This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use Auto AI Studio's websites and services, including our consumer web application, dealership management platform, mobile application, related APIs, and support channels (collectively, the "Service").

By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1) What we collect

We collect information that you provide directly, information collected automatically, and information from third parties.

1.1 Information you provide

Account & Profile. Name (or display name), email address, password (hashed), phone number (for dealership users), organization/dealership name (optional), and any profile details you choose to add. Consumer profiles additionally include: a unique username (publicly visible), short bio (publicly visible), optional avatar image, banner color preference, and optional social-link fields (Instagram, YouTube, TikTok, website). By creating an account, your email address is automatically added to our database and marketing communications list.

Authentication. If you sign in with Google, we receive basic account info (e.g., name, email, Google user ID) from Google OAuth to authenticate you. If you sign in with Apple, we receive an Apple identity token and (only the first time you sign in) optionally your name and a private-relay email address.

Content you upload or create. Images, videos, free-form text prompts, garage vehicle photos, source video clips, generated AI outputs, project history, and any captions, comments, profile fields, or report reasons you submit. For dealership users, this includes vehicle photos, VIN numbers, vehicle information (year, make, model, trim), and project metadata.

Per-upload rights attestation (consumer mobile, video uploads). When you upload a source video to AI Video Studio, the app records the timestamp at which you confirmed the in-product rights attestation and the exact wording you agreed to. See Section 16 and Terms of Service §22.2.

Search queries. Text you enter into in-app search fields (e.g., the Unsplash stock-photo search inside the AI Photo Studio's "Change Background" tool). See Section 18.

Community interactions. If you use community features in the consumer app, we collect: likes you give, comments you post on others' projects (publicly visible), bookmarks (private to you), follow/unfollow relationships, blocks you place on other users (private to you), and reports you submit against other users' content or comments (including the reason text you supply).

Vehicle Information (Dealership Users). When using our dealership services, you may provide or we may collect Vehicle Identification Numbers (VINs), which we decode using third-party services to obtain vehicle specifications (year, make, model, trim). VINs and associated vehicle data are stored in your dealership account.

Team & Organization Data (Dealership Users). For dealership accounts, we collect information about team members including names, email addresses, roles (admin, manager, photographer, viewer), and invite status. This information is used to manage access and permissions within your dealership.

Support & communications. Any messages, email content, or attachments you send to support.

Billing & subscription info. We do not store your full payment card numbers. Stripe processes payments and provides us with limited billing details (e.g., last4, brand, expiration month/year, billing name, and status). For dealership accounts, we also store subscription plan details, usage metrics (points consumed, images processed), and billing history.

1.2 Information collected automatically

Usage data. Features you use, actions you take, pages visited, timestamps, and performance metrics. For dealership users, this includes project creation, photo uploads, processing requests, team invitations, and subscription management activities.

Device & network data. IP address, browser type/version, device identifiers, operating system, language, referring/exit pages. For mobile app users, this may also include device model, screen size, and app version.

Mobile app data. When using our mobile applications, we may collect device motion sensor data (accelerometer, gyroscope) for camera angle detection during guided photo capture in the dealership app. This data is processed locally on your device and is not transmitted to our servers. We also collect camera permissions status, photo library access permissions, and notification preferences.

Push notification tokens. If you grant push-notification permission, the consumer mobile app obtains an Expo push token from Expo's push service. This token is a device-level identifier that we store in our database so that we can deliver notifications to your device through Expo Push. The token is removed from our database when you sign out of the app.

Crash and error telemetry. When the app encounters an error or you submit a "Report a Problem," we automatically collect diagnostic information including device model, operating-system version, app version and build number, app screen/route at the time of the error, and a short in-memory list of recent action labels (no content of your photos or prompts). This information is delivered to our error-monitoring provider (Sentry) and, for user-submitted reports, also emailed to our support team.

Location data. We do not collect precise GPS location data. However, we may derive approximate location from IP address for analytics, abuse prevention, and (for the worker proxy) regional routing.

Cookies & similar tech. Cookies, local storage, AsyncStorage and the device secure keychain (mobile apps), Cloudflare Workers KV (server-side), and similar technologies to keep you signed in, store preferences, protect your account, remember your active dealership selection, cache draft AI edits offline, and understand usage. See Cookies below.

