PRIVACY
This Privacy Policy explains how loomadesign collects, uses, shares, stores, and protects information when you visit the website, create an account, upload content, generate assets, manage subscriptions, or contact support.
loomadesign is operated by RuiBin Yang, who is responsible for privacy-related matters.
Operator: RuiBin Yang
Contact: [email protected]
Location: Hong Kong, China
For privacy-related requests, we aim to respond within 30 days.
We collect account, content, billing, and technical information needed to provide the service.
Account information: email address, encrypted password, and account creation details.
Content information: uploaded images, text prompts, generated outputs, project names, and saved assets.
Billing information: subscription status, credit balance, and payment records. We do not store full credit card details because payments are processed by Stripe.
Technical information: IP address, browser type, device information, access times, pages viewed, and error logs.
We use your information to deliver the product, process payments, secure the platform, and improve performance.
To provide and maintain the service, including account management, image generation, result delivery, and asset access.
To process payments, prevent fraud, and manage refunds, billing, and subscriptions.
To improve product quality, diagnose technical issues, and communicate with you about your account, updates, or support requests.
To comply with legal, tax, and accounting obligations.
This is an important limitation on how we use your content.
We do not use your uploaded images, text prompts, or generated outputs to train, fine-tune, or improve our underlying artificial intelligence models.
Your data is used only to generate, edit, or process the results you requested.
For users in the European Economic Area, we rely on applicable GDPR legal bases.
Contract performance: to provide the service you requested or subscribed to.
Legitimate interests: for fraud prevention, service security, and product improvement.
Consent: where required, such as certain cookies or marketing communications.
Legal obligation: for tax, accounting, and regulatory recordkeeping.
We do not sell personal information. We share data only with processors necessary to operate the service.
Stripe, Inc. (USA): payment processing and subscription management.
Cloudflare, Inc. (USA): website security and performance optimization.
Google LLC (USA) and Alibaba Group (Singapore): image processing through Google Gemini and Qwen services.
Supabase Inc. (USA) and Vercel Inc. (USA): data storage and website hosting.
These providers are expected to process data only for our service purposes and in line with applicable law.
Different data categories are retained for different periods.
Account information: until you delete your account or up to 3 years after the last activity.
Uploads and generated images: 30 days for free users; for paid users, assets are generally retained until manually deleted. If you upgrade later, only content generated during the paid period follows paid retention behavior; expired free-period assets cannot be recovered.
Billing records: 7 years where required by law.
Server logs: typically 12 months.
Your information may be processed in multiple countries or regions.
Processing locations may include the United States, European Union, Hong Kong, Singapore, or other regions where our providers operate.
For transfers from the EEA, we rely on safeguards such as Standard Contractual Clauses approved by the European Commission.
Depending on your location, you may have rights to access, correct, delete, restrict processing, receive your data, or withdraw consent.
To exercise these rights, contact [email protected].
We handle requests within the scope and timeframes required by applicable law.
We use reasonable technical and organizational measures to protect information.
These measures include standard security practices such as encrypted transmission (TLS) and protection of stored data.
Our service is not intended for children under 13, and we do not knowingly collect personal information from children under 13.
We may update this Privacy Policy from time to time.
Your continued use of the service after policy changes constitutes acceptance of the updated version.
If you have questions about this Privacy Policy, contact [email protected].