Back to Home

Privacy Policy

This Privacy Policy explains how ("Aterify," "we") collects and uses personal data when you use the Service.

1. Controller

Data controller: Aterify

2. Data we collect

We may collect:

  • Account data: email, authentication identifiers, profile settings.
  • Payment data: subscription status, transaction references, billing history (card data is generally handled by the payment processor, not stored by us).
  • Usage and device data: IP address, device/browser, timestamps, logs, diagnostics, fraud signals.
  • Content data: prompts, uploads, generated outputs, and related metadata (to provide your history and fulfill jobs).
  • Support data: messages you send to support.

3. How we use data (purposes)

We process data to:

  • Provide and operate the Service (job processing, account management).
  • Secure the Service (fraud prevention, rate limiting, abuse detection).
  • Process payments and manage subscriptions.
  • Provide customer support.
  • Improve performance and product quality (analytics, debugging).
  • Comply with legal obligations (accounting, lawful requests).

4. Legal bases (EEA/UK)

Where GDPR applies, we rely on:

  • Contract (Art. 6(1)(b)) to provide the Service.
  • Legitimate interests (Art. 6(1)(f)) for security, fraud prevention, and service improvement.
  • Legal obligations (Art. 6(1)(c)) for accounting and compliance.
  • Consent (Art. 6(1)(a)) where required (e.g., optional marketing cookies, if used).

5. Sharing and processors

We share personal data only as needed with:

  • Payment processors (billing and fraud controls).
  • Infrastructure/hosting providers.
  • Authentication providers (if you use OAuth).
  • AI processing vendors/model providers for running show-your-work inference jobs based on your Input (as required to generate Output).
  • Analytics/security tools (if enabled).

We do not sell your personal data.

6. International transfers

If data is transferred outside your country/EEA, we use appropriate safeguards (e.g., Standard Contractual Clauses) where required.

7. Retention

We retain personal data only as long as needed:

  • Account and service logs for security and troubleshooting.
  • Billing records as required by law.
  • Content history as long as your account is active or until you delete it, subject to technical and legal constraints.

You may request deletion as described below.

8. Your rights

Depending on location, you may have rights to:

  • access, correct, delete your data,
  • restrict or object to processing,
  • receive a copy (portability),
  • withdraw consent (where used),
  • lodge a complaint with your data protection authority.

9. Security

We use reasonable administrative, technical, and organizational measures (access controls, least-privilege, logging, encryption in transit, etc.). No system is 100% secure.

10. Cookies

We may use essential cookies for login/session and optional cookies for analytics/marketing if enabled. If required by law, we provide a cookie banner and preference controls.

11. Changes

We may update this Privacy Policy.