1.3 Information from third parties

Identity providers. Google OAuth and Apple Sign-In provide your basic account information when you connect.

Payment processors. Stripe (web) provides non-sensitive billing metadata and payment status. Apple App Store In-App Purchase and Google Play Billing (mobile) provide signed transaction receipts, transaction IDs, and purchase tokens that we use to verify and provision your entitlements. We never receive your full payment-card details.

VIN decoding service (Dealership Users). We use Auto.dev API to decode Vehicle Identification Numbers. When you scan or enter a VIN, we send it to Auto.dev to retrieve vehicle specifications. Auto.dev's data collection and use is governed by their own privacy policy.

AI service providers. We use the following AI providers to deliver requested transformations:

• Google Gemini — image generation and editing, prompt rewriting, scene analysis on uploaded videos, vehicle identification and angle generation for "My Garage."
• Segmind (Seedance video model) — AI video clip generation and car-swap video generation.
• Stability AI — 4K image upscale.
• SAM3 (Segment Anything Model) — image segmentation (dealership pipeline).
• Roboflow — vehicle detection and angle classification.

These services process your content only to provide the requested feature. We configure them to minimize data retention where controls are available and do not authorize them to train their models on your content. See Section 11.

Stock photo library. Unsplash returns photo URLs, photographer names, and download-tracking URLs in response to your in-app search queries. See Section 18.

Service providers. Analytics, error monitoring, fraud prevention, hosting/CDN, database, push delivery, and email providers may supply operational signals or identifiers (e.g., request IDs, error traces). These include Supabase (database and authentication), Cloudflare (CDN, edge Workers, R2 storage, Workers KV), Render.com (server-side video normalization), Resend (transactional email and marketing list), Sentry (crash and error telemetry), and Expo Push Service (mobile push delivery).

We do not knowingly collect or request information from children under 13 (or under the minimum age in your jurisdiction). If you believe a child has provided personal information, contact us and we will delete it.

2) How we use information

We use personal information to:

Provide and improve the Service. Operate core features; run AI edits and image processing; store history and downloads; provide authentication; enable routing and caching; perform maintenance and debugging. For dealership users, this includes VIN decoding, vehicle photo processing, background removal, image categorization, team management, and subscription management.

Mobile application functionality. Enable camera features, photo capture, offline storage, background upload queue management, real-time sync, and push notifications for processing completion.

Team collaboration (Dealership Users). Facilitate multi-user access, role-based permissions, team invitations, and project sharing within dealership organizations.

Account and subscription management. Manage plans, usage quotas (points/credits), billing cycles, overage charges, and payments via Stripe. For dealership accounts, track points consumed per image processed and provide usage analytics.

Security & abuse prevention. Detect fraud, abuse, spam, and malicious activity; protect accounts and our infrastructure; enforce usage limits and prevent unauthorized access.

Communications & Marketing. When you create an account, your email address is automatically added to our database and marketing communications list. We will send you transactional notices (receipts, security alerts, service updates, processing notifications, team invitations) as well as marketing communications (product tips, announcements, promotions, new feature announcements). You can opt out of marketing emails anytime via the unsubscribe link, but you cannot opt out of essential transactional emails while your account is active.

Analytics & product research. Aggregate usage patterns to improve performance, reliability, and features. For dealership accounts, we generate analytics reports showing project volumes, processing metrics, team activity, and ROI calculations.

Legal compliance. Comply with laws; respond to lawful requests; enforce our Terms of Service; handle DMCA requests.

3) Legal bases for processing (EEA/UK only)

If you are in the EEA/UK, we process your information under these legal bases:

Contract necessity: To provide the Service and fulfill our agreement with you.

Legitimate interests: To secure and improve the Service, prevent abuse, and understand usage (balanced with your rights).

Consent: For optional cookies/marketing where required.

Legal obligation: To comply with applicable laws (tax, accounting, regulatory requests).

