Privacy Policy

This Privacy Policy explains how [COMPANY NAME] ("we", "us") handles personal data in connection with the GENER8 platform ("Service").

1. Data we process

• Account data: your email address, hashed password, role, and credit balance.
• Usage data: the prompts you submit, the media you generate, reference images you upload, and counts of your activity.
• Technical data: session cookies and basic request information needed to operate and secure the Service.

2. How we use it

We use this data to provide the Service, authenticate you, apply credit limits, display your generation history, maintain security, and operate the platform. We do not sell your personal data.

3. Third-party processors

To generate content, prompts and uploaded images are sent to our model providers — Google (Gemini / Nano Banana / Veo) and ElevenLabs (voice and music). Their handling of that data is governed by their own terms and privacy policies. Review them to understand how they process inputs.

4. Storage and retention

Account and usage data are stored on our hosting provider (Railway). Generated media and inputs are stored on the server and are automatically deleted after the retention period configured by your administrator (default 30 days). Backups of account data are retained for a limited rolling period.

5. Security

Passwords are stored only as salted hashes. Sessions use HTTP-only cookies. Access to media is restricted to its owner and administrators. No system is perfectly secure; we cannot guarantee absolute security.

6. Your rights

Depending on your jurisdiction (for example, under UK/EU GDPR), you may have rights to access, correct, or delete your personal data. Direct such requests to your administrator or to [CONTACT EMAIL].

7. International transfers

Data may be processed in countries other than your own, including by our model providers. Where required, appropriate safeguards should be put in place.

8. Contact

Privacy questions or requests: [CONTACT EMAIL].