Privacy Policy.
How SnapStore AI handles, secures, and respects your data.
Last updated: April 27, 2026
1) Scope of this policy
This Privacy Policy explains how SnapStore AI collects, uses, stores, and protects data when you use our website, assistant features, authentication flow, admin publishing tools, and related pages.
2) Data we collect
Depending on your actions, we may collect: (a) account identifiers such as email address, (b) login verification data such as OTP request metadata, (c) technical usage signals including device, IP, and interaction logs, (d) assistant prompts and generated outputs, and (e) admin-submitted content such as blog titles, excerpts, content, and image links.
3) Authentication and OTP data
For email-based login, we generate a 6-digit verification code and send it to your email using our transactional email provider. OTP data is short-lived and used strictly for authentication and fraud prevention.
4) How we use information
We use data to provide assistant functionality, deliver login and security features, publish and display blogs, monitor abuse, improve reliability, and maintain legal and operational compliance.
5) Legal basis and consent
We process data based on legitimate service operation needs, user consent where required, and compliance obligations. By using the platform, you acknowledge processing necessary for core features.
6) Third-party service providers
We use infrastructure and service providers, including database, email delivery, and AI providers, strictly to operate the platform. We do not sell personal data. Providers process data under their respective security and compliance controls.
8) Blog and content data
Blog posts and associated image links submitted by admin users are stored in the database and may be publicly visible when marked as published. Admin users are responsible for ensuring rights and permissions to any published content.
9) Data retention
We retain data only as long as needed for service delivery, security, analytics, legal obligations, or dispute resolution. Short-lived authentication artifacts may be deleted sooner according to internal policies.
10) Security controls
We apply reasonable administrative and technical safeguards to protect data from unauthorized access, disclosure, alteration, or loss. No internet service is fully risk-free, so users should also maintain account and device security.
11) Your rights
Subject to applicable law, you may request access, correction, deletion, or restriction of your personal data. You may also object to specific processing where legally permitted.
12) International transfers
Platform providers may process data in multiple jurisdictions. Where required, we rely on contractual or technical safeguards for lawful cross-border handling.
13) Children's privacy
The service is not intended for children under the minimum age required by applicable law. We do not knowingly collect personal data from children without proper legal basis.
14) Policy updates
We may revise this policy periodically to reflect legal, technical, or product updates. Continued use after updates indicates acceptance of the revised policy.
15) Contact and requests
For privacy requests, compliance queries, or policy clarification, contact us through the Contact Us page or support email listed on this website.