4) How we share information

We do not sell personal information. We share information with:

Service providers / processors. We use trusted vendors who process data on our behalf and per our instructions, including:

• Supabase — authentication, database, storage, real-time data sync.
• Cloudflare — CDN, Workers serverless functions, R2 object storage, Workers KV (entitlements/rate limits), security.
• Render.com — server-side video normalization (trimming, frame-rate alignment, first-frame extraction) for AI Video Studio uploads.
• Stripe — payments for web subscriptions (card data handled by Stripe; we receive limited billing metadata).
• Apple App Store IAP and Google Play Billing — payments for consumer mobile subscriptions and edit packs; we receive signed receipts and purchase tokens for entitlement verification.
• Resend — transactional emails (receipts, password resets, processing notifications, team invitations), moderation/report emails, support emails, and marketing-list management.
• Auto.dev — VIN decoding (dealership users).
• Google Gemini — AI image analysis, image generation, prompt rewriting, scene analysis on uploaded videos, vehicle identification.
• Segmind (Seedance video model) — AI video generation and car-swap video generation.
• Stability AI — 4K image upscale.
• Roboflow — vehicle detection and segmentation.
• Unsplash — stock photo library; receives your in-app search queries and download-tracking pings (no account data).
• Expo Push Service (operated by Expo, Inc.) — delivery channel for mobile push notifications.
• Sentry — crash and error telemetry from the mobile app and web app.
• Plausible Analytics and Google Analytics — aggregate website usage metrics.

Within your dealership organization (Dealership Users). When you are part of a dealership organization, your projects, uploaded images, and activity may be visible to other members of your dealership according to their role permissions. Admins and Managers can see all projects and team activity; Photographers can see projects they created and have access to; Viewers can only see completed projects.

Change of control. If we undergo a merger, acquisition, or asset sale, your information may be transferred subject to this Privacy Policy. We will notify you via email and/or prominent notice on our service of any change in ownership or uses of your personal information.

Legal reasons. To comply with law or valid legal process; to protect rights, property, security, or enforce our Terms; to respond to DMCA notices and counter-notices; to investigate fraud or security issues.

We require processors to use appropriate security and only process data as needed to deliver the contracted services. We do not authorize third parties to use your personal information for their own purposes.

5) Cookies and similar technologies

We use:

Essential cookies to keep you signed in, route traffic, and secure your session.

Functional/analytics to measure aggregate usage and improve our service. Specifically:

• Plausible Analytics: A privacy-friendly, GDPR-compliant analytics tool that does not use cookies, does not collect personal data, and does not track users across websites. Plausible is hosted in the EU and complies with GDPR, CCPA, and PECR. All data is aggregated and anonymous. Learn more at plausible.io/privacy-focused-web-analytics
• Google Analytics: Used for detailed traffic analysis and conversion tracking. Google Analytics may use cookies and collects data as described in Google's Privacy Policy. You can opt out using the Google Analytics Opt-out Browser Add-on

Where required by law, we implement consent controls for non-essential cookies. You can adjust browser settings to block cookies, but the Service may not work properly. Note that Plausible Analytics does not require cookie consent as it doesn't use cookies or collect personal information.

6) Data retention

Account & profile data are retained while your account is active and for a reasonable period afterward to meet legal/operational needs (e.g., billing, dispute resolution, tax compliance).

Images, prompts, and outputs you store remain in your account according to your subscription plan:

• Consumer accounts: Retention period varies by plan (e.g., 10 days for free tier, longer for paid plans). Images are automatically deleted after the retention period expires unless you download them.
• Dealership accounts: Unlimited retention—your projects and processed images remain available indefinitely while your subscription is active.

Mobile app local storage. Photos and videos captured in the mobile apps are stored locally on your device until successfully uploaded to our servers. The consumer mobile app stores its session token in the device secure keychain (iOS Keychain / Android Keystore), and other state (draft AI edit sessions, app mode, notification toggle preferences, settings cache, inspiration feed cache) in AsyncStorage. The dealership mobile app additionally uses SQLite for offline photo capture. If you uninstall an app, all local data is removed immediately.

Processing queue data. Temporary data created during image processing (intermediate files, analysis results, segmentation masks) is automatically deleted after processing completes or after 7 days, whichever comes first.

