Privacy Policy

Last Updated: 11.1.2025

1. Introduction

Spayo (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, spayo.xyz, and our AI-powered design services (collectively, the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

A. Information You Provide to Us

  • Account Information: When you register for an account using Google, we collect personal information associated with your Google account, such as your full name, email address, and profile picture.
  • User Content: We collect the images you upload to the Service for redesigning.
  • Communications: If you contact us directly, we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

B. Information We Collect Automatically

  • Usage Data: We may automatically collect certain information when you access and use the Service. This information may include your IP address, browser type, operating system, and information about your activity on the Service, such as your credit balance and referral history. This is managed by our backend service provider, Supabase.

3. How We Use Your Information

We use the information we collect in various ways, including to:

  • Provide, operate, and maintain our Service.
  • Process your transactions and manage your purchases of Credits.
  • Manage your account, including creating and managing your user profile and referral code.
  • Communicate with you, either directly or through one of our partners, including for customer service and to provide you with updates and other information relating to the Service.
  • Improve, personalize, and expand our Service.

4. How We Share Your Information

We do not sell your personal information. We may share your information with third-party service providers to perform services on our behalf, under the following circumstances:

  • Google (Authentication & AI Services): We use Google’s OAuth service to create and manage your user account. To provide the core redesign feature, we send your uploaded images and text prompts to Google’s Gemini API. Google’s use of this data is subject to their own Privacy Policy.
  • Supabase (Backend Infrastructure): We use Supabase for our database, user authentication management, and backend functions. Your profile information and usage data are stored with Supabase, and their practices are governed by the Supabase Privacy Policy.
  • Stripe (Payment Processing): We use Stripe to process payments for Credit packs. We do not store your payment card details. Your payment information is provided directly to Stripe, and their use of your personal information is governed by their Privacy Policy.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities.

5. Data Security

We use commercially acceptable means to protect your Personal Information. However, remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security.

6. Data Retention

We will retain your Personal Information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

7. Your Data Rights

Depending on your location, you may have the following rights regarding your personal data:

  • The right to access, update, or delete the information we have on you.
  • The right of rectification.
  • The right to object.
  • The right of restriction.

To exercise these rights, please contact us. You can manage your personal information directly within your account settings (via your Google account).

8. Children’s Privacy

Our Service is not intended for use by anyone under the age of 18. We do not knowingly collect personally identifiable information from children under 18. If you become aware that a child has provided us with Personal Data, please contact us.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, you can contact us at [email protected].