Privacy Policy

Last updated: December 4, 2025

At Badola AI, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered fashion visualization service. Please read this policy carefully to understand our practices regarding your personal data.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Full name
  • Profile picture (optional, if provided via Google OAuth)
  • Password (encrypted, for email/password registration)
  • Account creation date

1.2 User Content

When you use our service, we collect and store:

  • Clothing images you upload
  • AI-generated images created from your uploads
  • Image metadata (file size, dimensions, upload date)
  • Clothing library organization (categories, names)

1.3 Usage Analytics

To improve our service and understand how users interact with Badola AI, we collect:

  • Event data: Registration, login, image generation, page views
  • IP address: For security, fraud prevention, and approximate location
  • Geolocation: Country, city, and region (derived from IP address)
  • Device information: Browser type, operating system, device type (mobile/desktop)
  • User agent: Browser and device identification string
  • Referrer: The website or source that directed you to us
  • UTM parameters: Marketing campaign tracking (utm_source, utm_medium, utm_campaign)

1.4 Onboarding Information

During the onboarding process, we ask optional questions to personalize your experience:

  • How you plan to use Badola (e-commerce, dropshipping, content creation, etc.)
  • Type of clothing you work with
  • Approximate catalog size
  • Monthly image generation needs
  • Current product photography solution
  • Monthly budget for product photos
  • How you heard about us

1.5 Payment Information

When you subscribe to a paid plan, we collect:

  • Selected subscription plan
  • Payment intent data (plan, price, token amount)
  • Transaction history

Note: We do not store your credit card numbers or full payment details. All payment processing is handled securely by our payment provider, LemonSqueezy, which maintains PCI DSS compliance.

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Service Delivery

  • Process your uploaded images through our AI models
  • Generate fashion visualizations
  • Store and organize your clothing library and generated images
  • Manage your account and subscription
  • Track token usage and billing

2.2 Service Improvement

  • Analyze usage patterns to improve features
  • Identify and fix technical issues
  • Develop new features based on user needs
  • Optimize AI model performance

2.3 Communication

  • Send account-related notifications
  • Provide customer support
  • Send service updates and announcements
  • Respond to your inquiries

2.4 Security and Fraud Prevention

  • Detect and prevent fraudulent activity
  • Monitor for unauthorized access
  • Verify user identity when necessary
  • Protect the security of our systems and users

2.5 Analytics and Business Intelligence

  • Understand user demographics and geographic distribution
  • Measure marketing campaign effectiveness
  • Analyze conversion funnels
  • Make data-driven business decisions

3. Image Processing and AI

Your images are at the core of our service. Here's how we handle them:

3.1 Image Storage

  • Uploaded and generated images are stored securely on Supabase cloud storage
  • Images are encrypted at rest and in transit
  • Each user's images are isolated and accessible only to their account

3.2 AI Processing

  • Images are sent to Replicate AI for processing
  • Processing is temporary and images are not retained by the AI provider after generation
  • Generated images are returned to us and stored in your account

3.3 AI Training

We do NOT use your uploaded images or generated content to train our AI models without your explicit consent.

3.4 Image Deletion

You can delete your images at any time from your gallery. When you delete an image, it is permanently removed from our storage. When you delete your account, all associated images are marked for deletion.

4. Information Sharing

We do not sell, trade, or rent your personal information. We share information only in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist in operating our service:

ProviderPurposeData Shared
SupabaseDatabase, authentication, file storageAccount data, images, usage data
ReplicateAI image generationImages (temporarily for processing)
LemonSqueezyPayment processingEmail, subscription plan, payment info
GoogleOAuth authenticationEmail, name (for login only)
VercelWebsite hostingIP address, request logs

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS/HTTPS) and at rest
  • Authentication: Secure password hashing and optional two-factor authentication
  • Access Control: Row-level security ensures users can only access their own data
  • Infrastructure: Hosted on secure cloud platforms (Supabase, Vercel) with SOC 2 compliance
  • Monitoring: Regular security audits and vulnerability assessments

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy:

  • Account data: Retained while your account is active
  • Images: Retained until you delete them or delete your account
  • Analytics data: Retained for up to 24 months for analysis
  • Transaction records: Retained as required by tax and accounting regulations

When you delete your account, we mark your data for deletion. Some data may be retained in backups for a limited period or as required by law.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

7.1 Access and Portability

You can access your personal information through your account settings. You may request a copy of your data in a portable format.

7.2 Correction

You can update your account information at any time through your settings.

7.3 Deletion

You can delete individual images from your gallery or delete your entire account through your settings. Account deletion is permanent and cannot be undone.

7.4 Opt-Out

You can opt out of marketing communications by contacting us. Note that you cannot opt out of essential service communications (e.g., account security, billing).

7.5 GDPR Rights (EU Users)

If you are in the European Economic Area, you have additional rights including the right to restrict processing, object to processing, and lodge a complaint with a supervisory authority.

7.6 CCPA Rights (California Users)

California residents have additional rights under CCPA, including the right to know what personal information is collected and the right to request deletion. We do not sell personal information.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential cookies: Required for authentication and security
  • Preference cookies: Remember your settings and preferences
  • Analytics cookies: Understand how you use our service

You can control cookies through your browser settings. Disabling essential cookies may prevent you from using certain features of our service.

9. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will promptly delete it. If you believe we may have information from a child under 13, please contact us.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. Our service providers operate globally, and data may be stored in the United States or other jurisdictions. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where applicable.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@badola.co

Telegram: @badola_support

Website: https://badola.co

We aim to respond to all inquiries within 30 days.