← Back to Home

Privacy Policy

How we collect, use, and protect your data

1. Data Controller

The data controller responsible for the processing of your personal data is:

Lonorix

[TODO: Street, ZIP, City, Country]

Email: privacy@lonorix.com

2. Data We Collect

Account Data

  • Email address
  • Name (if provided)
  • User ID
  • Account creation date

Payment Data

Payments are processed by Stripe. We do not store your credit card information. We only receive transaction confirmations and Stripe customer IDs for credit allocation.

Generated Content

  • Uploaded images (temporarily for processing)
  • AI prompts and generation settings
  • Generated album cover images

Usage Data

  • IP address
  • Browser type and version
  • Access times and dates
  • Pages visited
  • Error logs

3. Purpose of Processing

We process your data for the following purposes:

  • Account Management: Creating and maintaining your user account
  • Service Delivery: Generating AI album covers as requested
  • Credit System: Managing your credit balance and transactions
  • Payment Processing: Handling purchases through Stripe
  • Security: Protecting against fraud and abuse
  • Legal Compliance: Meeting regulatory requirements

4. Third-Party Services

We use the following third-party services:

Stripe

Payment processing

Stripe Privacy Policy →

Replicate

AI image generation

Replicate Privacy Policy →

Hosting Provider

Our website and data are hosted on secure servers within the EU/EEA or with providers that comply with GDPR requirements.

5. Legal Basis (GDPR)

We process your data based on the following legal grounds:

Art. 6(1)(b) GDPR – Contract Fulfillment

Processing is necessary to provide our services, including account management, credit handling, and AI image generation.

Art. 6(1)(f) GDPR – Legitimate Interest

Processing for security purposes, fraud prevention, and service improvement.

Art. 6(1)(c) GDPR – Legal Obligation

Processing required to comply with legal requirements (e.g., tax records).

6. Data Retention

We retain your data for the following periods:

  • Account data: Until account deletion or as required by law
  • Generated images: Stored for your access; deleted upon account deletion
  • Transaction records: 10 years (German tax law requirement)
  • Server logs: 30 days

7. Your Rights

Under GDPR, you have the following rights:

Right of Access

Request a copy of your personal data

Right to Rectification

Correct inaccurate personal data

Right to Erasure

Request deletion of your data

Right to Data Portability

Receive your data in a structured format

Right to Object

Object to certain processing activities

Right to Complain

Lodge a complaint with a supervisory authority

To exercise your rights, contact us at privacy@lonorix.com

8. Marketing and Data Sharing

  • We do not sell your personal data to third parties
  • We do not share your data with third-party advertisers
  • We only send service-related emails (account, transactions, security)
  • We do not engage in unsolicited marketing communications

9. Cookies

We use only essential cookies required for the service to function:

  • Session cookies: To maintain your login session
  • Security cookies: To prevent fraud and protect your account

We do not use tracking or advertising cookies.

10. Contact

For any privacy-related questions or to exercise your rights, contact us:

Email: privacy@lonorix.com

Last updated: December 2024