Privacy Policy

Effective Date: September 21st, 2025
Last Updated: September 21st, 2025

Emilia Digital Ltd. (“Company,” “we,” “our,” or “us”), located in Israel, is committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), and Israeli privacy laws.

This Privacy Policy explains how we collect, use, store, and share your personal information when you use our services, including our eCommerce AI platform (the “Services”).

If you have questions, you may contact us at:
Email: aistudio@emilia.digital
Phone: +972 9 796 8531

Information We Collect

1.1 Account & Registration Data

Email address, username, password.
Login/session information, nonces, authentication tokens.
reCAPTCHA tokens and anti-spam honeypot fields.

1.2 Service Usage Data

Uploaded product images and AI-generated images.
Prompts, product descriptions, AI-generated text.
Metadata for each render (date, time, model used, preset, options).
History of user activity (images, text renders, presenter slots).
Subscription plan details, usage limits, and account activity logs.
We do not permanently store original uploaded source images once processing is complete, unless explicitly required for service functionality. Only AI-generated outputs and related render metadata are retained.

1.3 Technical Data

Device and browser information.
IP address and approximate geolocation (used for security, fraud prevention, analytics, and internal operational insights).
Cookies, sessionStorage, and localStorage keys.
Tracking pixels and analytics identifiers (e.g., Google Analytics, Meta/Facebook Pixel).

1.4 Payment Data

Subscription records, invoices, and billing details.
Payments are processed by third-party providers (e.g., Stripe, PayPal, WooCommerce gateways).
We do not store credit card numbers.

1.5 Remote Upload Data

Mobile upload sessions via QR code, including temporary session IDs, tokens, and attachment IDs.
These sessions are valid only for a short period (typically 10 minutes) and expire automatically.
Files uploaded this way are processed and stored like standard uploads.

1.6 Local Storage & Session Data

We use localStorage and sessionStorage on your device to temporarily save UI state (e.g., last selected presets, actions, or drafts).
These values remain only on your device and can be cleared at any time via your browser settings.

How We Use Your Information

We use your data to:

Provide and operate the Services.
Authenticate users and secure accounts.
Generate AI images, text, and product descriptions.
Store user history of renders and events.
Monitor subscription limits and entitlements.
Send account-related communications.
Process payments and manage billing.
Debug and improve our Services.
Log error messages for troubleshooting (which may occasionally contain parts of prompts or filenames).
Run analytics, retargeting, and marketing campaigns.
Comply with legal obligations.

Legal Bases for Processing (GDPR)

We rely on:

Contractual necessity – to deliver the Services you request.
Legitimate interests – to improve Services, prevent fraud, and secure our systems.
Consent – for marketing, analytics, cookies, and pixels.
Legal obligation – to comply with tax, regulatory, and compliance requirements.

Cookies & Tracking

We use cookies, pixels, and similar technologies for:

Essential platform functionality.
Usage analytics and performance tracking.
Advertising, retargeting, and marketing.

Where required by law, you will be asked for consent before non-essential cookies are placed.

Data Sharing

We may share personal data with:

Service providers (e.g., hosting, analytics, payment gateways).
AI providers (Google Gemini, OpenAI, or other vendors) to generate requested content.
Storage providers (Cloudinary, AWS, or equivalents).
Legal authorities when required by law.
Business partners where you have given consent.

We do not sell personal data.

International Transfers

Data may be transferred and processed outside Israel, the EU, or your country of residence. We ensure appropriate safeguards (Standard Contractual Clauses, adequacy decisions) are in place.

Retention

We retain data only as long as necessary:

Account and history data → until account deletion.
Billing and invoices → minimum 7 years (legal requirement).
Analytics data → up to 24 months.
LocalStorage and sessionStorage → remain on your device until cleared.

Users may request deletion at any time (subject to legal obligations).

Your Rights

Depending on your location, you may have the right to:

Access your personal data.
Request correction or deletion.
Restrict or object to processing.
Data portability.
Withdraw consent (where processing is based on consent).
Opt out of sale or sharing of personal data (CCPA).

To exercise these rights, contact: office@emilia.digital

Children’s Privacy

The Services are not directed to individuals under 16. We do not knowingly collect personal data from children.

Security

We implement industry-standard security measures, including encryption, authentication tokens, and access controls. However, no system is completely secure, and we cannot guarantee absolute security.

AI-Specific Disclosures

Uploads and prompts may be processed by third-party AI providers.
Generated content may be inaccurate, biased, or infringe third-party rights.
Users are responsible for ensuring they have the legal right to upload content and use generated results.