Privacy Policy

Effective Date: November 25, 2024

Introduction

Welcome to HeadShotlyAI ("we," "us," or "our"). Your privacy is important to us, and we are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our website www.headshotly.ai and any related services (collectively, the "Service"). It also outlines your rights under applicable data protection laws, including the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA).

By using our Service, you trust us with your personal data, and we take that responsibility seriously. We do not sell your personal data or use your images for marketing purposes. Please read this Privacy Policy carefully to understand how we handle your information.

1. Information We Collect

Personal Data We Collect

We collect only the information necessary to provide and improve our Service:

Email Address: Used for account creation, login, and communication purposes.
Photographs: Images and selfies you upload for processing by our AI to generate professional, studio-quality headshots.
Usage Data: Information automatically collected when you interact with our Service, including:
- IP Address
- Browser Type and Version
- Operating System
- Referring URLs
- Pages Visited and Actions Taken
- Date and Time of Access

Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience:

Essential Cookies: Necessary for the operation of the Service.
Analytical Cookies: Help us understand how you use the Service, so we can improve it.
Preference Cookies: Remember your preferences to provide a more personalized experience.

You can control the use of cookies through your browser settings.

2. How We Use Your Information

We use your personal data solely for the following purposes:

Service Provision and Enhancement

Processing Photographs: To generate your professional headshots using our AI technology.
Account Management: To create and maintain your account, including authentication and security measures.
Customer Support: To respond to your inquiries, troubleshoot issues, and provide technical assistance.

Communication

Transactional Emails: To send you confirmations, invoices, technical notices, updates, security alerts, and support messages.
Important Notices: To inform you about changes to our Service, terms, and policies.

We do not send marketing or promotional emails unless you have explicitly opted in.

Legal and Compliance

Legal Obligations: To comply with applicable laws, regulations, legal processes, or governmental requests.
Fraud Prevention: To monitor and prevent fraud, unauthorized transactions, and other illegal activities.
Enforcement: To enforce our Terms of Service and other agreements.

Analytics and Improvement

Usage Analysis: To analyze trends, usage, and activities to improve the functionality and user experience of our Service.

3. How We Protect Your Information

We are committed to safeguarding your personal data:

Data Encryption: All data transmission is secured using TLS 1.2 or higher. Data at rest is encrypted using AES-256 encryption.
Secure Storage: Your photographs are stored securely on our servers hosted by Amazon Web Services (AWS) with enterprise-grade security.
Access Controls: Strict access controls are in place; only authorized personnel with a legitimate need can access your data.
Regular Audits: We perform regular security assessments and audits to ensure the integrity of our systems.

Despite our efforts, no security measure is completely foolproof. We cannot guarantee absolute security, but we strive to protect your data to the best of our ability.

4. How We Share Your Information

We respect your privacy and do not sell or rent your personal data to third parties. We only share your information in the following limited circumstances:

Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Service:

Payment Processing: Stripe handles all payment transactions securely; we do not store your full payment card details.
Cloud Storage and Hosting: Amazon Web Services (AWS) securely hosts our servers and data.
Analytics: We may use analytics providers to help us understand how users interact with our Service.

All service providers are contractually obligated to protect your data and are prohibited from using it for any other purposes.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the new owner. We will notify you before your personal data is transferred and becomes subject to a different Privacy Policy.

5. International Data Transfers

Your information may be transferred to and processed in countries other than the country you reside in. These countries may have data protection laws that are different from those of your country.

For European Economic Area (EEA) Residents

When we transfer personal data outside of the EEA, we ensure it is protected by:

Standard Contractual Clauses: We use contractual provisions approved by the European Commission.
Adequacy Decisions: Transferring data to countries recognized by the European Commission as providing an adequate level of data protection.

6. Your Rights and Choices

We respect your rights regarding your personal data and provide you with access to and control over your information.

For EEA Residents (GDPR)

You have the right to:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate or incomplete data.
Erasure: Request deletion of your personal data under certain circumstances.
Restriction: Request restriction of processing your personal data.
Data Portability: Receive your personal data in a structured, commonly used format.
Objection: Object to processing your personal data for certain purposes.
Withdraw Consent: Withdraw consent at any time where we are relying on consent to process your data.

