Privacy Policy

Last updated: January 2, 2026

At StudioZero, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered product photography platform.

Please read this policy carefully. By using StudioZero, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our Service.

1. Information We Collect

1.1 Information You Provide

We collect information you directly provide, including:

  • Account Information: Name, email address, and password when you create an account
  • Profile Information: Display name, company name, and other optional profile details
  • Payment Information: Billing address and payment method details (processed securely by Stripe)
  • Content: Product images you upload and configuration preferences for generation
  • Communications: Messages you send to our support team

1.2 Information Collected Automatically

When you use our Service, we automatically collect certain information:

  • Usage Data: Pages visited, features used, job history, and generation preferences
  • Device Information: Browser type, operating system, device identifiers, and screen resolution
  • Log Data: IP address, access times, and referring URLs
  • Cookies: Session cookies for authentication and preferences (see Section 7)

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your image and video generation requests
  • Process payments and manage your subscription
  • Send transactional emails (verification, password reset, receipts)
  • Respond to your support requests and communications
  • Detect, prevent, and address security issues and abuse
  • Analyze usage patterns to improve user experience
  • Comply with legal obligations

We do not use your uploaded images to train AI models. Your content is processed solely to fulfill your generation requests.

3. Third-Party Services

We use trusted third-party services to operate StudioZero. These providers have access to your information only to perform specific tasks on our behalf:

3.1 Payment Processing

Stripe processes all payments. We never store your full credit card number. Stripe's privacy policy: stripe.com/privacy

3.2 AI Processing

Replicate processes your images to generate outputs. Images are temporarily stored during processing and deleted after completion. Replicate's privacy policy: replicate.com/privacy

3.3 Cloud Storage

Amazon Web Services (AWS) stores your uploaded images and generated outputs securely. Data is encrypted at rest and in transit. AWS privacy policy: aws.amazon.com/privacy

3.4 Email Services

Resend delivers transactional emails (verification codes, password resets, receipts). Resend's privacy policy: resend.com/legal/privacy-policy

3.5 Error Monitoring

Sentry helps us identify and fix errors. Error reports may include technical information but not your personal content. Sentry's privacy policy: sentry.io/privacy

4. Data Storage and Security

4.1 Where We Store Your Data

Your data is stored on servers located in the European Union (AWS eu-west-1 region). We use industry-standard security measures including:

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Regular security audits and updates
  • Access controls and authentication
  • Automated backups with point-in-time recovery

4.2 Security Measures

While we implement robust security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using industry best practices.

5. Data Retention

We retain your information for as long as necessary to:

  • Provide the Service and maintain your account
  • Comply with legal obligations (tax records, audit requirements)
  • Resolve disputes and enforce agreements

Specific retention periods:

  • Account data: Retained while your account is active, deleted within 30 days of account deletion
  • Uploaded images: Retained while your account is active, deleted within 30 days of account deletion
  • Generated outputs: Retained while your account is active, deleted within 30 days of account deletion
  • Payment records: Retained for 7 years as required by tax law
  • Log data: Retained for 90 days for security and debugging purposes

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

6.1 Access and Portability

You can request a copy of your personal data in a structured, machine-readable format. Contact us at privacy@studiozero.app to request an export.

6.2 Correction

You can update your account information directly in your account settings, or contact us to correct inaccurate data.

6.3 Deletion

You can delete your account at any time from your account settings. This will permanently delete your account, uploaded images, generated outputs, and associated data within 30 days.

6.4 Restriction and Objection

You may request that we restrict processing of your data or object to certain processing activities. Contact us to make such requests.

6.5 Withdraw Consent

Where we rely on consent for processing, you may withdraw consent at any time. This will not affect the lawfulness of processing before withdrawal.

7. Cookies and Tracking

We use cookies and similar technologies to:

  • Essential Cookies: Maintain your session and authentication state (required for the Service to function)
  • Preference Cookies: Remember your settings and preferences

We do not use advertising cookies or sell your data to advertisers. We do not track you across other websites.

You can control cookies through your browser settings. Disabling essential cookies may prevent you from using the Service.

8. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

8.1 Legal Basis for Processing

We process your data based on:

  • Contract: To provide the Service you requested
  • Legitimate Interest: To improve the Service, ensure security, and prevent fraud
  • Legal Obligation: To comply with applicable laws
  • Consent: For optional features where you provide explicit consent

8.2 Data Controller

StudioZero is the data controller for your personal information. Contact details are provided in Section 11.

8.3 Supervisory Authority

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with all third-party providers
  • Encryption of data in transit and at rest

10. Children's Privacy

StudioZero is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately at privacy@studiozero.app.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date
  • Sending an email notification for significant changes

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@studiozero.app
General Inquiries: privacy@studiozero.app
Address: StudioZero, Giatrakou 12, Athens, 10436, Greece

For data protection inquiries, we aim to respond within 30 days.