Privacy Policy

Welcome to Dropia.ai ("we", "us", "our", or "Dropia.ai"), accessible at https://dropia.ai. We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, store, share, and protect information when you use our AI-powered product analysis and marketing platform.

By accessing or using our services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use our services.

We use the collected information to:

• Provide and operate the Service (product analysis, AI copywriting, market research, ad creatives)
• Authenticate your account and manage your subscription and credits
• Store your analysis history so you can access it later
• Improve the Service and fix technical issues
• Send transactional emails (account activity, billing) — no marketing emails without your explicit consent
• Detect and prevent abuse, fraud, or violations of our Terms of Service
• Comply with applicable legal obligations

Our core service involves processing user-uploaded product images through AI models. Regarding this content:

• Processing: uploaded images are processed solely to generate the requested analysis output
• Storage: uploaded product images are processed and deleted immediately after analysis — they are not stored permanently
• No training without consent: we do not use your uploaded content or generated results to train AI models without your explicit consent
• Analysis results: AI-generated analysis data is stored in your account and retained until you delete your account or request data deletion

We use the following trusted third-party services to operate Dropia.ai:

• Supabase — database and authentication (data stored in EU)
• Anthropic (Claude) — primary AI analysis and copywriting engine
• OpenAI — AI creative image generation (gpt-image-1)
• Google Vision / SerpAPI — product recognition and web search for market research
• ElevenLabs — text-to-speech voice narration
• Vercel — hosting and infrastructure

We only share data with these providers to the extent necessary to provide the Service. Each provider operates under their own privacy policy and data processing agreements.

We do not sell your personal information. We may share your information only in the following limited circumstances:

• Service providers: trusted third parties who help us operate the platform (see section 4)
• Legal requirements: when required by law, regulation, or valid governmental request
• Safety: to protect the rights, property, or safety of Dropia.ai, our users, or the public
• Business transfers: in connection with a merger or acquisition, your information may be transferred as part of the transaction

We implement industry-standard measures to protect your personal information:

• All data transmission is encrypted using SSL/TLS
• Passwords are hashed — we never store plaintext credentials
• Payment processing is handled by secure third-party processors — we never store full card details
• Access to personal data is restricted to authorized personnel on a need-to-know basis

No system is 100% secure. If you suspect a security breach, contact us immediately at info@dropia.ai.

• Account data: retained for the duration of your account and a reasonable period after deletion for legal purposes
• Product images: processed and deleted immediately after analysis
• Analysis results: retained until you delete your account or request data deletion
• Payment records: retained as required by applicable tax and financial regulations

You may request deletion of your data at any time by emailing info@dropia.ai.

Depending on your location, you may have the following rights:

• Access: request a copy of the personal data we hold about you
• Correction: update or correct inaccurate data
• Deletion: request deletion of your data ("right to be forgotten")
• Portability: obtain your data in a structured, commonly used format
• Objection: object to our processing of your data for certain purposes
• Withdraw consent: where processing is based on consent, you may withdraw at any time

To exercise any of these rights, contact us at info@dropia.ai. We will respond within 30 days.

We use only essential cookies required for authentication (session tokens via Supabase). We do not use tracking, advertising, or analytics cookies that identify you personally. You can control cookies through your browser settings; disabling session cookies may prevent you from logging in.

Your data may be processed in countries outside your country of residence by our third-party providers (including the US). These transfers are governed by the providers' data protection agreements and applicable legal frameworks.

The Service is not directed at children under 18 years of age. We do not knowingly collect personal information from minors. If you believe we may have collected such data, contact us immediately and we will promptly delete it.

We may update this Privacy Policy from time to time. When we make significant changes, we will post the revised policy on our website and update the "Last updated" date at the top. For material changes, we may notify you via email.

For any privacy-related questions or requests: info@dropia.ai

Website: https://dropia.ai