Logs and security data are kept for a limited time necessary for security, diagnostics, fraud prevention, legal compliance, and service integrity (typically 30-90 days).

Payment records are retained as required by tax and accounting laws (typically 7 years).

Team and organization data (Dealership Users). When a team member is removed from a dealership, their membership record is retained for audit purposes but marked as inactive. Projects and images they created remain accessible to the dealership organization.

We will delete or anonymize data when it is no longer needed for the purposes above, subject to legal holds.

7) Data security

We use administrative, technical, and physical safeguards to protect personal information, including encryption in transit (TLS), access controls, least-privilege practices, auditing, and network protections. No method of transmission or storage is 100% secure; if we learn of a breach affecting your personal data, we will notify you and regulators as required by law.

8) International data transfers

We are based in the United States. Your information may be transferred to and processed in the U.S. and other countries that may have different data-protection laws than your home jurisdiction. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for transfers.

9) Your rights & choices

9.1 All users

Access & update. You can access or update profile details directly in your account (web or in-app Settings).

Deletion. Consumer users can delete their account and associated content from inside the consumer mobile app using the "Delete Account" option at the bottom of the Settings screen. You may also request deletion by contacting support@autoai.studio from the email address associated with your account. Some information may be retained for legitimate purposes including fraud prevention, financial recordkeeping required by law, abuse-moderation logs, and resolution of pending DMCA or other legal claims. App Store / Google Play subscriptions must be cancelled separately in your device's Settings app; account deletion does not cancel an active platform-store subscription.

Email preferences. Opt out of non-essential emails via the unsubscribe link.

Cookies. Manage cookies in your browser. Where required, use our in-product controls.

9.2 EEA/UK residents

You may have rights to request access, rectification, erasure, portability, restriction, or objection to certain processing. You also have the right to lodge a complaint with your local supervisory authority. We will respond to verified requests as required by law.

9.3 California (CPRA) and U.S. state privacy laws

We do not sell personal information or share it for cross-context behavioral advertising as defined by CPRA. You may request:

• Access/know, correction, deletion, and information about disclosures.
• Submit requests at support@autoai.studio. We will not discriminate against you for exercising your rights.

10) Payments

Web (Stripe). Web subscriptions and dealership plans are processed by Stripe. Stripe collects and processes your payment information under its own privacy policy. We receive limited billing metadata and status from Stripe and do not store full card numbers.

Consumer mobile (Apple App Store IAP & Google Play Billing). Subscriptions and edit packs purchased inside the consumer mobile app are processed by Apple (iOS) or Google (Android). We never receive your payment-card details for these transactions. We receive a signed receipt (iOS: a JWS transaction object; Android: a purchase token) and we send that to Apple or Google to verify the purchase before granting entitlements. Apple and Google may also send us asynchronous server-to-server notifications about renewals, cancellations, refunds, and billing issues so that we can keep your entitlement state accurate. Apple's and Google's collection and use of your payment information is governed by their respective privacy policies.

11) User content, AI processing & training

Your content. You retain all ownership rights to the images, prompts, and outputs in your account. For dealership users, your organization retains ownership of all vehicle photos and processed images.

Processing. We process your content to run edits, perform background removal, categorize images, generate AI photo and video outputs, store project history, and deliver downloads. When required for a requested feature, your content (or derivative signals) may be sent to an AI provider only to perform your requested transformation. Specifically:

• Google Gemini — image generation and editing (AI Photo Studio); prompt rewriting/improvement; scene analysis on uploaded videos (motion, camera, background, detected vehicles); vehicle identification and angle generation for "My Garage."
• Segmind (Seedance video model) — AI video clip generation and car-swap video generation (consumer mobile AI Video Studio).
• Stability AI — 4K image upscale.
• SAM3 (Segment Anything Model) — vehicle segmentation and background removal (dealership pipeline).
• Roboflow — vehicle detection and angle classification.
• Unsplash — stock photo library search (receives your search query string; see Section 18).

VIN data processing. When you scan or enter a VIN number, we send it to Auto.dev API to retrieve vehicle specifications (year, make, model, trim). The VIN and decoded information are stored in your dealership account and used to automatically name projects.

