Privacy Policy

Effective Date: April 22, 2026
Last Updated: April 22, 2026

1. Overview

This Privacy Policy explains how Image 2 ("Image 2," "we," "us," or "our") collects, uses, stores, discloses, and otherwise processes personal data when you use our websites, applications, generation tools, billing workflows, and related services (collectively, the "Services").

Image 2 is the controller and service operator responsible for getimage2.com, the Image 2 account system, billing workflows, support intake, and AI image generation workflows unless a separate legal entity is expressly identified in a later version of this Policy.

This Policy is intended to provide a professional privacy notice for users in the United States, the European Economic Area, the United Kingdom, and other jurisdictions, but local laws may give you additional rights.

2. Categories Of Information We Collect

Depending on how you use the Services, we may collect the following categories of information:

Account Information

• name, email address, and login credentials;
• profile settings, language preferences, and account identifiers; and
• communications you send to us through support, legal, or billing channels.

Order, Billing, And Subscription Information

• subscription plan details, invoice history, and payment status;
• limited billing and transaction metadata;
• country, region, tax-related information, and business details where provided; and
• records of refunds, disputes, chargebacks, and fraud reviews.

Payment-card data is generally processed by our payment service providers, including Stripe, rather than stored in full on our own systems.

Content And Generation Data

• prompts, instructions, and other text you submit;
• images, media, and files you upload;
• generation settings such as aspect ratio, template, and model selection;
• generated outputs, including images and related creative assets; and
• records necessary to troubleshoot failed or incomplete generations.

Technical And Usage Information

• IP address, approximate location, browser type, operating system, and device information;
• logs, timestamps, error reports, and performance diagnostics;
• feature usage information, session data, and anti-abuse signals; and
• cookie or similar technology data where used for security, analytics, or service functionality.

3. How We Use Personal Data

We use personal data where necessary to:

• provide, maintain, and secure the Services;
• create and administer accounts;
• process subscriptions, credits, refunds, and billing events;
• deliver requested AI generations and store related outputs;
• investigate technical issues, suspicious activity, fraud, abuse, or policy violations;
• comply with legal obligations, law-enforcement requests, tax requirements, accounting rules, and dispute-resolution needs;
• communicate with you about service changes, support requests, legal notices, and transactional matters; and
• improve service reliability, quality, safety systems, and product operations.

We may also use limited service data for internal analytics, quality assurance, and business operations. We do not sell personal data in exchange for monetary consideration.

4. Legal Bases For Processing

Where EU, EEA, or UK data protection laws apply, we generally rely on one or more of the following legal bases:

• performance of a contract, including providing the Services you request;
• compliance with legal obligations, such as tax, accounting, sanctions, fraud, and recordkeeping requirements;
• legitimate interests, such as securing the Services, preventing abuse, improving reliability, and handling business administration; and
• consent, where consent is specifically required, such as for certain optional cookies or marketing activities.

Where we rely on consent, you may withdraw it at any time, but that will not affect processing already carried out before withdrawal.

5. AI Providers, Service Providers, And Third Parties

To operate the Services, we may share personal data with service providers and subprocessors acting on our behalf, including providers for:

• payment processing;
• cloud hosting and storage;
• customer support;
• email delivery;
• analytics and monitoring; and
• AI generation, moderation, and infrastructure services.

These providers may process prompts, uploads, configuration data, and outputs to provide the generation and support workflows you request. We may also disclose information where required by law, legal process, or to establish, exercise, or defend legal claims.

We do not permit our service providers to use your personal data for their own independent direct marketing to you through our Services.

6. Cookies And Similar Technologies

We may use cookies and comparable technologies for authentication, security, preferences, performance, analytics, and service operation. Where required by law, we will seek consent before placing non-essential cookies.

Optional analytics on Image 2 are activated only after consent. These analytics may measure model-page visits, pricing interactions, language switches, asset upload actions, and generation workflow events, but we do not send raw prompt text, email addresses, or uploaded asset URLs through that analytics layer.

You can usually control cookies through your browser settings. Some functionality may be limited if essential cookies are blocked.

7. Data Retention

We retain personal data for as long as reasonably necessary for the purposes described in this Policy, including to provide the Services, maintain business records, resolve disputes, enforce agreements, and comply with legal obligations.

As a general operational rule:

• account and billing records may be retained for the period required by tax, accounting, fraud-prevention, and legal-compliance obligations;
• support and security logs may be retained as reasonably necessary for incident investigation and abuse prevention; and
• uploaded assets and generated outputs may be retained for product delivery, account history, and support workflows, subject to our service design and retention settings at the time of use.

Retention periods may be longer where needed to defend legal claims, investigate fraud, comply with a valid legal hold, or enforce our agreements.

8. International Data Transfers

Your information may be processed in countries other than your own, including the United States and other jurisdictions where we or our service providers operate.

Where required by applicable law, we use appropriate transfer mechanisms and safeguards for cross-border data transfers, such as contractual protections or other recognized safeguards.

9. Security

We use commercially reasonable administrative, technical, and organizational measures designed to protect personal data against unauthorized access, loss, misuse, disclosure, or alteration. However, no internet or storage system can be guaranteed to be completely secure.

You are responsible for maintaining the confidentiality of your credentials and for using appropriate care when sharing information through the Services.

10. Your Privacy Rights

Depending on your location and applicable law, you may have rights that include:

• the right to know or access personal data we hold about you;
• the right to correct inaccurate personal data;
• the right to request deletion of certain personal data;
• the right to restrict or object to certain processing;
• the right to data portability, where applicable;
• the right to withdraw consent where processing is based on consent; and
• the right to lodge a complaint with a supervisory authority or regulator.

Some rights are not absolute. For example, we may deny or limit a request where retention is necessary for legal compliance, fraud prevention, security, accounting, tax obligations, or the establishment, exercise, or defense of legal claims.

To exercise applicable rights, contact support@getimage2.com. We may require verification of identity before responding.

11. Marketing Communications

If we send promotional communications, you may opt out at any time using the unsubscribe link in the message or by contacting us. We may still send transactional or service-related messages that are necessary to administer your account or the Services.

12. Children's Privacy

The Services are not directed to children under 13, and you may not use the Services if you are under the minimum age required by applicable law to enter into a binding agreement with us. If we learn that we collected personal data from a child in violation of applicable law, we will take reasonable steps to delete it.

13. Changes To This Policy

We may update this Privacy Policy from time to time to reflect product changes, legal requirements, or operational changes. If we make material changes, we will post the updated version on this page and update the effective date or last-updated date. Where required by law, we will provide additional notice.

14. Contact

For privacy, legal, or data-protection questions, contact:

• support@getimage2.com

You may also use these addresses for questions about this Policy, data requests, and complaints.