Privacy Policy

Last updated: January 25, 2026

1. Introduction

GenSprite, operated by Timur Turatbekov ("we", "our", or "us"), respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our AI game asset generation service.

2. Information We Collect

Account Information

When you sign up via GitHub OAuth, we collect:

  • Email address
  • Username
  • Profile picture URL
  • GitHub user ID

Usage Data

We automatically collect:

  • Generation prompts and parameters
  • Generated asset metadata
  • Token usage and transaction history
  • Session data for authentication

Payment Information

Payment processing is handled by Paddle. We do not store your credit card details. We receive confirmation of payment status and transaction IDs.

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Process your asset generation requests
  • Manage your account and token balance
  • Process payments and prevent fraud
  • Communicate with you about your account or the Service
  • Improve and optimize our Service
  • Comply with legal obligations

4. Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Database hosted on Vercel Postgres (powered by Neon) with encryption at rest
  • Generated assets stored on Vercel Blob with secure access controls
  • All data transmitted over HTTPS
  • Session tokens are securely hashed

5. Data Retention

We retain your data as follows:

  • Account data: Until you request deletion
  • Generated assets: Stored indefinitely unless you delete them
  • Transaction records: Retained for 7 years for legal compliance
  • Session data: Automatically expires after 30 days

6. Third-Party Services

We use the following third-party services:

  • GitHub: For authentication (OAuth)
  • Paddle: For payment processing
  • Vercel: For hosting, database, and file storage

Each of these services has their own privacy policy. We encourage you to review them.

7. Cookies

We use essential cookies only for authentication and session management. We do not use tracking cookies or third-party analytics cookies.

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent where applicable

To exercise these rights, contact us at support@p5ina.dev.

9. Children's Privacy

The Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

For questions about this Privacy Policy, please contact us at support@p5ina.dev.