Model training. We do not use your content (uploaded images, videos, prompts, garage cars, or AI outputs) to train any of our own machine-learning models. Where we rely on third-party AI tools, we configure and/or contract to prevent provider training on your content where such controls are available. However, providers may retain limited logs for abuse detection or legal compliance — see their policies:

• Google AI Privacy Policy
• Segmind Privacy Policy
• Stability AI Privacy Policy
• Roboflow Privacy Policy
• Unsplash Privacy Policy
• Auto.dev Privacy Policy

Automated content classification. The AI providers above run automated safety classifiers on your input (e.g., copyright, sexual content, depictions of minors, deepfake/likeness misuse) and may refuse to process content they flag. When that happens, we display a generic "we can't process that" message, no AI output is produced, and no edits/credits are charged. The classifiers' decisions are made by the providers; we do not retain a content-level label record beyond what is needed to display the refusal to you.

Public sharing. If you choose to share content publicly (consumer accounts only—not available for dealership users), that content may be visible to others and indexable by search engines. Dealership users cannot publish projects publicly; all content remains private to your dealership organization.

Team visibility (Dealership Users). Within your dealership organization, projects and images you create may be visible to other team members according to their role. All team members with appropriate permissions can view, process, and download images from shared projects.

12) Third-party links & services

The Service may link to or integrate with third-party websites and services (e.g., Google, Stripe, Auto.dev). We are not responsible for their practices. Review their privacy policies before providing information.

13) Mobile application specific practices

We publish two mobile apps for iOS and Android: a consumer mobile app (AI Photo Studio, AI Video Studio, "My Garage," and the community feed) and a dealership mobile app. This section applies to both unless noted.

Camera and photos. The apps request permission to access your device camera and photo library to capture and upload photos or videos. Camera access is required for photo capture (consumer + dealership) and VIN scanning (dealership). We do not access your photo library except for the specific images or videos you explicitly select.

Device sensors. The dealership app uses device motion sensors (accelerometer, gyroscope) to detect camera angle during guided photo capture. Sensor data is processed locally on your device and is not transmitted to our servers. The consumer app does not currently use motion sensors.

Local storage on your device. The apps store data locally on your device, including:

• Authentication session (in the device secure keychain — iOS Keychain / Android Keystore).
• App mode preference (consumer vs. dealership), notification toggle preferences, settings snapshot cache, inspiration feed cache, draft AI edit session state (consumer app, AsyncStorage).
• Active dealership selection (AsyncStorage).
• Captured photos and videos awaiting upload (consumer: app document directory / cache; dealership: SQLite database + document directory).
• Project metadata and upload queue status (SQLite database, dealership).

Background processing. The apps may continue uploading photos and videos in the background when you minimize the app or switch to another app. Background processing is subject to operating-system limitations.

Push notifications. With your permission, we send push notifications. The consumer app uses notifications to alert you when an AI photo edit or video clip is ready, when someone likes or comments on your published content, when a creator you follow publishes new work, and for similar in-product events. The dealership app uses notifications for processing completion and team-related activity. When you grant permission, the consumer app obtains an Expo push token (a persistent device identifier) and we store it in our database alongside your account so we can deliver notifications via Expo Push. You can disable notifications in your device settings at any time, and you can disable individual notification categories in the app's Settings screen. When you sign out, we remove the push token from our database.

Offline mode. The dealership app supports offline photo capture; photos are stored locally and automatically uploaded when connectivity returns. The consumer app keeps draft AI edit sessions locally so you can resume work on a flaky connection.

App analytics & crash telemetry. We collect aggregated usage analytics (screen views, feature usage, crashes, performance metrics) to improve the apps. We additionally send crash and error reports to Sentry, which include device model, OS version, app version, the route/screen the error occurred on, and a short list of recent in-app action labels stamped by our developers. These reports do not include the content of your photos, videos, or prompts. When you tap "Report a Problem" the same diagnostic information, plus your optional comment, is emailed to our support team via Resend.

