Privacy Policy
This policy explains what information Grafy (“we”, “us”) collects when you use grafy.ai, how we use it, and the choices you have — including how to delete your data at any time.
Information we collect
- Account information. When you sign in with a provider (Google, Discord, GitHub, Facebook, or Hugging Face) we receive your name, email address, and profile picture from that provider. We use this to create and identify your account.
- Content you create. The prompts you write, files and documents you upload, and the images, video, audio, and text you generate or edit, together with the graph that organizes them.
- Usage & billing. Your credit balance, generation history, and subscription or purchase records. Card payments are processed by Stripe — we do not receive or store your full card number.
- Technical data. Basic logs (such as request times and errors) needed to operate and secure the service.
How we use your information
- To provide, maintain, and improve Grafy's features.
- To authenticate you and keep your account secure.
- To run the AI generations you request (some run on Google Cloud Vertex AI).
- To process payments and manage your credits and subscription.
- To send you account or generation notifications you have enabled.
How your information is shared
We do not sell your personal data. We share data only with the services needed to run Grafy:
- Sign-in providers (Google, Discord, GitHub, Facebook, Hugging Face) for authentication.
- Google Cloud to run cloud AI models on the content you submit for generation.
- Stripe to process payments.
- Where required by law, or to protect the rights and safety of users and the service.
Data retention & deletion
You can delete all of your data at any time from inside the app: Settings (gear) → Safety & privacy → Delete all my data. See the Data Deletion instructions for details, or email us.
We keep your data while your account is active. When you delete your data (or your account), we remove your sessions, generated media, library items, prompts, annotations, comments, and API keys, and reset the associated records. Some minimal billing records may be retained where required for tax and accounting purposes.
Cookies
Grafy uses a single sign-in session cookie to keep you logged in. It is not used for advertising.
Children
Grafy is not directed to children under 13 (or the minimum age in your country), and we do not knowingly collect their data.
Changes to this policy
We may update this policy from time to time. Material changes will be reflected by the “Last updated” date above.
Contact us
Questions or data requests: s-admin@grafy.ai.