Privacy Policy

1.1 Information from Registered Users. When you create an account with BeyondBeings, we collect the following personal information:

1.2 Information from Guest Users. If you use the Service without creating an account (as a "Guest User"), we collect minimal information:

1.3 Automatically Collected Information. When you access the Service, we may automatically collect certain technical information, including:

2.1 To Provide the Service. We use your information to operate and deliver the core functionality of BeyondBeings, including processing your prompts to generate images, storing your generation history (for registered users), and displaying your gallery.

2.2 To Authenticate Your Account. We use your email address to send passwordless authentication links ("magic links") that allow you to securely sign in to your account without a password.

2.3 To Communicate With You. We may use your email address to send you important information about your account, such as security alerts, service updates, or changes to our terms and policies. We will not send you marketing communications without your explicit consent.

2.4 To Improve the Service. We may use anonymized, non-identifiable usage data and outputs to analyze trends, improve our AI systems, develop new features, and enhance the overall user experience. This data cannot be traced back to you as an individual.

2.5 To Ensure Security and Prevent Abuse. We use technical information such as IP addresses to detect and prevent fraud, abuse, security threats, and violations of our Terms of Service.

2.6 To Comply With Legal Obligations. We may process your information when necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

3.1 We Do Not Sell Your Personal Data. We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Period.

3.2 We Do Not Use Third-Party Advertising or Tracking Cookies. We do not use advertising networks, and we do not place third-party tracking cookies on your device. We do not track you across other websites.

3.3 We Do Not Store Payment Card Details. When paid subscription plans are introduced, all payment processing will be handled by a third-party payment processor. We will not store your full credit card number, CVV, or other sensitive payment details on our servers.

4.1 What We Use. We use browser local storage (not cookies) for the following essential purposes:

4.2 What We Do NOT Use. We do not use:

4.3 Managing Local Storage. You can clear your browser's local storage at any time through your browser settings. Note that doing so will log you out of your account and clear your Guest User session.

5.1 Where We Store Data. Your data is stored on secure cloud infrastructure. We select providers that maintain industry-standard security certifications and practices.

5.2 How We Protect Data. We implement appropriate technical and organizational measures to protect your personal information, including:

5.3 Security Limitations. While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to implementing reasonable safeguards appropriate to the sensitivity of the information.

6.1 Registered User Data. We retain your account information and generation history for as long as your account remains active. When you delete your account, all associated personal data, including your profile information, prompts, and generated images, will be permanently deleted from our systems within thirty (30) days, except where retention is required by law.

6.2 Guest User Data. Generated images and prompts from Guest Users become inaccessible after three (3) days from creation. After this period, you will no longer be able to access this content. The underlying data may be retained briefly for system maintenance before permanent deletion.

6.3 Anonymized Data. Anonymized, aggregated data that cannot be used to identify you may be retained indefinitely for analytical and service improvement purposes.

6.4 Legal Requirements. We may retain certain information for longer periods if required by law, to resolve disputes, enforce our agreements, or protect our legal rights.

7.1 Access Your Data. You have the right to know what personal information we hold about you. Registered users can view their profile information, generation history, and gallery directly through their account. You may also contact us to request a copy of your data.

7.2 Correct Your Data. You have the right to correct inaccurate or incomplete personal information. Registered users can update their name and phone number directly from their profile page. For other corrections, please contact us.

7.3 Delete Your Data. You have the right to request deletion of your personal data. Registered users can delete their entire account and all associated data through the Settings page. Upon account deletion, your profile, prompts, and generated images will be permanently removed.

7.4 Opt Out of AI Improvement Use. While we may use anonymized, non-identifiable data to improve our AI systems, you can opt out of this use by contacting us at privacy@beyondbeings.com. We will honor your request and exclude your data from such processing going forward.

7.5 Withdraw Consent. Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing conducted prior to withdrawal.

8.1 Legal Basis for Processing. We process your personal data based on the following legal grounds:

8.2 Your GDPR Rights. In addition to the rights listed in Section 7, you have the following rights under GDPR:

8.3 International Data Transfers. If you are located in the EEA, UK, or Switzerland, your personal data may be transferred to and processed in countries outside your jurisdiction, including the United States. We implement appropriate safeguards, such as standard contractual clauses approved by relevant authorities, to protect your data during such transfers.

