Privacy Policy

Last updated: May 5, 2025

Introduction

SVGMaker.io ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our AI-powered SVG conversion and editing service.

Information We Collect

1. Account Information

- Email address and authentication details
- Profile information (optional)
- Payment information (processed securely through Stripe)

2. Usage Data

- Images uploaded for conversion
- Generated SVGs and editing history
- Credit usage and purchase history
- User preferences and settings

3. Technical Data

- Browser type and version
- Device information
- IP address
- Usage patterns and interactions

How We Use Your Information

  • To provide and maintain our SVG conversion service
  • To process your payments and manage your credit balance
  • To improve our AI algorithms and service quality
  • To communicate with you about service updates and features
  • To detect and prevent fraudulent activity
  • To comply with legal obligations

Data Storage and Security

We store your data securely using industry-standard encryption and security measures. Your uploaded images and generated SVGs are stored in secure cloud storage and are accessible only to you unless you choose to make them public.

Payment information is processed securely through Stripe and we do not store your complete credit card information.

AI Processing

Our AI system processes your uploaded images to create SVG conversions. While this process is automated, we maintain strict security protocols to ensure your images are protected. The AI training process uses anonymized data to improve conversion quality.

Payment Processing

We use Stripe, a PCI DSS Level 1 compliant payment processor, to handle all payment transactions securely. When you make a purchase:

  • Your payment information is processed directly by Stripe and never stored on our servers
  • We only receive anonymized transaction confirmations from Stripe
  • Stripe uses industry-standard encryption and tokenization to protect your payment data
  • Credit card numbers and details are never stored in our database
  • We do not store any payment card information on our servers

For more information about Stripe's security practices, please visit: Stripe Privacy Policy

Cookies and Tracking

We use cookies and similar tracking technologies to provide and improve our service. For detailed information about our cookie usage, please see our Cookie Policy.

Third-Party Services

We integrate with several third-party services to provide our functionality:

  • Stripe: Payment processing and billing management
  • Firebase: Authentication, database, and file storage
  • Replicate: AI model hosting for SVG generation
  • Google Analytics: Website analytics and usage tracking
  • Upstash Redis: Rate limiting and caching
  • ReCAPTCHA: Spam and abuse prevention

Each service operates under their own privacy policies. We ensure all partners meet our data protection standards.

Data Retention and Deletion

We retain your data only as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Retained indefinitely for business operations
  • Generated SVGs (Paid Users): Stored indefinitely unless manually deleted by user
  • Generated SVGs (Free Users): Stored indefinitely and may appear in public gallery
  • Usage Data: Aggregated analytics data retained for up to 2 years
  • Payment Records: Retained for 7 years for tax and legal compliance
  • Support Communications: Retained for 3 years for service improvement

Data Deletion: We do not automatically delete accounts or data. Deletion requests are reviewed individually and may be denied based on business needs, legal requirements, or fraud prevention measures.

GDPR & CCPA Compliance

Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide our SVG generation and editing services
  • Legitimate Interest: To improve our service, prevent fraud, and ensure security
  • Consent: For marketing communications and optional features
  • Legal Obligation: To comply with applicable laws and regulations

Data Subject Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Opt-out of certain data processing activities
  • Right to Withdraw Consent: Revoke consent for optional processing

California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Equal service regardless of privacy choices

Refund & Licensing Policy

For detailed information about our refund policy and licensing terms for commercial and personal use of generated SVGs, please see our Refund & Licensing Policy.

Your Rights and Choices

You have several options to control your data and privacy:

  • Account Settings: Update personal information and preferences
  • Marketing Opt-out: Unsubscribe from promotional emails
  • Cookie Management: Control tracking preferences through browser settings
  • Data Access Requests: Request access to your personal data (subject to verification)
  • Data Deletion Requests: Request deletion of personal data (subject to our review and legal obligations)

Account Deletion: Account deletion requests are handled on a case-by-case basis. We reserve the right to retain accounts and data as necessary for business operations, legal compliance, and fraud prevention.

Data Export: We do not provide automated data export functionality. Data access requests will be reviewed individually and fulfilled at our discretion in compliance with applicable laws.

To exercise any of these rights, please contact our support team at info@genwave.xyz with your request and account verification. All requests are subject to identity verification and may take up to 30 days to process.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:
Email: info@genwave.xyz
Address: 2108 N ST, STE N, Sacramento, CA 95816