Account deletion (consumer app). You can delete your consumer account directly from inside the app via the "Delete Account" option at the bottom of the Settings screen. Deletion removes your profile, drafts, projects, garage cars, source videos, published content, and your community interactions from active systems within a commercially reasonable time, subject to limited backup retention as described in Section 6. Subscriptions purchased via Apple App Store or Google Play must be cancelled separately by you in the device's Settings app.

14) Dealership-specific practices

If you use Auto AI Studio as part of a dealership organization, additional terms apply:

Multi-user access. Your dealership administrator controls who has access to your organization's account and what role they have (Admin, Manager, Photographer, Viewer). All projects and images belong to the dealership organization, not individual users.

Role-based permissions. What you can see and do depends on your role:

• Admin: Full access to all projects, billing, team management, and settings
• Manager: Can create projects, process images, manage team (except other Admins/Managers), and view analytics
• Photographer: Can create projects, upload photos, and process images
• Viewer: Can only view completed projects—no upload, editing, or creation permissions

Team invitations. When an Admin or Manager invites you to join a dealership, they provide your email address. We send an invitation email and create a pending invite record. You can accept or decline the invitation.

Usage tracking. We track points/credits consumed per dealership for billing purposes. Each processed image (AI mode) consumes points from your dealership's allocation. Images processed in "enhance only" mode do not consume points but are tracked separately for analytics.

Analytics dashboard. Admins and Managers can view analytics showing project volumes, photos processed, team activity, processing time, and ROI calculations. This data is aggregated and does not reveal individual user actions beyond project authorship.

Data retention after leaving. If you leave a dealership (voluntarily or removed by an admin), you lose access to that dealership's projects and images. However, projects you created remain accessible to the dealership organization. Your membership record is retained for audit purposes.

Multi-dealership users. If you belong to multiple dealerships (e.g., as a freelance photographer), each dealership's data is kept separate. You can switch between dealerships, and projects/images are filtered by your active dealership selection.

15) Children's privacy

The Service is not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we learn a child has provided personal information, we will delete it.

16) AI Video Studio data practices (consumer mobile)

This section describes data practices specific to the AI Video Studio feature in our consumer mobile application, including the "Source Video" car-swap workflow. This section supplements Sections 1, 2, 6, and 11.

16.1 Source video uploads

When you upload a source video clip for AI Video Studio, we collect and process the following:

• The video file itself (typically a short clip ≤ 20 seconds), stored in Cloudflare R2 object storage.
• Client-reported metadata: duration, dimensions, frames-per-second, optional original filename.
• Per-upload rights attestation: the timestamp at which you tapped "Continue" on the in-app confirmation screen, and the exact wording you agreed to. See Terms of Service §22.2. This record is retained for the lifetime of the corresponding clip and may be produced in response to a lawful request, DMCA notice, or App Store inquiry.
• AI scene-analysis results: structured JSON describing detected vehicles, camera motion, scene composition, etc. This analysis is performed by Google Gemini and is cached on our infrastructure so we don't re-analyze the same clip repeatedly.

16.2 Where your source video goes

Your source video and character vehicle images are sent to the following third-party processors strictly to deliver the AI Video Studio output you requested:

• Google Gemini — scene analysis (motion, camera, background, lighting, detected vehicles, license-plate detection).
• Segmind (Seedance video model) — the generation step that produces your car-swap video. Segmind performs automated content-safety screening on the inputs and refuses to process clips it classifies as copyrighted material; in those cases no Video Output is produced and no edits/credits are charged.
• Our own Render service (operated on Render.com infrastructure) for video normalization (trimming, frame-rate alignment, first-frame extraction).

We configure these providers to minimize data retention where controls are available. We do not authorize them to use your source video or generated outputs for training their own models. Providers may retain limited logs for abuse detection or legal compliance — see their respective privacy policies.

16.3 Retention of source clips

The raw uploaded source clip is deleted from our object storage shortly after successful normalization (typically within minutes). We retain a normalized version (used as the input to the AI generator) and a single extracted first-frame thumbnail for the lifetime of the underlying project, so the project history and "before/after" preview continue to work. You can delete an individual clip or your entire project at any time from within the app; deletion removes active copies from our systems, subject to the limited backup retention described in Section 6.

