1. Introduction
logodetekt ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered logo detection and analytics platform ("Service").
By using the Service, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.
2. Information We Collect
2.1 Account Information
When you create an account via Google OAuth, we receive and store your name, email address, and profile picture as provided by Google. We do not receive or store your Google password.
2.2 User-Uploaded Content
We store images and videos that you upload to the Service for the purpose of logo detection and analysis. This content is stored in Amazon S3 with server-side encryption (AES-256).
2.3 Usage Data
We collect information about how you interact with the Service, including pages visited, features used, file upload counts, and processing job metadata. We use Vercel Analytics for aggregated, privacy-friendly website analytics.
2.4 Payment Information
Payment processing is handled entirely by Stripe. We do not receive, store, or have access to your full credit card number. We receive only a Stripe customer ID and subscription status to manage your account.
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service.
- Process your uploaded content for logo detection and analytics.
- Manage your account and subscription.
- Communicate with you about your account, including service updates and security alerts.
- Monitor and analyze usage patterns to improve the Service.
- Detect, prevent, and address technical issues or abuse.
4. AI Processing and Your Data
Logo detection is performed using Amazon Bedrock, a fully managed AI inference service provided by Amazon Web Services. Key privacy protections include:
- No model training on your data. Your uploaded content is never used to train, fine-tune, or improve any AI or machine learning models.
- Transient processing. Content is sent to Amazon Bedrock for real-time inference only. It is not stored by the AI model provider after processing is complete.
- Encrypted transmission. All data sent to Amazon Bedrock is encrypted in transit using TLS 1.2+.
- AWS data isolation. Processing occurs within our AWS account with full data isolation from other customers.
5. Data Storage and Security
Your data is stored and protected using the following measures:
- Encryption at rest: All files in Amazon S3 are encrypted using AES-256 server-side encryption. Database records in Supabase (hosted on AWS) are encrypted at rest.
- Encryption in transit: All connections use TLS 1.2+ encryption.
- Access controls: Row-level security (RLS) policies ensure users can only access their own data. Service-level access is restricted to authorized personnel.
- Infrastructure: The Service runs entirely on AWS infrastructure in the US East (N. Virginia) region.
6. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We may share information only in the following circumstances:
- Service providers: We use third-party services (AWS, Supabase, Stripe, Vercel) to operate the Service. These providers process data on our behalf under contractual obligations to protect your information.
- Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
- Safety: We may disclose information to protect the rights, property, or safety of the Company, our users, or the public.
- Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
7. Data Retention
We retain your account information and uploaded content for as long as your account is active. If you delete your account, we will delete your personal information and uploaded files within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records).
Processing results and analytics data associated with deleted files are also removed within 30 days of account deletion.
8. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate personal data.
- Deletion: Request deletion of your personal data and account.
- Data portability: Request your data in a structured, machine-readable format.
- Objection: Object to certain processing of your personal data.
To exercise any of these rights, contact us at privacy@logodetekt.com. We will respond to requests within 30 days.
9. Cookies and Tracking
The Service uses essential cookies required for authentication and session management. We use Vercel Analytics for aggregated, anonymous usage statistics. We do not use advertising cookies or third-party tracking pixels.
10. Children's Privacy
The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.
11. International Data Transfers
Your data is processed and stored in the United States. If you are accessing the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.
13. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, contact us at: