ChromakitChromakit

Privacy Policy

Last updated: 10/1/2025

1. Introduction

Welcome to Chromakit. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our image processing application.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided via OAuth)
  • Profile picture (if provided via OAuth)
  • Authentication tokens from OAuth providers (Google, Facebook)

2.2 Images and Content

We temporarily store the images you upload for processing. Images are stored securely and are only accessible to you. We do not use your images for any purpose other than providing our image processing services.

2.3 Usage Data

We automatically collect:

  • Browser type and version
  • Operating system
  • IP address
  • Usage patterns and feature interactions
  • Error logs and performance data

3. How We Use Your Information

We use your information to:

  • Provide and maintain our image processing services
  • Authenticate your account and manage access
  • Process and store your images temporarily
  • Improve our services and develop new features
  • Send you service-related notifications
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encrypted data transmission using HTTPS/TLS
  • Secure authentication using industry-standard OAuth 2.0
  • Regular security audits and updates
  • Access controls and authentication requirements
  • Automated backups and disaster recovery procedures

Images are stored temporarily during processing and can be deleted at any time from your dashboard. We automatically delete images after 90 days of inactivity.

5. Third-Party Services

We use the following third-party services:

  • Supabase: Authentication and database services
  • Google OAuth: Optional sign-in method
  • Facebook OAuth: Optional sign-in method
  • Vercel Analytics: Privacy-friendly analytics

These services have their own privacy policies. We only share the minimum necessary information required for authentication and service functionality.

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a common format
  • Objection: Object to certain data processing activities
  • Withdraw Consent: Revoke consent for data processing

To exercise these rights, please visit our Data Deletion page or contact us at privacy@chromakit.com.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Account information: Until you delete your account or request deletion
  • Images: 90 days after last modification or until manually deleted
  • Usage logs: 12 months for security and analytics
  • Legal compliance data: As required by applicable law

8. Cookies and Tracking

We use essential cookies for authentication and session management. We also use privacy-friendly analytics that do not track individual users across websites. You can control cookie preferences through your browser settings.

9. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

10. International Data Transfers

Your data may be processed in countries outside your residence. We ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this privacy policy or how we handle your data, please contact us:

  • Email: privacy@chromakit.com
  • Data Protection Officer: dpo@chromakit.com