Privacy Policy

This Privacy Policy explains how Graffiy collects, uses, stores, and protects information when you visit our website, create an account, use the editor, upload assets, generate AI-assisted designs, buy subscriptions or credits, or collaborate in a workspace.

We design Graffiy for research and creative workflows, so we treat account data, workspace content, uploaded files, prompts, and exports with care.

We may collect account information such as name, email address, authentication details, workspace membership, role, subscription status, billing identifiers, and support communications.

We also process product content such as designs, canvas state, templates, uploads, prompts, AI outputs, generated images, brand kits, comments, project metadata, and export preferences.

Technical information may include device and browser details, IP address, approximate location, log data, usage events, feature interactions, error reports, and cookie or similar identifier data.

We use information to provide the service, authenticate users, save designs, sync projects, process uploads, generate outputs, manage subscriptions and AI credits, invite teammates, provide support, improve product quality, and keep the platform secure.

We may use aggregated or de-identified information to understand usage trends, diagnose performance issues, improve templates and features, and guide product development.

When you use AI features, your prompts, selected templates, uploaded inputs, generated outputs, and related metadata may be processed by Graffiy and by AI infrastructure providers as needed to return results.

Do not submit confidential, regulated, unpublished, personal, clinical, or institutionally restricted information to AI features unless you have permission and have assessed whether the feature is appropriate for that data.

We may use trusted service providers for hosting, storage, authentication, payments, analytics, email, media processing, AI generation, customer support, and security. These providers may process information only as needed to provide their services to Graffiy.

Payment information is generally handled by payment processors, and Graffiy may receive billing status, plan, invoice, customer, and transaction metadata rather than full payment card details.

We do not sell your personal information. We may share information with service providers, within your workspace according to role permissions, when you intentionally share or publish content, to comply with law, to protect rights and security, or in connection with a merger, acquisition, financing, or sale of assets.

If you create public links, publish templates, invite collaborators, or share exports, the relevant content may become accessible to the people or audiences you choose.

We retain information for as long as needed to provide the service, comply with legal obligations, resolve disputes, maintain security, and enforce agreements. Workspace content may remain available until deleted by authorized users or until the account or workspace is closed.

Backups and logs may persist for a limited period after deletion as part of normal security, disaster recovery, and compliance practices.

You may be able to update account details, change your password, download account data, delete your account, manage team access, and control content through Graffiy settings.

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or export certain personal information. Requests can be sent to support@graffiy.com.

We use administrative, technical, and organizational safeguards intended to protect information against unauthorized access, loss, misuse, and alteration. No online service can guarantee perfect security, so you should use strong passwords, limit workspace access, and avoid uploading sensitive data unnecessarily.

Graffiy may process information in countries where we or our providers operate. By using the service, you understand that information may be transferred and processed outside your location.

We may update this Privacy Policy as the service changes. The current version will be posted here with the latest effective date.