Learn how SelfieClone complies with the General Data Protection Regulation (GDPR) to protect the personal data of EU/EEA residents.
At SelfieClone (the "Company", "we", "us", or "our"), we are committed to complying with the General Data Protection Regulation (GDPR) (EU) 2016/679 when processing personal data of individuals located in the European Union ("EU") or European Economic Area ("EEA").
This GDPR Compliance Statement outlines how we collect, use, process, store, and disclose your personal data in accordance with the GDPR when you use our AI-powered photography service.
This statement applies specifically to the personal data of EU/EEA residents who use our AI photography platform and related services.
The entity responsible for deciding how your personal data is processed ("Data Controller") is SelfieClone.
This statement applies to all personal data processing activities related to EU/EEA residents who use our AI photography service, including photo uploads, AI model training, and image generation.
These protections apply regardless of where the data processing takes place, as long as you are an EU/EEA resident using our services.
We process personal data under the following GDPR-compliant legal bases:
When you have explicitly provided your consent, such as agreeing to upload photos for AI model training or subscribing to marketing communications.
To provide and manage your account, process your subscription, generate AI photos, and deliver our AI photography services in accordance with our Terms of Service.
To comply with legal requirements such as financial regulations, tax obligations, and law enforcement requests.
To protect our business interests, such as improving our AI models, preventing fraud, ensuring security, and providing customer support. We always balance our legitimate interests against your rights and freedoms.
For complete details on what personal data we collect and how we use it, please see our Privacy Policy. In summary, we may collect:
Contact details (name, email address, profile information)
Account information (login credentials, account preferences)
Uploaded photos and images for AI model training
Generated AI images and portraits
Payment details processed through secure third-party processors
Usage data and analytics (IP address, device information, usage patterns)
Technical data necessary for AI processing and service delivery
We only collect and process personal data that is relevant, adequate, and limited to what is necessary for providing our AI photography services.
As an EU/EEA resident, you have the following rights regarding your personal data under the GDPR:
You have the right to be informed about how your personal data is being collected and used for AI processing
You can request a copy of the personal data we hold about you, including your uploaded photos and AI models
You can request that we correct any inaccuracies in your personal data
You can request that we delete your personal data, uploaded photos, and AI models under certain conditions
You can request that we limit the way in which we use your personal data and AI models
You can request to receive your personal data in a structured, commonly used, and machine-readable format
You can object to the processing of your personal data under certain circumstances, such as direct marketing
You have the right not to be subject to decisions based solely on automated processing that produce legal or significant effects
How to Exercise Your Rights: To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within one month, or sooner where feasible.
We may transfer your personal data to countries outside the EU/EEA where we or our service providers operate our AI infrastructure. When doing so, we ensure appropriate safeguards are in place:
We incorporate SCCs approved by the European Commission for transfers to third countries, ensuring your data receives adequate protection.
Where the European Commission has determined that a non-EU country ensures adequate data protection, we may rely on such decisions for transfers.
Our service providers may maintain additional safeguards such as Binding Corporate Rules to ensure consistent protection of your data.
If you would like more information on the specific mechanisms used to transfer your personal data, please contact us using the details below.
Our AI photography service involves specific data processing activities that we want to make transparent:
When you upload photos, our AI system analyzes facial features and characteristics to create a personalized model. This processing is based on your explicit consent and contractual necessity.
Our AI system makes automated decisions about image generation based on your personalized model. These decisions do not have legal or similarly significant effects on you, as they only affect the artistic output of generated images.
We retain your AI model and training data only as long as necessary to provide the service. You can request deletion of your AI model and associated data at any time.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy and to comply with our legal obligations. Specific retention periods include:
Account data: While your account is active plus reasonable period after closure
AI models and training photos: Duration needed to provide services unless deletion is requested
Generated images: Stored for your access unless you request deletion
We implement appropriate technical and organizational security measures to safeguard your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access:
Encryption of data in transit and at rest
Access controls and authentication systems
Regular security assessments and updates
Secure AI processing environments
Staff training on data protection principles
If you believe we are processing your personal data in a way that infringes upon your rights or violates the GDPR, we encourage you to contact us first using the details provided below.
We are committed to resolving any concerns you may have about our data processing practices. Please reach out to us at selfieclone@support.com and we will work to address your concerns promptly.
You also have the right to lodge a complaint with a supervisory authority in the EU/EEA Member State where you live, work, or where the alleged infringement of data protection law has taken place. You can find your local data protection authority through the European Data Protection Board website.
We will cooperate fully with any supervisory authority investigations and work to resolve any identified issues.
For any questions about this GDPR Compliance Statement, to exercise your rights, or to raise concerns about our data processing practices, please contact us:
We will respond to your GDPR-related requests within one month of receipt, and will provide updates if additional time is needed for complex requests.
This GDPR Compliance Statement is part of our commitment to data protection and privacy rights for all EU/EEA residents using SelfieClone.