16.4 Character vehicle images

The "My Garage" feature lets you save reference images of a character vehicle (side profile, front three-quarter, rear three-quarter, optional interior). These images are stored in our object storage under your account and reused across any car-swap clip you generate. If you delete a garage entry, the underlying images are scheduled for removal from active storage.

16.5 Generated outputs

AI-generated video outputs ("Video Outputs") are stored in your project history under your account. You may download, share, or delete them at any time. Per Section 11, we do not use your Video Outputs to train any of our models, and we do not authorize the third-party AI providers above to use them to train theirs.

17) AI Photo Studio data practices (consumer mobile)

This section describes data practices specific to the AI Photo Studio feature in our consumer mobile application. It supplements Sections 1, 2, 6, and 11.

17.1 What you upload

• The source photo(s) you select from your camera roll or capture in-app.
• Free-form text prompts you type (for tools like Custom Prompt, Car Swap, and Prompt Improve).
• Preset selections you tap (aspect ratio, action type, sub-style, output quality).
• Reference content you choose, including character vehicle images from your own "My Garage" and stock photos from the integrated Unsplash search (see Section 18).
• Project metadata (project name, edit history).

The full source photo (at native resolution) and the prompt strings you enter are sent to the AI provider associated with the tool you used; see Section 11.

17.2 Where your photos go

• Google Gemini — most AI Photo Studio tools (Custom Prompt, Change Background, Reframe, Relight, Car Swap, Special FX, Color Grade, Drone View, Motion FX) send the source photo and your prompt to Google Gemini for generation. Where a tool uses a reference image (e.g., the selected Unsplash background, or a character car image), that image is also supplied as input.
• Stability AI — the "4K Upscale" tool sends the source photo to Stability AI's upscale model. The upscaled image is returned to us and stored under your account if you save it.

17.3 Storage and retention

Outputs you do not save are not persisted on our infrastructure beyond what is briefly needed to deliver them to your device. When you save an output as part of a Consumer Project, it is stored in our object storage (Cloudflare R2) under your account. Project drafts are also cached locally on your device (AsyncStorage) so you can resume an edit session if the app is force-closed. You can delete an individual project or image at any time from inside the app, subject to the backup retention described in Section 6.

17.4 Outputs and sharing

You own your saved AI photo outputs subject to Terms of Service §4.3. If you choose to publish a project (and optionally enable "Allow Recreation"), the published version becomes publicly viewable in the Explore feed and on your public profile, and may be used by other Auto AI Studio users as a Recreation starting point. You can unpublish at any time. See Terms of Service §4.6 and §4.6a.

18) Stock photo library (Unsplash search queries)

The AI Photo Studio includes an in-app search of the Unsplash stock photo library, which you can use to pick a background or scene reference for AI compositing.

• What we send. When you type a search, the search-query string is sent to Unsplash's search API (server-side, through our worker) so Unsplash can return matching photos. We do not send your account identity to Unsplash with the query.
• What Unsplash returns. A list of stock photos including image URLs, photographer name, and (per Unsplash's API requirements) a one-time download-tracking URL.
• Download tracking. If you select a photo from search results, our worker pings the download-tracking URL Unsplash returned (required by Unsplash's API terms). No personal information is included in that ping.
• Use as AI input. The selected photo is fetched and supplied as a reference input to our AI image-generation provider (currently Google Gemini) to produce a composite output for you.
• Unsplash's own collection. Unsplash may log search queries, IP addresses (of our server, not your device, since the call is server-side), and timing data under its own privacy policy: unsplash.com/privacy.

19) Changes to this policy

We may update this Privacy Policy from time to time. We will post the new effective date at the top. Material changes will be highlighted in-product or via email where appropriate. Your continued use of the Service after changes means you accept the updated policy.

21) Region-specific disclosures (summary)

United States. We comply with applicable U.S. federal and state privacy laws. For California/CPRA, see Section 9.3 above.

EEA/UK. We act as a controller for account/profile data and as a controller or processor for in-product content depending on the workflow. Transfers rely on appropriate safeguards (e.g., SCCs).

Other regions. Local rights may vary. Contact us to exercise rights available in your jurisdiction.