AvatarBlitz logo

AvatarBlitz

AI Image Generator

Privacy Policy for AvatarBlitz

Last Updated: 20.01.2025

Welcome to AvatarBlitz! This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and Polish RODO (ogólne rozporządzenie o ochronie danych). By using AvatarBlitz, you agree to the collection and use of your information as outlined in this policy.

1. Data Controller Information

The Data Controller responsible for your personal data is:

AvatarBlitz - created by Łukasz Starosta
Email: help@avatarblitz.com
NIP: 7282877975
Name: Łukasz Starosta
Contact: help@avatarblitz.com

For questions about this Privacy Policy or to exercise your rights, please contact us at the email above.

2. Purposes and Legal Bases for Processing

We process your personal data for the following purposes and on the corresponding legal bases:

  • Authentication and Account Management: To create and manage your account, using Supabase for authentication.
    Legal Basis: Article 6(1)(b) GDPR (Contractual Necessity).
  • Image Storage: To store user-generated images at your request.
    Legal Basis: Article 6(1)(a) GDPR (Consent).
  • Payment Processing: To process payments securely.
    Legal Basis: Article 6(1)(b) GDPR (Contractual Necessity).
  • Analytics and Service Improvement: To collect anonymized analytics data via PostHog for app functionality and improvement.
    Legal Basis: Article 6(1)(f) GDPR (Legitimate Interests).
  • Credit Management: To track credit usage and restore balances in case of errors.
    Legal Basis: Article 6(1)(b) GDPR (Contractual Necessity).

3. Types of Data We Collect

We process the following categories of personal data:

  • Account Information: Email address collected during account creation.
  • User-Generated Content: Images created by users are stored in the Supabase database, along with metadata (e.g., title, description, theme, prompt).
  • Event Data: Credit-related events (granting or spending).
  • Usage Analytics: Anonymized data related to app performance and usage patterns (via PostHog).

4. Data Recipients

We share your data only with trusted third-party service providers to deliver our services:

  • Supabase: Handles authentication and image storage.
  • Stripe: Processes payments securely.
  • PostHog: Collects anonymized analytics data for service improvement.

We ensure, but cannot guarantee that these providers comply with GDPR and RODO requirements and process data within the EU only.

5. Data Retention Periods

We retain your data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account Information and Event Data: Retained while your account is active or as required for legal or business purposes.
  • User-Generated Content: Retained until you delete it or your account is closed.
  • Usage Analytics: Retained in anonymized form for service improvement purposes.

6. Your Data Protection Rights

Under GDPR and Polish RODO, you have the following rights:

  1. Right of Access: Obtain confirmation as to whether your data is being processed and access to the data.
  2. Right to Rectification: Request corrections to inaccurate or incomplete data.
  3. Right to Erasure: Request deletion of your personal data (“right to be forgotten”).
  4. Right to Restrict Processing: Limit how your data is processed under certain circumstances.
  5. Right to Data Portability: Receive your data in a structured, machine-readable format.
  6. Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  7. Right to Withdraw Consent: Withdraw your consent for data processing at any time.

To exercise these rights, please contact us at help@avatarblitz.com.

7. Data Transfers to Third Countries

While we take steps to ensure that our third-party providers comply with GDPR and maintain high standards of data security, we cannot guarantee their full security measures. However, we ensure that no data capable of directly identifying users (e.g., email addresses, names, or payment details) is transferred to third parties beyond what is strictly necessary for providing our services.

We continuously review our data-sharing practices to prioritize user privacy and minimize the transfer of identifiable data.

8. Automated Decision-Making

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and ensure app functionality. Cookies may be used for:

  • Authentication and session management.
  • Analytics and usage data.

You can manage your cookie preferences when you enter the webpage or through your user profile.

10. Data Security Measures

We implement industry-standard security measures to protect your personal data, including:

  • Encryption: Secure data transmission using HTTPS and encrypted storage.
  • Access Controls: Restricting data access to authorized personnel only.
  • Regular Security Audits: Conducting routine assessments to identify and mitigate risks.

While we strive to protect your data, no method of electronic storage or transmission is completely secure.

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in legal or operational requirements. Significant changes will be communicated via email or app notifications.

Please review this Privacy Policy periodically for updates.

12. Contact Information

If you have questions, concerns, or wish to exercise your rights, please contact us at:

Email: help@avatarblitz.com
NIP: 7282877975
Name: Łukasz Starosta

Thank you for using AvatarBlitz!