Privacy Policy

This Privacy Policy explains how MojiKit ("Platform," "we," "us") collects, uses, stores, discloses, and protects personal information and content data when you use our AI creation services.

It applies to account registration, log in, billing, sticker generation, character or mascot generation, image editing, exports, support requests, and related product features.

2.1 Information You Provide

• Account information: email address, display name, login method, account identifiers, language, and settings.
• Profile information: avatar, optional biography, organization or team information, and saved preferences.
• Content data: User Uploads, prompts, character descriptions, brand details, generated images, exported assets, and content you publish publicly. User Uploads may include photos containing a face if you choose to provide them.
• Payment and subscription data: order IDs, invoices, subscription status, processor response data, and limited billing metadata. We do not store full payment card numbers.
• Support data: emails, contact requests, feedback submissions, screenshots, and attachments.

2.2 Information Collected Automatically

• Device and network information: IP address, browser or app version, operating system, device identifiers, language, and approximate region.
• Usage data: page views, clicks, session timestamps, generation activity, feature usage, referral data, and conversion events.
• Diagnostics and security logs: crash reports, error traces, latency metrics, moderation outcomes, fraud signals, and abuse prevention records.
• Cookies and similar technologies: session cookies, analytics identifiers, preference storage, and security tokens.

2.3 Sensitive or Third-Party Content

Some uploads may contain faces, brand assets, or other sensitive or third-party information. Please upload such material only when you have all required rights and consents.

2.4 Face Data

If you choose to upload a photo that contains a face, we collect the image file and related generated or edited assets needed to provide the requested sticker, character, mascot, or image editing feature. We do not create or store a biometric face template, faceprint, face geometry map, face recognition identifier, or face verification profile.

• Provide account access, paid features, generation workflows, storage, and export services.
• Process uploaded photos that may contain faces only to create, edit, store, display, moderate, troubleshoot, and export the user-requested generated assets.
• Process payments, manage subscriptions, send receipts, and handle billing questions.
• Maintain the Platform, troubleshoot failures, secure systems, detect abuse, and enforce our policies.
• Operate community or public showcase features when you choose to publish content.
• Measure performance, analyze product usage, improve reliability, and develop new features.
• Communicate with you about transactions, support, service notices, safety issues, and policy updates.
• Comply with law, respond to lawful requests, protect rights, and resolve disputes.

We process prompts, uploads, and outputs because doing so is necessary to run an AI creation service. The exact use depends on whether content is private, public, free-tier, or paid-tier content.

• Default visibility: unless product settings say otherwise, content created or published through public discovery features may be visible to other users by default.
• Private mode: paid users may have the option to make eligible content private. Private mode availability may depend on plan, feature, or technical limitations.
• Private content: used to provide generation, storage, editing, moderation, security review, customer support, legal compliance, and service quality improvement.
• Face-containing uploads: used only as user-provided content for the requested generation or editing workflow, related storage, safety review, support, troubleshooting, and export. We do not use them to identify a person, authenticate a person, track a person across services, or build biometric profiles.
• Public or community content: may be displayed, indexed, recommended, and used to operate showcase, discovery, and promotional features as described in our Terms.
• Downloads of public content: where the product allows downloading of public content, other users may access downloaded copies, but that does not by itself expand their commercial rights.
• Free Generated Assets: may be used more broadly for Platform operation, promotion, licensing, moderation, and product improvement as described in our Terms of Service.
• Paid private content: we do not use it as an external customer showcase or third-party licensed example without your permission, except where content is de-identified, aggregated, or use is otherwise permitted by law.
• Improvement and evaluation: we may use Free Generated Assets, Public Assets, de-identified content samples, and aggregated usage data to evaluate models, improve prompts, improve moderation, and improve product quality.

We do not sell your personal information for money. If applicable law treats certain analytics or advertising disclosures as "sale" or "sharing," you may have separate opt-out rights depending on your region.

