Desideria
Privacy Policy
Last updated: April 26, 2026

1. Identity of the Data Controller

Desideria is operated by [Your Company Name], a company registered in France. For any questions regarding the processing of your personal data, please contact us at: privacy@desideria.com

2. Types of Data Collected

We collect the following categories of personal data:

  • Account Information: Email address, password (hashed), account creation date
  • Usage Data: IP address, browser type, device information, pages visited
  • Product Images: Images uploaded by users for product showcase generation
  • Generated Content: Images and videos generated through our service (stored securely)
  • Payment Information: Processed securely through Stripe (we do not store credit card details)
  • Cookie Preferences: Your consent choices for cookies and tracking

3. Purposes of Processing

We process your personal data for the following purposes:

  • Service Provision: To provide and maintain our AI-powered image and video generation service
  • Billing: To process payments and manage subscriptions through Stripe
  • Support: To respond to your inquiries and provide customer support
  • Analytics: To understand how users interact with our service (with your consent)
  • Legal Compliance: To comply with legal obligations, including tax and accounting requirements

4. Legal Basis

We process your personal data based on the following legal grounds:

  • Contract: Processing necessary for the performance of the service agreement
  • Consent: For analytics cookies and marketing communications (you can withdraw at any time)
  • Legitimate Interest: For service improvement and fraud prevention
  • Legal Obligation: For tax and accounting records (6 years retention for billing data)

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Active Accounts: Data is retained while your account is active
  • Account Deletion: Upon account deletion request, data is retained for 30 days (grace period for recovery), then permanently deleted
  • Billing Records: Financial records are retained for 6 years (legal requirement)
  • Cookie Consents: Retained for 12 months or until consent is withdrawn

6. Your Rights

Under the GDPR, you have the following rights:

  • Right of Access: You can request a copy of all personal data we hold about you
  • Right to Rectification: You can update or correct your personal information
  • Right to Erasure: You can request deletion of your account and all associated data
  • Right to Data Portability: You can export your data in a structured, machine-readable format (JSON)
  • Right to Object: You can object to processing based on legitimate interests
  • Right to Withdraw Consent: You can withdraw consent for cookies and analytics at any time

To exercise these rights, please contact us at privacy@desideria.com or use the features available in your account settings.

7. Data Transfers Outside the EU

Some of our service providers are located outside the European Union. We ensure appropriate safeguards are in place:

  • Stripe (USA): GDPR-compliant with Standard Contractual Clauses (SCCs)
  • OpenRouter (USA): Data processing with SCCs and encryption in transit
  • Google Gemini (USA): Data processing with appropriate safeguards

All data transfers are conducted in accordance with Chapter V of the GDPR and include appropriate safeguards such as Standard Contractual Clauses.

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption: All data in transit is encrypted using TLS/HTTPS
  • Authentication: Strong authentication mechanisms via Supabase Auth
  • Access Control: Row-Level Security (RLS) policies restrict data access
  • Data Residency: Primary data storage in EU (Supabase Frankfurt/Paris)
  • Monitoring: Security monitoring and error tracking with Sentry

9. Cookies

We use cookies to enhance your experience. For detailed information about our cookie usage, please refer to our cookie consent banner. You can manage your cookie preferences at any time.

10. Contact Information

For any questions, concerns, or requests regarding your personal data, please contact our Data Protection Officer:

Email: privacy@desideria.com

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our website. Your continued use of the service after such changes constitutes acceptance of the updated policy.

Back to HomeLog in to Manage My Data