GPTImager GPT Image 2 GeneratorGPTImager

Privacy Policy

Effective Date: April 20, 2026

GPTImager is operated by ORVYNO LLC.

Legal entity: ORVYNO LLC

Registered office: 30 N Gould St Ste N, Sheridan, WY 82801, United States

Support: support@gptimager.com / contact@orvyno.com

What information do we collect?

We collect the following categories of information: (1) Account data — your email address and password hash when you register. (2) Usage data — pages visited, features used, image generation requests, credit consumption, and timestamps. (3) Content data — text prompts you enter and reference images you upload for generation purposes. (4) Payment data — transaction IDs and subscription status provided by our payment processor. We never receive or store your full card number, CVV, or bank account details. (5) Technical data — IP address, browser type, device type, and Cloudflare request logs used for security and performance.

How do we use your information?

We use your information solely to operate and improve the service: (1) to create and manage your account; (2) to process image generation requests and deduct credits; (3) to send transactional emails such as receipts, password resets, and service notices; (4) to detect and prevent abuse, fraud, and prohibited content; (5) to analyze aggregate usage trends and improve the platform; and (6) to comply with legal obligations. We do not use your data for advertising, and we do not sell or rent your personal information to any third party.

Do you use my prompts or images to train AI models?

No. Your prompts, uploaded reference images, and generated outputs are never used to train our AI models or any third-party AI models. Image generation is powered by fal.ai and OpenAI APIs. Data sent to those APIs for inference is subject to their respective data processing agreements, which prohibit training on API input by default. We do not opt in to any training data sharing programs on your behalf.

How long do we keep your data?

Retention periods vary by data type: (1) Generated and uploaded images are stored for 90 days on all paid plans, after which they are permanently deleted from our servers. (2) Text prompts and generation logs are retained for 90 days. (3) Account data (email, subscription status) is retained until you delete your account. (4) Billing records are retained for 7 years as required by financial regulations. (5) Server and security logs are retained for 30 days. You may request early deletion of your images and prompts at any time by emailing support@gptimager.com.

Who do we share your data with?

We share data only with the service providers necessary to operate the platform, all under data processing agreements: (1) Payment processor — payment processing and subscription management; (2) fal.ai — AI image generation inference; (3) OpenAI — AI image generation inference via the gpt-image-1.5 model; (4) Cloudflare — CDN, DDoS protection, and infrastructure hosting; (5) Analytics providers — aggregate, anonymized usage metrics only. We do not share data with data brokers, advertisers, or any party for commercial resale.

Do you use cookies or tracking technologies?

Yes, we use a small number of cookies and similar technologies: (1) Essential cookies — required for authentication and session management. You cannot opt out of these without losing the ability to log in. (2) Analytics cookies — used to measure aggregate feature usage. You may opt out by using browser privacy settings or a content blocker. (3) We do not use cross-site tracking, fingerprinting, or advertising cookies. You can review and clear cookies at any time through your browser settings.

What are your rights under GDPR (EEA and UK residents)?

If you are located in the European Economic Area or the United Kingdom, you have the following rights under GDPR: (1) Access — request a copy of the personal data we hold about you; (2) Rectification — correct inaccurate or incomplete data; (3) Erasure ('right to be forgotten') — request deletion of your personal data; (4) Restriction — ask us to pause processing of your data; (5) Portability — receive your data in a machine-readable format; (6) Objection — object to processing based on legitimate interests; (7) Withdraw consent — where processing is based on consent, you may withdraw at any time. To exercise any of these rights, email support@gptimager.com. We will respond within 30 days.

What are your rights under CCPA (California residents)?

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA): (1) Right to Know — request disclosure of the categories and specific pieces of personal information we have collected about you; (2) Right to Delete — request deletion of your personal information, subject to certain exceptions; (3) Right to Opt-Out of Sale — we do not sell personal information, so this right is not applicable; (4) Right to Non-Discrimination — we will not discriminate against you for exercising your rights. To submit a request, email support@gptimager.com with the subject line 'CCPA Request'.

How do I delete my account and data?

You can request full account and data deletion by emailing support@gptimager.com with the subject line 'Account Deletion Request'. Include the email address associated with your account. We will permanently delete your account, prompts, images, and personal data within 14 days, and confirm by email. Note that billing records required by law (7-year retention) and anonymized aggregate analytics cannot be deleted. Deleting your account does not automatically trigger a refund; please review our Refund Policy before submitting a deletion request.

How do we protect your data?

We apply industry-standard security measures including: (1) TLS encryption for all data in transit; (2) encrypted storage for sensitive account data at rest; (3) access controls limiting data access to essential personnel only; (4) Cloudflare's infrastructure providing DDoS protection and firewall filtering; (5) regular review of our data handling practices. No system is 100% secure. If you believe your account has been compromised, contact us immediately at support@gptimager.com.

How will we notify you of privacy policy changes?

If we make material changes to this Privacy Policy, we will notify you by email at least 14 days before the changes take effect, and update the 'Effective Date' at the top of this page. Continued use of the service after the effective date constitutes acceptance of the revised policy. For minor or clarifying changes, we may update the policy without prior notice. We recommend reviewing this page periodically.

How can you contact us?

For any privacy-related questions, requests, or concerns, please email us at support@gptimager.com. Please include 'Privacy' in the subject line. We will respond within 30 days. Our website is gptimager.com.