GDPR Compliance Statement
Last Updated: 06/10/2024
At OneirosAI, we are committed to protecting the privacy and personal data of our users in compliance with the General Data Protection Regulation (GDPR). This statement outlines our practices and the measures we take to ensure the protection of personal data for users in the European Economic Area (EEA).
1. Data Controller
OneirosAI is the data controller responsible for the processing of your personal data. If you have any questions or concerns about our data practices, you can contact us at [contact us].
2. Personal Data We Collect
We collect and process the following types of personal data:
- Contact Information: Name, email address
- Account Information: User-generated content, such as images created on our platform
- Payment Information: Processed and stored by Stripe, not by OneirosAI
- Usage Data: IP address, browser type, device information, and usage data
3. Purposes and Legal Bases for Processing
We process personal data for the following purposes based on the following legal grounds:
- To Provide and Improve Services: Necessary for the performance of a contract
- To Process Transactions: Necessary for the performance of a contract
- To Send Updates and Promotional Materials: Based on user consent
- To Manage Accounts and Provide Customer Support: Necessary for the performance of a contract
- To Enforce Terms and Prevent Fraud: Necessary for legitimate interests
4. User Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access: You can request access to your personal data.
- Right to Rectification: You can request correction of inaccurate or incomplete data.
- Right to Erasure: You can request deletion of your personal data.
- Right to Restrict Processing: You can request restriction of processing of your personal data.
- Right to Data Portability: You can request transfer of your personal data to another service provider.
- Right to Object: You can object to the processing of your personal data.
To exercise your rights, please contact us at [contact us].
5. Data Sharing
We share personal data with third parties only when necessary and under strict conditions:
- Service Providers: Such as Stripe for payment processing
- Legal Requirements: When required by law or to protect our rights
- Other Users: Images generated on our platform may be available for download by other users, except for private images created by pro users
6. Data Security
We implement technical and organizational measures to protect personal data. However, no method of transmission over the internet or electronic storage is completely secure.
7. International Data Transfers
Your personal data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different from the laws of your country.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this statement, unless a longer retention period is required or permitted by law.
9. Contact Information
If you have any questions about this GDPR Compliance Statement or our data practices, please contact us at [contact us].