Privacy Policy

EGAKU AI ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform at egaku-ai.com (the "Service").

1. Information We Collect

1.1 Account Information

When you create an account, we collect your email address. If you authenticate via third-party providers (Google, Discord, GitHub, X/Twitter), we receive basic profile information (name, email, avatar) as authorized by you through those services.

1.2 Usage Data

We collect information about your interactions with the Service, including: text prompts submitted for generation, generation parameters (model, resolution, seed), credit usage and transaction history, and pages visited.

1.3 Payment Information

Payment processing is handled by Stripe, Inc. and NOWPayments (cryptocurrency). We do not store credit card numbers or bank account details on our servers. Please refer to their respective privacy policies for information on how they handle your payment data.

1.4 Device & Network Information

We may collect your IP address (for region detection and rate limiting), browser type, operating system, and device identifiers. IP-based geolocation is used to apply regional pricing and content compliance rules.

2. How We Use Your Information

3. Data Sharing & Third Parties

We do not sell your personal data. We share data only with the following categories of service providers:

4. Generated Content

• Prompts and generated images/videos are stored on our servers to provide your gallery and generation history.
• Content marked as private is accessible only to you.
• Content you publish to the public gallery is visible to all users and may be indexed by search engines.
• NSFW content published from Japan is automatically censored (mosaic) for public display in compliance with Japanese law.

5. Data Retention & Deletion

• We retain your data for as long as your account remains active.
• You can delete individual generations from your gallery at any time.
• Upon account deletion, we will remove your personal data within 30 days. Backup copies may persist for up to 90 days.
• Anonymized, aggregated data (e.g., total generation counts) may be retained indefinitely.

6. Data Security

We implement industry-standard security measures including:

• TLS encryption for all data in transit
• Encrypted database connections (Supabase)
• Row-Level Security (RLS) policies isolating user data
• API key hashing (SHA-256) for developer tokens
• Rate limiting and IP-based abuse prevention

While we take reasonable precautions, no system is completely secure. We cannot guarantee absolute security of your data.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

To exercise these rights, contact us at privacy@egaku-ai.com.

8. Cookies & Analytics

• Essential cookies: Required for authentication and session management. Always active.
• Analytics cookies: Google Analytics 4 is loaded only after explicit consent via the cookie banner. IP addresses are anonymized.
• We do not use advertising cookies or behavioral targeting.
• You can change your cookie preference at any time by clearing browser storage.

9. Children's Privacy

The Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. NSFW features are restricted to users who have completed age verification (18+).

10. International Data Transfers

Your data may be processed in countries other than your country of residence, including the United States and the European Union, where our hosting and infrastructure providers operate. We ensure appropriate safeguards are in place for cross-border data transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 14 days before they take effect. The "Last updated" date at the top reflects the most recent revision.

12. Contact