For California Residents (CCPA/CPRA)

You have the right to:

Know: Request disclosure of the categories and specific pieces of personal information we have collected.
Delete: Request deletion of your personal information, subject to certain exceptions.
Non-Discrimination: Not be discriminated against for exercising your privacy rights.

To exercise any of these rights, please contact us at support@headshotly.ai. We will respond to your request within the timeframes required by law.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Photographs: Stored securely and deleted automatically within 30 days after processing to allow for any necessary reprocessing.
Account Information: Retained as long as your account is active. If you choose to delete your account, we will delete your personal data unless required to retain it for legal obligations.

8. Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and become aware that your child has provided us with personal data, please contact us immediately at support@headshotly.ai, and we will take steps to remove that information.

9. Third-Party Links and Services

Our Service may contain links to third-party websites or services that are not owned or controlled by HeadShotlyAI. We are not responsible for the privacy practices of such third parties. We encourage you to review the privacy policies of every website you visit.

10. Do Not Track Signals

Our Service does not respond to "Do Not Track" signals. However, we respect your privacy and provide opt-out options for cookies and certain tracking technologies.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by:

Posting the updated Privacy Policy on this page.
Updating the "Effective Date" at the top of this Privacy Policy.
Sending an email notification if you have provided your email address.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

12. Your Consent

By using our Service, you consent to this Privacy Policy and agree to its terms.

13. Contact Us

Your trust is important to us. If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:

Email: support@headshotly.ai

Postal Address:

HeadShotlyAI
Wileńska 14
03-409 Warszawa, Poland

14. Additional Information

No Sale of Personal Data

We do not sell, rent, or trade your personal data to third parties for any purpose.

No Use of Images for Marketing

We respect your privacy and intellectual property. We will never use your uploaded images or generated headshots for marketing, advertising, or any purpose other than providing the Service to you.

Data Protection Officer (DPO)

If you have any concerns about your data, you may contact our Data Protection Officer at support@headshotly.ai.

Lodging a Complaint

If you are in the EEA and believe we have not complied with data protection laws, you have the right to lodge a complaint with your local supervisory authority.

Thank you for trusting HeadShotlyAI with your personal data. We are committed to protecting your privacy and ensuring that your experience with us is safe and enjoyable.

Privacy Policy

Effective Date: November 25, 2024

Introduction

1. Information We Collect

Personal Data We Collect

We collect only the information necessary to provide and improve our Service:

Email Address: Used for account creation, login, and communication purposes.
Photographs: Images and selfies you upload for processing by our AI to generate professional, studio-quality headshots.
Usage Data: Information automatically collected when you interact with our Service, including:
- IP Address
- Browser Type and Version
- Operating System
- Referring URLs
- Pages Visited and Actions Taken
- Date and Time of Access

Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience:

Essential Cookies: Necessary for the operation of the Service.
Analytical Cookies: Help us understand how you use the Service, so we can improve it.
Preference Cookies: Remember your preferences to provide a more personalized experience.

You can control the use of cookies through your browser settings.

2. How We Use Your Information

We use your personal data solely for the following purposes:

Service Provision and Enhancement

Processing Photographs: To generate your professional headshots using our AI technology.
Account Management: To create and maintain your account, including authentication and security measures.
Customer Support: To respond to your inquiries, troubleshoot issues, and provide technical assistance.

Communication

Transactional Emails: To send you confirmations, invoices, technical notices, updates, security alerts, and support messages.
Important Notices: To inform you about changes to our Service, terms, and policies.

We do not send marketing or promotional emails unless you have explicitly opted in.

Legal and Compliance

Legal Obligations: To comply with applicable laws, regulations, legal processes, or governmental requests.
Fraud Prevention: To monitor and prevent fraud, unauthorized transactions, and other illegal activities.
Enforcement: To enforce our Terms of Service and other agreements.

