Privacy Policy

1) Scope

This Privacy Policy explains how Fauxto Labs collects, uses, shares, and retains information when you use our AI-powered creative platform. If you do not agree, do not use the Service.

2) Categories of Data We Collect

2A) Tracking Technologies & Cookies

We use cookies, local storage, SDKs, and similar tech to operate the Service, prevent abuse, personalize, and measure product performance. This includes:

• Device & network metadata: OS, browser, screen resolution, device model, IP, language, carrier, and general location (city/region).
• Online activity: pages/screens viewed, navigation paths, session duration, referral URLs, crash and performance events.
• Communication pixels: we may record whether you open emails or click links to improve deliverability and measure engagement.

You can manage cookies in your browser/app settings. Essential cookies are required for sign in and security.

3) Special/Sensitive Data

4) Why We Use Data

• Provide, maintain, and improve the Service; render jobs; prevent abuse; bill and collect payments; provide support.
• Safety and integrity: detect policy violations, fraud, and security incidents.
• Analytics (aggregate/limited): feature usage, reliability metrics.
• Communications: service notices, updates, marketing (you can opt out of marketing).

5) Training & Model Improvement

• Default: Private User Content is not used to train foundation models.
• Optional: You may opt in to allow us to use your content to improve prompts or templates. You can opt out anytime in settings.
• Publicly shared templates or gallery items may be used to showcase or improve the Service.

6) Sharing of Information

We share data with:

• Processors/Sub‑processors: cloud hosting, storage, inference providers, analytics, email, and payments—each bound by confidentiality and data processing terms.
• Legal/Safety: to comply with law, enforce Terms, or protect rights, safety, or property.
• Corporate Events: merger, acquisition, or asset sale with notice.

7) Retention

• LoRAs & Voices: retained until you delete or your account is closed; backups purge within 30-45 days.
• Job Artifacts & Logs: 30-90 days unless needed for investigations.
• Billing Records: as required by tax/accounting law.

We minimize retention consistent with providing the Service.

8) Security

We use reasonable safeguards: encryption in transit/at rest for stored assets, key management, network isolation, logging, access controls, periodic reviews. No method is 100% secure.

Security incidents: we maintain procedures for detecting, investigating, and notifying of personal data breaches as required by law.

9) Your Rights

• US/California (CPRA): rights to know/access, delete, correct, and limit use/disclosure of sensitive info; opt out of sale/share (we don't sell).
• EU/UK (GDPR): rights to access, rectify, erase, restrict, portability, object; lodge a complaint with your supervisory authority.
• Exercising rights: email [email protected] or use in‑app tools.

9A) Your Choices

• Access & updates: manage core account fields in settings; request a full export via [email protected].
• Marketing emails: you can unsubscribe within emails or in settings. Service and transactional emails will still be sent.
• Cookies: adjust browser settings to manage categories.
• Do Not Track (CalOPPA): we do not honor DNT browser signals as there is no industry standard. However, we do honor Global Privacy Control (GPC) signals as a valid opt-out for sale/sharing of personal information under CPRA.
• Linked accounts: if you disconnect a third party integration, we stop new data flows; prior data already received may remain per this Policy.

Contact Us

Notice to European Users (GDPR/UK GDPR)