Privacy Policy

1. Introduction

Vendos Upstager ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered image enhancement platform.

By using our service, you consent to the data practices described in this policy. If you do not agree with this policy, please discontinue use of our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Full name
• Email address
• Password (encrypted)
• Company name (if provided)

2.2 Payment Information

Payment processing is handled by Stripe. We do not store your credit card information. We only store:

• Transaction history
• Credit balance
• Purchase receipts

2.3 Neto Store Integration

When you connect your Neto store, we collect:

• Neto store URL
• Neto API key (encrypted)
• Product catalog data
• Product images

2.4 Usage Data

We automatically collect:

• IP address and location data
• Browser type and version
• Device information
• Pages visited and features used
• Images processed (metadata only)
• Usage patterns and preferences

2.5 Images and Content

We temporarily store images you upload or access through your Neto integration for the purpose of processing them with our AI models. Processed images are available for download but are not permanently stored on our servers beyond a reasonable retention period.

3. How We Use Your Information

We use your information to:

• Provide, operate, and maintain our service
• Process your images using AI models
• Manage your account and authenticate your access
• Process payments and maintain transaction records
• Communicate with you about your account and service updates
• Provide customer support
• Improve our AI models and service quality
• Analyze usage patterns to enhance user experience
• Detect and prevent fraud or abuse
• Comply with legal obligations

4. Third-Party Services

We use the following third-party services:

4.1 Supabase (Database and Authentication)

We use Supabase to store your account data, transaction history, and application data. Supabase is GDPR compliant and provides enterprise-grade security.

4.2 Stripe (Payment Processing)

All payment transactions are processed by Stripe. Your payment information is handled directly by Stripe and is subject to their privacy policy.

4.3 Google Gemini AI

We use Google's Gemini AI for certain AI-powered features, including template generation and branding analysis. Images and prompts may be processed by Google's AI services.

4.4 Cloudflare (Hosting and CDN)

Our service is hosted on Cloudflare Pages. Cloudflare may collect certain technical data for security and performance purposes.

4.5 Neto API

When you connect your Neto store, we access your store data through the Neto API. This integration is subject to Neto's privacy policy and terms of service.

5. Data Security

We implement industry-standard security measures to protect your data:

• All data transmitted is encrypted using SSL/TLS
• Passwords are hashed using industry-standard algorithms
• API keys and sensitive credentials are encrypted at rest
• Regular security audits and monitoring
• Role-based access control for our team members
• Secure data centers with physical security measures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

6.1 Account Data

We retain your account information for as long as your account is active or as needed to provide services.

6.2 Transaction Records

Financial transaction records are retained for 7 years to comply with legal and tax obligations.

6.3 Images

Uploaded and processed images are temporarily cached for performance purposes but are not permanently stored unless you explicitly save them. Cached images are automatically deleted after 30 days.

6.4 Usage Logs

Usage logs and analytics data are retained for up to 90 days for service improvement and troubleshooting purposes.

7. Your Privacy Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal obligations)
• Export: Request a machine-readable copy of your data
• Restriction: Request restriction of processing in certain circumstances
• Objection: Object to processing of your personal data
• Withdraw Consent: Withdraw consent at any time where we rely on consent

To exercise these rights, please contact us at [email protected]

8. Cookies and Tracking

We use cookies and similar tracking technologies to track activity on our service and store certain information. Cookies are files with a small amount of data that are stored on your device.

8.1 Types of Cookies We Use

• Essential Cookies: Required for authentication and basic functionality
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how you use our service

You can configure your browser to refuse cookies or alert you when cookies are being sent. However, some parts of our service may not function properly without cookies.

9. International Data Transfers

Your data may be transferred to and processed in countries other than Australia, including the United States (where our cloud infrastructure providers operate). We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

10. Children's Privacy

Our service is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our platform. Your continued use of the service after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: