Privacy Policy

1. Introduction

Viatr is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights regarding your personal information. By using our service, you agree to the practices described in this policy.

2. Data We Collect

We collect the following categories of data:

• Account data: Your email address and name, collected through Google OAuth, Magic Link, or password registration via Supabase Auth.
• Usage data: Generation history, project data, prompts, and platform interaction patterns.
• Payment data: Payment information is processed by Stripe. We do not store your credit card numbers or full payment details on our servers.
• Analytics data: We use PostHog for anonymized product analytics and Sentry for error tracking to improve service reliability.

3. How We Use Your Data

We use the data we collect to:

• Provide and operate the Viatr platform
• Process payments and manage your credit balance
• Send transactional emails (via Resend), such as account confirmations and receipts
• Analyze usage patterns to improve the service
• Detect and prevent fraud, abuse, and security incidents

4. AI Processing

When you generate content, your prompts and any uploaded images are sent to third-party AI providers (FAL.ai, Google) for processing. This data is subject to the privacy policies of those providers. We do not use your content, prompts, or generated output to train AI models. AI providers may process your data on servers located outside your country of residence.

5. Data Sharing

We do not sell your personal data. We share data only with the following third-party processors, solely to provide and operate the service:

• Supabase— Authentication and database
• Stripe— Payment processing
• FAL.ai and Google— AI content generation
• Resend— Transactional emails
• PostHog— Product analytics
• Sentry— Error tracking
• Railway— Application hosting

6. Data Retention

We retain your account data for as long as your account is active. Generation data is retained as part of your projects. When you request account deletion, we will remove your personal data and associated content within 30 days, except where retention is required by law.

7. Your Rights (GDPR)

If you are located in the European Economic Area, you have the following rights regarding your personal data:

• Access— Request a copy of your personal data
• Rectification— Correct inaccurate or incomplete data
• Deletion— Request erasure of your personal data
• Data portability— Receive your data in a structured, machine-readable format
• Objection— Object to certain types of data processing

To exercise any of these rights, contact us at support@viatr.app. We will respond within 30 days.

8. Cookies

We use two categories of cookies:

• Necessary cookies: Authentication and session management. These are required for the service to function and cannot be disabled.
• Analytics cookies: PostHog product analytics and Sentry Session Replay for error tracking. These are set only with your consent. In the EU, we ask for opt-in consent before enabling analytics. In the US, analytics are enabled by default and you may opt out at any time.

You can manage your cookie preferences at any time using the "Cookie Preferences" link in the footer or the consent banner that appears on your first visit. We honor the Global Privacy Control (GPC) signal — if your browser sends GPC, analytics cookies are automatically disabled. Your consent choice is stored for 180 days.

9. Security

We implement industry-standard security measures to protect your data. All data is encrypted in transit using TLS. Authentication is handled through secure protocols. While we take reasonable steps to protect your information, no method of transmission or storage is completely secure.

10. Children

Viatr is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take steps to delete that information.

11. Changes

We may update this Privacy Policy from time to time. For material changes, we will notify you via email. The "Effective" date at the top of this page indicates when the policy was last updated. Your continued use of the service after changes take effect constitutes your acceptance of the updated policy.

12. Contact

If you have questions about this Privacy Policy or your data, please contact us at support@viatr.app.

Data controller: Viatr