Privacy Policy

Personal Data

Processing

Service

Subprocessor

Controller Information
Your data protection rights and how to contact us

Data Controller
APImage is the data controller responsible for the processing of your personal data in connection with our Service.

Data Protection Officer
According to the provisions of the General Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG-neu), APImage is currently not legally obliged to appoint a data protection officer, as our company does not meet the relevant thresholds and criteria for such an obligation.

Contact Information
For any questions or concerns regarding this Privacy Policy or our data protection practices, please contact us at:

Email: ask@support.apimage.org

We typically respond to privacy-related inquiries within 30 days.

Account Data

• Full name or username
• Email address
• Company or organization name (if applicable)
• User preferences and settings

Usage Data

• API usage statistics (e.g., number of calls, endpoints used)
• Counts of images processed or generated
• IP addresses and device identifiers
• Browser and operating system details
• Log files and error reports

Important: We do not store your payment card or bank details. Payments and related secure data are handled exclusively by our trusted payment processor, LemonSqueezy.

Payment Data

• Subscription plan details
• Billing and invoice history
• Payment transaction metadata

Image Data

• Images you upload for processing (transient, deleted after processing)
• AI-generated images or outputs from your inputs
• Processing logs (non-identifiable)

We do not process your information for purposes incompatible with these objectives without your explicit consent.

Your images are handled carefully with privacy and security in mind:

• Images you upload or generate are processed and stored by us or our subprocessors on disks or servers for generation, editing, analysis, and storage. They are retained only until the expiration of the retention period defined by your plan, which may be subject to change.
• By using our service and creating an account, you consent to the use of your uploaded or generated images and processing metadata for training and improving AI models. By accepting these terms and/or using our services, you provide your consent for this use, which you can withdraw at any time.
• Logs and monitoring data may include metadata about image processing events anonymized wherever possible, strictly used for system performance monitoring, usage tracking, abuse detection, and troubleshooting.
• Any files or text you upload or generate may be transmitted to an AI subprocessor for moderation to help prevent illegal or harmful conduct.

We retain personal data only as long as necessary to fulfill the purposes for which the data was collected or as required by law:

Account Data: Retained as long as your account is active. You may request deletion of your personal data at any time subject to contractual or legal retention obligations.

Usage Data and Logs: Data is retained for up to 12 months to enable effective analytics, security monitoring, and abuse prevention. Information directly associated with your account is stored for the duration that your account remains active. This may include, but is not limited to, usage data, activity history, requests made through the web application or API, and corresponding API response data. In some cases, a limited subset of data may be retained after account closure to prevent misuse of our free services.

Invoices, Billing, and Payment Records: Retained for at least 10 years to comply with German tax and accounting laws (§ 147 AO).

After expiration of applicable retention periods, personal data is securely deleted or anonymized.

To provide the Service, we collaborate with trusted subprocessors who process your data on our behalf. We ensure all subprocessors comply with GDPR via data processing agreements and necessary safeguards.

All subprocessors are carefully vetted and bound by data processing agreements that require them to protect your data to the same standard as we do.

Under GDPR, you have extensive rights regarding your personal data. To exercise these rights, please contact us at ask@support.apimage.org. We will respond promptly, and you can expect a reply within 30 calendar days in compliance with Art. 12 GDPR.

We use cookies and similar technologies to enhance your experience while using our service. These technologies help us provide a secure, functional, and efficient platform.

Essential Cookies

• Manage user sessions and authentication
• Remember language and interface preferences
• Enable core website functionality

Local Storage

We use the browser's local storage to store the following information:

• theme - Your selected UI theme (light/dark mode - no personal data is stored)
• sb-*-auth-token - Authentication token for session management (* indicates a value that may vary)
• web-vitals-extension-metrics - Performance metrics for debugging and optimization (no personal data is stored)

You can clear this data at any time through your browser settings.

We respect your privacy and do not use cookies for advertising purposes. You can manage your cookie preferences at any time through your browser settings. If we use cookies on this site that legally require an opt-out option, you will be able to manage your preferences here and in your account settings.

We use the following email service providers to manage our newsletter and transactional emails. When you subscribe to our newsletter or receive emails from us, your data may be processed by these providers in accordance with their privacy policies. We, together with our partners, may analyze email interactions, including delivery rates, open rates, link clicks, and other engagement metrics. Our partners include:

Your Email Preferences
You can manage your email preferences or unsubscribe at any time by clicking the "unsubscribe" link in any marketing email, inside your account settings or by contacting us at ask@support.apimage.org.

We implement comprehensive technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our security practices are regularly reviewed and updated to address emerging threats.

We are committed to maintaining the highest security standards. Our security practices are regularly audited and certified to meet industry standards and regulatory requirements.

Age Restrictions Apply
Our Services are not intended for children under 13 years of age.

If we discover that we have collected personal data from a child under the applicable age limit without parental consent, we will promptly delete that information from our servers.

For Parents & Guardians:
To request review, deletion, or to place restrictions on your child's personal data, please contact us at ask@support.apimage.org.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service functionality. We encourage you to review this page periodically for the latest information on our privacy practices.

Last Updated: April 1, 2026

Version History

You can review previous versions of this Privacy Policy by contacting us at ask@support.apimage.org.

For your convenience, we also maintain an archive of recent policy changes on our website. The most current version of the Privacy Policy will always be available at: https://apimage.org/privacy

Your Data Protection Rights
You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable data protection laws.

Before filing a complaint, we encourage you to contact us first at ask@support.apimage.org so we can address your concerns directly.