Privacy Policy

1) Scope

This Policy explains how we may collect, use, disclose, and protect information when you use Faces websites, artifacts, editors, and related services (the "Service"). This Policy does not apply to third-party services you connect or embed.

2) Information We May Collect

• Account and Contact Data: Name, email, password hashes, billing address, company, role.
• Transactional Data: Subscription plan, invoices, payments, tax IDs (processed via payment processors).
• User Content: Sites, artifacts, text, images, code, and any data you upload, including data about others you choose to include.
• Usage and Device Data: IP address, timestamps, pages viewed, referring URLs, device identifiers, browser type, crash logs, performance, and diagnostics.
• Cookies and Similar Technologies: To operate, secure, and improve the Service, remember preferences, and measure features.
• Support and Communications: Messages, feedback, and metadata.
• Inferences / AI Interactions: Prompts and outputs used to operate, secure, and improve AI features.

3) Sources

We collect information from you, from your devices, from Service integrations you enable, and from providers that help us prevent fraud, process payments, or provide infrastructure.

4) How We Use Information

We may use information to:

• Provide, operate, host, publish, and secure the Service.
• Process payments, billing, receipts, and account management.
• Personalize features; power AI tools; test and improve performance.
• Communicate with you about updates, security, and marketing (you can opt out of non-essential marketing).
• Enforce our Terms, protect rights and safety, and comply with law.
• De-identify or aggregate data for analytics and product improvement.

5) Sharing and Disclosure

We may share information with:

• Vendors/Processors: Cloud hosting, storage, analytics, customer support, email, payments, and domain providers—only as needed to perform services for us.
• Payment Processors: Your payment info is handled by processors (e.g., Stripe) under their policies; we do not store full card numbers.
• Domains/Integrations: If you connect a custom domain or third-party integration, relevant data may be shared to enable that feature.
• Legal and Safety: To comply with law, lawful requests, or protect rights, property, and safety (including addressing illegal content).
• Business Transfers: In connection with a merger, sale, financing, or acquisition.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising as defined by California law.

6) Cookies; Analytics

We use necessary cookies for security and functionality and optional cookies/SDKs for analytics and measurement. You can control cookies through browser settings; disabling essential cookies may break the Service.

7) Data Retention

We retain personal data only as long as reasonably necessary for Service operation, security, legal obligations, dispute resolution, and enforcement of agreements. Backups and logs may persist for a limited period.

8) Security

We use administrative, technical, and physical safeguards appropriate to the sensitivity of the data. No security program is perfect, and we cannot guarantee absolute security.

9) Your Choices and Rights

• Access, Correction, Deletion: You may request access to, correction of, or deletion of your personal data, subject to legal limits.
• Marketing: You can opt out of non-essential marketing communications.
• EEA/UK/Swiss Residents: Where applicable, we process personal data under lawful bases such as contract, legitimate interests (e.g., security, product improvement), legal obligation, and consent where required. You may have rights to object, restrict, port, or complain to a supervisory authority.
• California Residents: We do not sell or share personal information. You may request access or deletion subject to exceptions.

10) Children

The Service is not directed to children. We do not knowingly collect personal data from children under 13 (or older age as required by local law). If we learn we collected such data, we will delete it.

11) International Transfers

We may transfer, store, and process information in countries outside your own. Where required, we use appropriate safeguards such as Standard Contractual Clauses.

12) User Content Contains Others' Data

You are responsible for any personal data of third parties included in your User Content, including obtaining necessary consents and providing any required notices.

13) Data Controller; Contact

Perhaps, Inc. is the controller for personal data we collect through the Service.

Contact: legal@faces.app

14) Changes

We may update this Policy from time to time. Material changes will be posted, and your continued use after the effective date constitutes acceptance.