Privacy Policy

Your selfies are personal, and we treat them that way. The key points:

• We use your uploaded face photos only to generate the photos you requested — never to train models for others, sell to advertisers, or share beyond the processors listed below.
• Your photos are stored in private, access-controlled storage. They are never publicly accessible.
• You can delete your uploads and your account at any time from your account settings, and we will wipe your data from active storage.
• We rely on a small set of trusted service providers to run the Service; each is listed below with a description of what they receive.
• Calibre is for adults 18 and older only.

The full details are below. If anything is unclear, email legal@caliber.photos.

The data controller responsible for your personal data is [PLACEHOLDER — legal entity name, e.g. Calibre Labs Inc.], a company incorporated in [PLACEHOLDER — state/country of incorporation].

You can contact us about privacy at any time by emailing legal@caliber.photos or by writing to [PLACEHOLDER — mailing address].

If you are in the European Economic Area (EEA), we may be required to appoint an EU representative. [PLACEHOLDER — add EU representative details if applicable to your user base].

We collect the following categories of personal data. We aim to collect only what we genuinely need to provide the Service:

• Account information — your name, email address, and password (stored hashed) when you sign up. If you use Google Sign-In, we receive your name and email from Google.
• Face and body photos (Uploads) — the selfies and full body shot you provide so we can generate your gallery. These images may constitute biometric data (including facial geometry identifiers). See Section 3 for how we use them.
• Generated photos (Outputs) — the AI-generated images we produce for you, stored in your private gallery.
• Subscription and billing metadata — your subscription plan, billing dates, credit balance, and billing events. Payment card details are handled entirely by Dodo Payments (our Merchant of Record); we receive only confirmation of successful payment. We never see or store your full card number or CVV.
• Usage data — pages visited, features used, scenes selected, generation count, browser type, device type, and approximate geographic location inferred from your IP address.
• Log data — server logs including IP addresses, timestamps, and error information, retained for security monitoring and debugging.
• Communications — any support emails or messages you send us.

We use the data we collect to:

• Provide the Service — generate your photos, manage your subscription and credits, authenticate your sessions, and display your gallery.
• Process payments — bill your subscription through Dodo Payments and manage billing events such as renewals and cancellations.
• Communicate with you — send transactional emails such as your confirmation link, subscription receipts, and important account notices. We will not send you marketing email without your consent.
• Improve the Service — analyse aggregate usage patterns (not your photos) to improve features, fix bugs, and understand how people use Calibre.
• Prevent abuse — detect and prevent fraud, policy violations, and security incidents.
• Comply with law — retain records we are legally required to keep and respond to lawful requests from authorities.

Biometric data specifically. We use the facial data in your Uploads only to produce your requested AI-generated photos. We do not sell biometric data, use it to identify you in any other context, or share it with parties other than the AI processing sub-processors listed in Section 5.

If you are in the EEA or UK, we rely on the following legal bases under the GDPR / UK GDPR for processing your personal data:

• Performance of a contract — processing your account data, Uploads, and Outputs is necessary to deliver the Service you purchased.
• Legitimate interests — usage analytics, security monitoring, and fraud prevention, balanced against your rights.
• Consent — marketing communications (where you opt in) and non-essential cookies or tracking pixels (where required by law).
• Legal obligation — retaining billing records and responding to lawful regulatory requests.

[PLACEHOLDER — if your users are in Illinois or Texas, USA, you may need explicit written consent for biometric data collection under BIPA or CUBI. Consult a lawyer.]

We share data only with providers that need it to do their job. Each provider is bound by a data processing agreement or equivalent contractual protections:

• Supabase — database, user authentication, and file storage. Your Uploads and Outputs are stored in Supabase Storage in private, per-user access-controlled buckets. Supabase does not have the right to access your files for its own purposes.
• OpenAI— AI image generation. Your selfies are transmitted to OpenAI's API solely to produce your requested photos. OpenAI's data handling is governed by its API usage policies; images submitted via the API are not used by OpenAI to train its models (per OpenAI's API data usage policy, which you should review independently).
• Dodo Payments— Merchant of Record and payment processor. Dodo Payments receives your payment card details directly, handles tax collection and remittance, issues receipts, and manages billing on our behalf. We receive only confirmation of payment. Dodo Payments' privacy policy applies to data you provide during checkout.
• PostHog — product analytics (page views, feature usage, funnel tracking), in aggregate. Only enabled when our PostHog key is configured. No photo data is sent to PostHog.
• Meta (Facebook) Pixel / Conversions API — ad conversion tracking (e.g., recording when a subscription purchase occurred, using a hashed email only). Only enabled when our Meta Pixel ID is configured.
• TikTok Pixel / Events API — ad conversion tracking, same basis as above. Only enabled when our TikTok Pixel ID is configured.