Depending on your location, we process information under one or more legal bases such as contract performance, legitimate interests, consent, compliance with legal obligations, and protection of rights or security.

We may disclose information to the following categories of recipients where necessary:

• Infrastructure and hosting providers: cloud hosting, database, storage, CDN, logging, and monitoring vendors.
• Model and processing providers: AI inference, image processing, moderation, or related technical vendors acting on our behalf.
• Face-containing uploads: may be processed by infrastructure, storage, moderation, and AI processing providers only as needed to deliver the requested feature, under contractual, confidentiality, and security controls. We do not sell face data or share it for third-party advertising or biometric identification.
• Payment providers: processors and billing partners that handle transactions, invoicing, fraud screening, and subscription administration.
• Team or organization administrators: where you use a team, business, or enterprise account, authorized admins may access certain account, usage, billing, and workspace content data according to organization controls.
• Analytics and support providers: vendors that help us understand product use and respond to support issues.
• Legal and safety recipients: authorities, advisors, insurers, counterparties, or affected persons where disclosure is required or reasonably necessary.
• Business transfers: a buyer, investor, or successor in the event of a merger, financing, acquisition, or asset sale.

We require service providers to process data under appropriate contractual, confidentiality, and security controls.

For an up-to-date category overview, see our Sub-processor List.

Your data may be stored or processed in countries or regions different from your own because our providers and technical systems may operate globally. Where required, we use reasonable safeguards for cross-border transfers.

• Account data: retained while your account remains active and for a reasonable period afterward for security, compliance, and dispute resolution.
• Payment and invoice records: retained as required by tax, accounting, anti-fraud, and legal obligations.
• Operational logs: retained for limited periods based on security, troubleshooting, and abuse prevention needs.
• Generated assets and uploads: retained until you delete them, your account is deleted, retention becomes unnecessary, or we need to retain them longer for legal, security, or backup reasons.
• Face-containing uploads and generated assets: retained under the same rules as other User Uploads and generated assets. They remain available while needed to provide your account features, generation history, storage, export, support, safety, backup, legal, or dispute-resolution functions, and may be deleted by deleting the content or account subject to operational and legal limits.

Deletion from active systems may not be immediate and may be delayed by backups, legal holds, fraud investigations, or technical constraints.

We use reasonable technical and organizational safeguards such as access controls, encryption in transit, logging, and security review processes. No service is perfectly secure, so you should also protect your account credentials and devices.

Depending on your region, you may have rights to access, correct, delete, export, restrict, object to, or withdraw consent for certain processing activities.

• You may update some profile information directly in your account.
• You may delete content or request account deletion, subject to legal and operational retention limits.
• You may manage certain cookies or device permissions through your browser or device settings.
• You may contact us to exercise applicable privacy rights. We may need to verify your identity before processing a request.

If your account is provisioned by an organization, workspace owner, or team admin, that organization may control your account, access certain workspace content and metadata, manage retention settings, and receive usage or billing reports.

If you use a managed account, your organization may be the primary controller for some processing decisions. Privacy requests related to organization-managed data may need to be directed to your organization administrator first.

Privacy rights and compliance obligations may vary by region. Where mandatory local law grants stronger protections or imposes stricter requirements than this policy, the mandatory local law controls for users in that jurisdiction to the extent of the conflict.

If your account or purchase is managed through an app store, enterprise contract, or regulated payment environment, certain privacy-related notices, consent flows, or retention controls may be provided through those channels in addition to this policy.

Our services are not directed to children below the minimum digital consent age in the relevant jurisdiction. If we learn that we collected information from a child without proper authorization, we will take reasonable steps to delete it.

Please also review our Terms of Service and Refund Policy.

We may update this Privacy Policy from time to time. Material changes will be posted here with a revised effective date and may be communicated through the Platform or by email where appropriate.

• Email: [email protected]
• Contact Page: Contact Us