websites or integrate with external services. This Privacy Policy does not apply to those external sites. We encourage you to review their privacy policies before providing any information.
12. Data Breach Notification
In the unlikely event of a data breach that affects your personal information, we will:
- Notify affected users within 72 hours of discovery
- Report to relevant authorities as required by law
- Provide clear information about what happened and steps we're taking
- Offer resources to help protect your information
- Implement additional safeguards to prevent future breaches
13. Business Transfers
If CloudPix.ai is acquired or merges with another company, your information may be transferred. We will:
- Notify you at least 30 days before any transfer
- Ensure the acquiring company honors this Privacy Policy
- Provide options to delete your account before transfer
- Maintain the same privacy protections during transition
14. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices or applicable laws. When we do:
- We'll notify you via email for material changes
- We'll post the updated policy on our website
- We'll maintain previous versions for your reference
- Continued use after changes constitutes acceptance
15. Contact Us
For privacy-related questions, concerns, or requests, please contact us:
| Contact Method | Information | Response Time |
|---|---|---|
| privacy@foothill.ai | 48 hours | |
| Data Protection Officer | dpo@foothill.ai | 72 hours |
| General Support | support@foothill.ai | 24 hours |
| Website | https://foothill.ai | - |
🔐 Our Commitment to You
Your trust is essential to our mission. We're committed to transparency, security, and putting your privacy first. If you ever have concerns about how we handle your data, please don't hesitate to reach out.