We do not sell or rent your personal data to any third party.

We may disclose information to law enforcement or regulators where we are legally required to do so, or where we believe disclosure is necessary to prevent serious harm or protect the safety of our users. If Calibre is ever involved in a merger, acquisition, or asset sale, your data may transfer as part of that transaction; we will notify you in advance and this policy will continue to apply.

Your Uploads and Outputs are stored in Supabase Storage in private buckets. Access is gated by row-level security policies so that only your authenticated session can read your files — Calibre staff cannot freely browse your photos. Access by our infrastructure (to generate photos) is scoped and logged.

We use encryption in transit (TLS) for all data exchanged between your browser and our servers, and Supabase encrypts data at rest. We apply access controls internally to limit who can access data to those with a specific operational need.

No security system is perfect. If we become aware of a data breach that affects your personal data in a way that poses a risk to your rights, we will notify you and relevant authorities as required by applicable law.

We retain personal data for as long as your account is active and as needed to provide the Service. Specific retention rules:

• Uploads (selfies / body photo) — kept for as long as your account is active. You can delete individual Uploads from your Character settings at any time.
• Generated photos — kept for as long as your account is active or until you delete them.
• Account deletion — you can delete your account from your account settings. When you do, we will delete your Uploads, Outputs, and profile data from active storage promptly (typically within 30 days). Encrypted backup copies may persist on our normal backup rotation cycle (up to 90 days) before being overwritten.
• Billing records — we retain financial transaction records for the period required by applicable tax and accounting law (typically 7 years), even after account deletion.
• Logs — security and server logs are retained for up to 90 days.

To request deletion of your data, use the in-app delete-account flow in your account settings, or email legal@caliber.photos. We will confirm completion of your request.

We use cookies and similar technologies (local storage, pixel tags). They fall into three categories:

• Essential / functional — required for authentication (keeping you signed in), CSRF protection, and core Service operation. These cannot be disabled without breaking the Service.
• Analytics — PostHog uses a first-party cookie to track product usage in aggregate. No personally identifiable photo data is included. You can opt out by adjusting your browser settings or using an ad blocker.
• Advertising / conversion tracking— when configured, Meta Pixel and TikTok Pixel set cookies to measure whether ad campaigns lead to subscriptions. These are only loaded when the corresponding pixel IDs are active. You can opt out via your browser, an ad blocker, or your device's opt-out settings.

Where required by applicable law (e.g., EU ePrivacy Directive), we will request your consent before setting non-essential cookies.

Depending on your location, you may have rights over your personal data under GDPR, CCPA, or other applicable laws:

• Access — request a copy of the personal data we hold about you.
• Correction — ask us to correct inaccurate data.
• Deletion — request that we delete your data (subject to legal retention obligations).
• Data portability — receive a machine-readable export of data you have provided to us.
• Objection / restriction — object to or restrict certain processing (e.g., processing based on legitimate interest).
• Withdraw consent — where processing is based on consent, withdraw it at any time (this does not affect prior processing).
• Do Not Sell (CCPA)— we do not sell personal data. If you are a California resident and believe we have incorrectly classified a data activity as not a “sale,” contact us.

Most rights can be exercised directly in your account settings. For anything else, email legal@caliber.photos. We will respond within 30 days (or the timeframe required by applicable law). We will not discriminate against you for exercising any of these rights.

EEA / UK residents have the right to lodge a complaint with their local data protection authority if they believe we have mishandled their data.

Calibre operates primarily from the United States. If you are located outside the US, your data will be transferred to and processed in the US and in other countries where our processors operate (including Supabase and OpenAI). Where required by law (e.g., for transfers from the EEA or UK), we rely on appropriate safeguards such as the EU Standard Contractual Clauses. [PLACEHOLDER — confirm your transfer mechanism and update this paragraph with your lawyer before serving EEA/UK users.]

Calibre is for adults 18 and older only. We do not knowingly collect personal data from anyone under 18, and we do not generate images from photos of minors under any circumstances. If you believe a minor has registered for or used the Service, contact us at legal@caliber.photos immediately and we will delete the associated account and data.

We may update this Privacy Policy as the Service evolves or as the law changes. When we make material changes, we will update the “Last updated” date above and notify you by email or in the Service. Where required by law, we will seek your consent for material changes to how we use your data.

For privacy questions, data requests, or complaints, email legal@caliber.photos or write to [PLACEHOLDER — mailing address]. We aim to respond within 30 days.