9.1 Right to Know. You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, our purposes for collecting it, and the categories of third parties with whom we share it.

9.2 Right to Delete. You have the right to request deletion of your personal information, subject to certain exceptions under applicable law.

9.3 Right to Opt-Out of Sale. You have the right to opt out of the "sale" of your personal information. However, we do not sell your personal information to third parties as defined under the CCPA, so this right does not apply to our current practices.

9.4 Right to Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights. We will not deny you services, charge you different prices, or provide a different quality of service because you exercised your privacy rights.

9.5 Authorized Agents. You may designate an authorized agent to make requests on your behalf. We may require verification of your identity and confirmation that you authorized the agent to act on your behalf.

9.6 Categories of Personal Information. In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:

9.7 "Do Not Track" Signals. Some browsers have a "Do Not Track" feature that signals to websites that you do not want your online activity tracked. Because there is no standard interpretation of "Do Not Track" signals, our Service does not currently respond to these signals. However, as stated above, we do not use third-party tracking cookies.

10.1 Age Requirement. The Service is not intended for children under the age of thirteen (13). We do not knowingly collect personal information from children under 13. We collect date of birth during registration specifically to verify that users meet this minimum age requirement.

10.2 Discovery of Child Users. If we discover that we have inadvertently collected personal information from a child under 13, we will take immediate steps to delete that information from our systems. We may also terminate any account associated with such a user.

10.3 Parental Rights. If you are a parent or guardian and believe that your child under 13 has provided personal information to us, please contact us immediately at privacy@beyondbeings.com. We will promptly investigate and delete any such information.

10.4 Users Ages 13–17. Users between the ages of 13 and 17 may use the Service only with the consent and supervision of a parent or legal guardian who agrees to be bound by our Terms of Service and this Privacy Policy.

11.1 Service Providers. We work with third-party service providers who assist us in operating the Service, such as cloud hosting providers, email delivery services, and (when applicable) payment processors. These providers are contractually obligated to protect your information and may only use it to provide services on our behalf.

11.2 AI Technologies. Our Service uses artificial intelligence technologies to generate images based on your prompts. The prompts you submit may be processed by AI systems as part of delivering the Service. We do not share your prompts with third parties for their independent use.

11.3 Payment Processing. When paid subscription plans are introduced, payment transactions will be processed by a third-party payment processor. The payment processor will collect and process your payment information according to their own privacy policy. We will not have access to your full payment card details.

11.4 External Links. The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12.1 With Service Providers. We share information with third-party vendors, consultants, and service providers who need access to such information to perform services on our behalf, subject to confidentiality obligations.

12.2 For Legal Reasons. We may disclose your information if required to do so by law, or if we believe in good faith that such action is necessary to: (a) comply with legal obligations; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing; (d) protect the personal safety of users or the public; or (e) protect against legal liability.

12.3 Business Transfers. If we are involved in a merger, acquisition, bankruptcy, reorganization, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

12.4 With Your Consent. We may share your information with third parties when you have given us your explicit consent to do so.

13.1 Notification of Changes. When we make material changes to this Privacy Policy, we will notify you by: (a) updating the "Last Updated" date at the top of this policy; (b) posting a notice on our website; and/or (c) sending an email to registered users at the address associated with their account.

13.2 Review and Acceptance. We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

13.3 Prior Versions. If you would like to review prior versions of this Privacy Policy, please contact us at privacy@beyondbeings.com.

14.1 Self-Service Options. Registered users can access, correct, and delete much of their data directly through the Service:

14.2 Contact Us. For requests that cannot be completed through self-service, or for any privacy-related inquiries, please contact us at privacy@beyondbeings.com. Please include sufficient information to verify your identity and specify the nature of your request.

14.3 Response Time. We will respond to your request within the timeframe required by applicable law, typically within thirty (30) days. If we need additional time, we will notify you of the reason and expected response time.