Privacy Policy
Last updated: 2026-04-13
This Privacy Policy explains how ComfyUIFlows Studio collects, uses, secures, and discloses your personal information when you access our AI Image Studio, including our Virtual Try-On, 4K Upscaling, Face Swapping, and Custom LoRA Model Training services.
1. Information We Collect
Given the highly computational nature of generative AI, we collect specialized data to deliver your services:
- Account Data: Contact information, such as your email address, name, login credentials, and user IDs.
- AI Source Data: To perform inferences (like Face Swapping or Virtual Try-On), we securely collect and process the reference images you upload (e.g., faces, garments, backgrounds).
- Training Data: If you use our Custom LoRA Model Training feature, we temporarily collect and process the training dataset you provide (images and text captions) exclusively for the purpose of training your requested custom model.
- Billing Information: Payment records and transaction history securely processed by Stripe, our third-party payment gateway. We do not store your credit card numbers directly.
- Platform Analytics: Service usage data, including prompt text logs, credit expenditure, GPU execution times, and support interactions.
- Technical Data: Device hardware profiles, browser types, IP addresses, and essential web logs.
2. How We Use Your Data & AI Processing
We leverage your data strictly to execute the computational processes you request and maintain the Studio:
- To execute powerful backend AI workflows, including multi-angle generation, lighting correction, and identity matching based on your uploaded references.
- No Global Model Training: We DO NOT use your private, uploaded customer photography (e.g., proprietary brand assets or personal faces) to train our global foundational AI base models without your explicit, separate opt-in consent.
- Custom LoRA Training: Training datasets uploaded for your personal Custom LoRA Model are processed solely for your requested model. Training data is automatically deleted after your training job completes or expires.
- To authenticate your sessions, enforce credit limits and gallery storage quotas, and prevent abusive scraping of our commercial APIs.
- To process transactions via Stripe, upgrade subscriptions, and deliver receipt documentation.
- To investigate bug reports regarding corrupted generations or slow GPU inference speeds.
3. Legal Bases for Processing
Where applicable under regulations like the GDPR or CCPA, we process your data based on: contractual necessity (to render your requested AI images), our legitimate business interests (security and abuse prevention), and your direct consent.
4. Data Sharing and Third-Party Processors
We do not sell your personal information or uploaded imagery. We share data strictly with certified sub-processors required to operate the platform:
- Stripe: Payment processing for subscriptions, credit packs, storage add-ons, and LoRA training purchases.
- Cloud Infrastructure (RunPod, Google Cloud): GPU rendering, AI inference execution, and LoRA model training compute.
- Email Services: Sending account verification, password reset, and transactional email notifications.
5. Cookies and Session Technologies
We deploy essential cookies and localized storage to maintain your active login session and persist your un-saved studio setups. We use a secure, HTTP-only session cookie (fs_session) for authentication.
6. Asset Storage and Data Retention
- We retain your personal data and generated image history in your digital Gallery for as long as your account remains active.
- Your Gallery is subject to storage limits based on your subscription plan and purchased storage add-ons.
- You maintain full control over this data: deleting an image from your Gallery immediately queues it for secure deletion.
- Training Data: Training datasets are stored temporarily and auto-deleted after job completion. Trained LoRA model files are available for download for 7 days, after which they may be removed.
- Inactive accounts may be purged to maintain data hygiene standards.
7. Data Security and Encryption
Protecting your pre-released product photos and personal likenesses is our priority. We employ industry-standard encryption protocols (TLS/SSL) during data transit and secure, HTTP-only session cookies with production-grade security settings. However, due to the inherent nature of the internet, no cloud architecture can be guaranteed 100% secure against state-level vulnerabilities.
8. Your Consumer Privacy Rights
Subject to your jurisdiction (e.g., California, EU/UK), you possess robust data rights. These include the right to request access to your AI generation histories, request correction of account data, demand the deletion of your account and assets (Right to be Forgotten), and withdraw consent for non-essential processing. To execute these rights, contact our support team.
9. International Data Transfers
ComfyUIFlows Studio operates on global cloud infrastructure. Consequently, your data (including uploaded images) may be dynamically routed to international server regions for faster GPU access. We ensure standard contractual clauses and rigorous safeguards are in place for cross-border rendering.
10. Children's Privacy Governance
Our advanced AI generation suite is strictly restricted to adults over the age of 18. We do not knowingly solicit, process, or render personal information or recognizable images of minors under the age of 13. Any identified child data will be immediately and permanently scrubbed.
11. Revisions to this Policy
As the landscape of generative Artificial Intelligence law evolves rapidly, we reserve the right to modify this Privacy Policy. Substantive updates will be clearly timestamped and posted on this unified page.
12. Contact Legal and Privacy
For inquiries regarding your data security, deletion requests, or our AI processing safeguards, please contact our privacy division at comfyuiflowstudio@gmail.com.
Primary Business Address: 1001 S. Main St. STE 500, Kalispell, MT 59901, United States.
ComfyUIFlows Studio