This Policy explains what data StripForge ("we") collects, why, and how it is processed.
Data we collect
- Account data — email, display name, hashed password or OAuth identifier.
- Content — projects, characters, prompts, generated images, exports.
- Usage — credit consumption, error logs, anonymous performance metrics.
- Billing — handled by Stripe; we receive subscription status and the last 4 digits of the card only.
Processors
- Supabase (database, authentication, file storage) — EU/US regions.
- OpenAI and Google (AI model providers) — your prompts and reference images are sent to fulfill generations. We do not authorize providers to train on your prompts where opt-out is available.
- Stripe (payments and tax/VAT compliance).
- Cloudflare (hosting and CDN).
Legal basis (EU/UK)
Contract (to provide the Service), legitimate interests (security, fraud prevention, product improvement), and consent (cookies, marketing email).
Retention
We keep your content while your subscription is active. If your subscription lapses (cancellation, failed payment, or downgrade), your content is retained for a 30-day grace period after the end of the billing period, then permanently deleted. Free accounts inactive for more than 90 days are subject to the same deletion process after warning emails. We send warning emails 7 days and 1 day before deletion so you can export or resubscribe. After account deletion we retain billing records as required by tax law and remove remaining personal data within 30 days.
Your rights
You may access, export, correct, or delete your data at any time from the Account page or by emailing contact@stripforge.com.
Cookies
We use strictly-necessary cookies for authentication and a small set of first-party analytics cookies. No third-party advertising cookies.
Contact
Data controller: StripForge. Email: contact@stripforge.com