Hoshinori

Privacy Policy

Effective date: April 26, 2026

Hoshinori (“we”, “us”) provides an AI image generation service that pairs a user-supplied selfie with stylized character templates. This Privacy Policy explains what we collect, how we use it, and the choices you have.

1. Information We Collect

  • Account data: email address (for magic-link sign-in).
  • Uploaded photos: selfies you submit for generation.
  • Generated images: outputs produced by the service and tied to your account.
  • Usage data: credit balance, generation history, template choices, timestamps.
  • Technical data: IP address, browser, device, and basic logs for security and debugging.
  • Payment data: handled by our payment processor; we do not store full card details.

2. How We Use Your Information

  • To authenticate you (magic-link email).
  • To generate and deliver the images you request.
  • To maintain your generation history and credit balance.
  • To prevent abuse, fraud, and policy violations.
  • To communicate service updates, billing, and support responses.

3. Third-Party Services

We share the minimum necessary data with the following providers so they can perform their function:

  • Google (Gemini API): processes your uploaded selfie to generate the requested image.
  • DigitalOcean: hosts our application and stores generated images.
  • Resend: delivers authentication emails.
  • Trigger.dev: runs background image-generation jobs.
  • Payment processor: handles topup transactions.

These providers act as data processors and are bound by their own privacy terms. We do not sell your personal data.

4. Data Retention

  • Uploaded selfies are used to generate the requested image and may be deleted after processing.
  • Generated images and metadata remain available in your history until you delete them or your account is removed.
  • Account and billing records are retained as required by law (typically up to 7 years for tax/audit purposes).

5. Your Rights

You can:

  • Access and download your data on request.
  • Delete individual generations from your history page.
  • Request account deletion, which removes your stored images and personal data (subject to legal retention).
  • Withdraw consent or object to processing where applicable.

Send requests to [email protected].

6. Security

We use HTTPS for all transport, encrypt secrets at rest, restrict database access, and follow standard practices to protect data. No system is perfectly secure; please use a unique strong email password.

7. Children

Hoshinori is not directed at children under 13 (or under 16 in jurisdictions requiring it). We do not knowingly collect data from children.

8. International Transfers

Your data may be processed on servers in Singapore, the United States, and other regions where our providers operate.

9. Changes

We may update this policy. Material changes will be communicated via email or in-app notice. The effective date above will reflect the latest version.

10. Contact

Questions: [email protected]