We believe in transparency. Here's exactly what data we collect, why we collect it, and how it's protected.
When you create a VisualAI account, we collect your name, email address, and password (stored as a secure hash). If you sign in via Google OAuth, we receive your Google profile name, email, and profile picture.
We collect information about how you use VisualAI, including the prompts you enter, images you generate, features you access, and your credit usage. This helps us improve our service and detect abuse.
All payment processing is handled by Razorpay. We store only your subscription status, plan type, and Razorpay customer/subscription IDs. We never store raw credit card numbers, CVVs, or UPI credentials.
We automatically collect your IP address, browser type, device information, pages visited, time spent, and error logs. This data is used for security, rate limiting, and service improvement.
We use your information to provide, maintain, and improve VisualAI. This includes processing your image generation requests, managing your credits, and sending transactional emails (billing receipts, welcome emails, password resets).
With your consent, we may send you product updates, feature announcements, and promotional offers. You can unsubscribe from marketing emails at any time via the unsubscribe link in each email.
We may use or disclose your information to comply with applicable Indian laws, including the Information Technology Act 2000, IT (Amendment) Act 2008, and any orders from competent courts or government authorities.
Your data is stored on secure servers. We use industry-standard encryption (TLS 1.3) for data in transit and AES-256 encryption for sensitive data at rest.
Account data is retained for the lifetime of your account plus 90 days after deletion. Generated images are retained for 12 months. Payment records are retained for 7 years as required by Indian GST regulations.
We implement rate limiting, brute-force protection, CSRF tokens, and regular security audits. However, no system is 100% secure — we encourage you to use a strong, unique password and enable two-factor authentication where available.
We share minimal data with: Razorpay (payment processing), Google (OAuth sign-in), our AI generation API provider (prompt text only, no personal data), and our hosting infrastructure provider.
We do not sell, rent, or trade your personal information to any third party for marketing purposes. VisualAI products are ad-free and we do not allow advertisers to target you based on your usage.
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our website before such a transfer occurs.
You have the right to access all personal data we hold about you. You can export your generated images and account data from your account settings at any time.
You can update your account information at any time from Settings. You may request deletion of your account and associated data by emailing privacy@visualai.in. We will process deletion requests within 30 days.
As required by the IT Act 2000, our Grievance Officer can be reached at: grievance@visualai.in. We will acknowledge grievances within 24 hours and resolve them within 30 days.
We use session cookies for authentication (NextAuth.js session tokens) and CSRF protection. These are strictly necessary and cannot be disabled without breaking core functionality.
We use privacy-respecting analytics to understand how users interact with VisualAI. These do not track you across other websites and do not use third-party advertising cookies.
VisualAI is not intended for children under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has created an account, please contact us at privacy@visualai.in and we will promptly delete the account.
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a banner on the VisualAI dashboard at least 7 days before the change takes effect. Continued use of VisualAI after the effective date constitutes acceptance of the updated policy.
Contact our Privacy Officer at privacy@visualai.in or write to us at: VisualAI, [Address], India. Grievances are acknowledged within 24 hours and resolved within 30 days as per IT Act 2000.