Privacy Policy
Privacy is the point. We collect the minimum we need to run the service, we hash the few identifiers we keep, we never train AI on your content, and we never sell your data. This policy explains exactly what we process, why, and the rights you have under the GDPR.
Feral Signal Limited, 20 Harcourt Street, Dublin 2, D02 H364, Ireland (company no. 814597) is the controller of your personal data. Contact our privacy team at privacy@generateporn.ai.
1.What we collect
- Account data — your email address and authentication identifiers, managed by our secure account system. You may also have a referral code.
- Generation data — the prompts, settings, and generated outputs associated with your jobs, plus mode, resolution, and timestamps. Your generated media is stored in object storage so you can access your library.
- Billing data — a record of your purchases (amount, currency, method, status) and Credits balance. Payment is handled by our processors; we do not receive or store full card or wallet credentials.
- Technical & security data — your IP address is processed for security and abuse prevention but is stored only as a salted hash, never in plain text; we also process basic device/browser information.
- Safety logs — records of blocked prompts and policy events, used to enforce our Acceptable Use Policy and cooperate with law enforcement where required.
2.What we never do
- We do not use your prompts, inputs, or outputs to train AI systems.
- We do not sell, rent, or share your personal data with advertisers or data brokers.
- We do not run advertising pixels or cross-site tracking.
- We do not store your IP address in plain text, and we do not build biometric or facial-recognition profiles.
3.Why we process data & legal bases
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Create your account & provide the service | Performance of a contract (Art. 6(1)(b)) |
| Process generations & manage Credits | Performance of a contract (Art. 6(1)(b)) |
| Process payments & keep financial records | Contract & legal obligation (Art. 6(1)(b),(c)) |
| Security, fraud & abuse prevention | Legitimate interests (Art. 6(1)(f)) |
| Enforce safety policies & report illegal content | Legal obligation & legitimate interests (Art. 6(1)(c),(f)) |
| Privacy-friendly, aggregate analytics | Legitimate interests (Art. 6(1)(f)) |
| Service & policy notifications | Contract / legitimate interests |
4.Who processes data for us
We use a small set of vetted sub-processors, each contractually limited to what they need to perform their function:
| Service | Purpose | Data |
|---|---|---|
| Secure account system | Authentication & account management | Email, auth identifiers |
| Hosting and storage services | Hosting, edge delivery, database & media storage | All service data, at rest & in transit |
| AI generation system | Running your generations | Prompt & generated media for the job |
| Payment processors | Cryptocurrency payments | Transaction & wallet data handled for payment completion |
| Telegram | Telegram Stars payments & support bot | Telegram account & payment data |
| Cookieless analytics | Aggregate, privacy-friendly analytics | No personal data / no cookies |
Each sub-processor operates under its own terms and applicable data-processing agreements. We do not grant any of them access beyond what their function requires.
5.How long we keep data
- Generations & library media are kept until you delete them or close your account.
- Account data is kept while your account is open.
- Billing & tax records are kept for as long as the law requires (typically up to 6–7 years).
- Safety & moderation logs are kept as long as needed for safety, legal, and law-enforcement purposes.
- When you delete your account, we remove your personal data within 30 days, except where retention is legally required (e.g. financial records) or necessary to investigate abuse.
6.International transfers
Some of our service partners operate outside the European Economic Area. Where personal data is transferred internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or an adequacy decision. You can ask us for details using the contact below.
7.Your rights
Under the GDPR you have the right to access, rectify, erase, restrict, or object to processing of your personal data, to data portability, and to withdraw consent where processing is based on consent. To exercise any right, email privacy@generateporn.ai or delete your account from your dashboard. We respond within one month.
You also have the right to lodge a complaint with your local supervisory authority. Our lead authority is the Irish Data Protection Commission (dataprotection.ie).
8.Security
We use encryption in transit (HTTPS/TLS) and at rest, salted hashing of IP addresses, and role-based access controls on production systems. No system is perfectly secure, so we encourage a strong, unique password. Report any suspected vulnerability to support@generateporn.ai.
9.Cookies
We use only strictly-necessary cookies (for authentication and session security) and privacy-friendly, cookieless analytics that set no tracking cookies and collect no personal data. We do not use advertising or cross-site tracking cookies. See our Cookie Notice for the full list.
10.Children
The service is strictly for adults. We do not knowingly collect data from anyone under 18. If you believe a minor has used the service, contact removals@generateporn.ai immediately and we will act.
Contact
- Privacy / data rightsprivacy@generateporn.ai
- Securitysupport@generateporn.ai
- PostalFeral Signal Limited, 20 Harcourt Street, Dublin 2, D02 H364, Ireland
We may update this policy; material changes are posted here with a new effective date.