Privacy Policy of Paintitai LTD 

Last Updated: June 11, 2025

This Privacy Policy ("Policy") describes how Paintitai LTD ("we," "us," or "Company") collects, uses, stores, discloses, and protects personal data of users ("you" or "User") of the Paintit.ai web application at app.paintit.ai and related products and services (collectively, the "Service"). By accessing or using the Service, you agree to the terms of this Policy.

• "Personal Data" means any information relating to an identified or identifiable natural person.
• "Processing" means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.
• "Input" means any text, images, or other materials you submit to the Service.
• "Output" means the results generated by the Service based on your Input.

1. Registration Data: name, email address, date of birth (if required to verify age).
2. Payment Data: payment card details or account information, processed by Stripe, Inc. (https://stripe.com).
3. Technical Data: IP address, device identifiers, browser type, operating system, server logs.
4. Usage Data: history of images generated or modified, features used, chat interactions with AI.
5. Marketing Data: advertising identifiers, click-through and impression data.
6. Referral Data: referral codes and rewards activity.

Sources: Directly from you; automatically via cookies and similar technologies; from our advertising and affiliate partners.

We use the following categories of cookies and tracking technologies:

• Strictly Necessary Cookies: enable core functionality (authentication, security).
• Performance & Analytics Cookies: Google Tag Manager (GTM), Google Analytics 4 (GA4), Microsoft Clarity.
• Marketing Cookies: used by Meta (Facebook & Instagram), TikTok, Pinterest, and Google Ads for ad targeting.

You may manage or disable cookies via your browser settings or through the "Cookie Settings" section on our website. Although we do not respond to Do Not Track signals, when DNT is enabled we refrain from using marketing cookies.

We share Personal Data with the following categories of service providers:

1. Payment Processor:
   Stripe, Inc. (https://stripe.com)

   See Stripe's Privacy Policy sections on "Payment Data Processing," "Data Retention," and "Your Privacy Rights."
2. Advertising Platforms:
   Meta Platforms, Inc. (Facebook & Instagram) – https://www.meta.com/legal/privacy

   See sections on "Targeted Advertising," "Use of Cookies and Local Storage," and "Data Sharing with Partners."

   TikTok Inc. – https://www.tiktok.com/legal/privacy-policy

   See sections on "Personalization and Advertising," "Information Collected from Your Device," and "Third-Party Sharing."

   Pinterest, Inc. - https://policy.pinterest.com/privacy-policy

   See sections on "Ad Targeting," "Cookies and Similar Technologies," and "Sharing Information with Businesses."

   Google LLC (Google Ads) - https://policies.google.com/privacy

   See sections on "Advertising Services," "Information Google Collects," and "Data Use for Ad Personalization."
3. Affiliate Networks:
   AWIN AG - https://www.awin.com/gb/privacy-policy

   See "Tracking Technologies," "Data Collected in the Program," and "Your Rights."

   CJ Affiliate by Conversant – https://www.cj.com/privacy-policy

   See "Cookies and Tracking," "Data Use for Commissioning," and "Opt-Out Mechanisms."

   Webgains Ltd – https://www.webgains.com/legal/privacy-policy

   See "Partner Tracking," "Retention of Click and Conversion Data," and "Your Rights."

   Skimlinks Ltd – https://skimlinks.com/privacy/

   See "Link Transformation," "Data Collected," and "Data Sharing Practices."
4. Analytics Providers:
   Google Analytics 4 (GA4) – https://policies.google.com/privacy

   See sections on "Data Collection," "Use of Data," and "Data Retention."

   Microsoft Clarity – https://privacy.microsoft.com/privacystatement

   See "Usage Data Collection," "Session Recording," and "Your Privacy Choices."

When transferring data outside the European Economic Area (EEA) or the United Kingdom, we rely on Standard Contractual Clauses (SCC) or other legally recognized transfer mechanisms to ensure adequate protection.

• Account and Transaction Data: retained as long as necessary to fulfill contractual obligations and for at least one (1) year after account closure.
• Analytics and Marketing Data: retained for up to two (2) years from collection.

You have the right to:

• Access your Personal Data;
• Rectify inaccurate data or complete incomplete data;
• Erase your data ("right to be forgotten");
• Restrict processing of your data;
• Object to processing based on legitimate interests;
• Port your data in a structured, commonly used format;
• Withdraw consent at any time for processing based solely on consent.

To exercise any of these rights, please contact us at hi@paintit.ai.

We implement organizational and technical safeguards, including encryption, access controls, and regular security audits. Access to Personal Data is limited to authorized personnel only.

We may disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, to the extent permitted by law.

Consistent with our Terms of Service, we do not knowingly collect Personal Data from children under 13. Users aged 13–17 may use the Service only with parental or guardian consent.

We reserve the right to modify this Policy at any time. Material changes will be communicated at least thirty (30) days before taking effect via email and/or in-app notification.

If you have questions or concerns about this Policy or our data practices, please contact:

PAINTITAI LTD
52 Leytonstone road, London, E15 1SQ, UK
Phone: +44 7366 359241
Alternate Phone: +34 697 357 937
Email: hi@paintit.ai