Analytics and Improvement

Usage Analysis: To analyze trends, usage, and activities to improve the functionality and user experience of our Service.

3. How We Protect Your Information

We are committed to safeguarding your personal data:

Data Encryption: All data transmission is secured using TLS 1.2 or higher. Data at rest is encrypted using AES-256 encryption.
Secure Storage: Your photographs are stored securely on our servers hosted by Amazon Web Services (AWS) with enterprise-grade security.
Access Controls: Strict access controls are in place; only authorized personnel with a legitimate need can access your data.
Regular Audits: We perform regular security assessments and audits to ensure the integrity of our systems.

Despite our efforts, no security measure is completely foolproof. We cannot guarantee absolute security, but we strive to protect your data to the best of our ability.

4. How We Share Your Information

We respect your privacy and do not sell or rent your personal data to third parties. We only share your information in the following limited circumstances:

Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Service:

Payment Processing: Stripe handles all payment transactions securely; we do not store your full payment card details.
Cloud Storage and Hosting: Amazon Web Services (AWS) securely hosts our servers and data.
Analytics: We may use analytics providers to help us understand how users interact with our Service.

All service providers are contractually obligated to protect your data and are prohibited from using it for any other purposes.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

Business Transfers

5. International Data Transfers

Your information may be transferred to and processed in countries other than the country you reside in. These countries may have data protection laws that are different from those of your country.

For European Economic Area (EEA) Residents

When we transfer personal data outside of the EEA, we ensure it is protected by:

Standard Contractual Clauses: We use contractual provisions approved by the European Commission.
Adequacy Decisions: Transferring data to countries recognized by the European Commission as providing an adequate level of data protection.

6. Your Rights and Choices

We respect your rights regarding your personal data and provide you with access to and control over your information.

For EEA Residents (GDPR)

You have the right to:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate or incomplete data.
Erasure: Request deletion of your personal data under certain circumstances.
Restriction: Request restriction of processing your personal data.
Data Portability: Receive your personal data in a structured, commonly used format.
Objection: Object to processing your personal data for certain purposes.
Withdraw Consent: Withdraw consent at any time where we are relying on consent to process your data.

For California Residents (CCPA/CPRA)

You have the right to:

Know: Request disclosure of the categories and specific pieces of personal information we have collected.
Delete: Request deletion of your personal information, subject to certain exceptions.
Non-Discrimination: Not be discriminated against for exercising your privacy rights.

To exercise any of these rights, please contact us at support@headshotly.ai. We will respond to your request within the timeframes required by law.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Photographs: Stored securely and deleted automatically within 30 days after processing to allow for any necessary reprocessing.
Account Information: Retained as long as your account is active. If you choose to delete your account, we will delete your personal data unless required to retain it for legal obligations.

8. Children's Privacy

9. Third-Party Links and Services

10. Do Not Track Signals

Our Service does not respond to "Do Not Track" signals. However, we respect your privacy and provide opt-out options for cookies and certain tracking technologies.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by:

Posting the updated Privacy Policy on this page.
Updating the "Effective Date" at the top of this Privacy Policy.
Sending an email notification if you have provided your email address.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

12. Your Consent

By using our Service, you consent to this Privacy Policy and agree to its terms.

13. Contact Us

Your trust is important to us. If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:

Email: support@headshotly.ai

Postal Address:

HeadShotlyAI
Wileńska 14
03-409 Warszawa, Poland

14. Additional Information

No Sale of Personal Data

We do not sell, rent, or trade your personal data to third parties for any purpose.

No Use of Images for Marketing

We respect your privacy and intellectual property. We will never use your uploaded images or generated headshots for marketing, advertising, or any purpose other than providing the Service to you.

Data Protection Officer (DPO)

If you have any concerns about your data, you may contact our Data Protection Officer at support@headshotly.ai.

Lodging a Complaint

If you are in the EEA and believe we have not complied with data protection laws, you have the right to lodge a complaint with your local supervisory authority.

Thank you for trusting HeadShotlyAI with your personal data. We are committed to protecting your privacy and ensuring that your experience with us is safe and enjoyable.