Privacy Policy
Effective date: 2026-05-31 · Last updated: 2026-05-31
This Privacy Policy explains how [LEGAL_ENTITY_NAME] ("ShowingSnap," "we," "our," or "us") collects, uses, shares, and protects personal data when you use showingsnap.com and the related Reimaginer service (the "Service"). It supplements our Terms of Service.
The short version. We collect the account, image, billing, and usage data we need to run the Service. Your uploaded photos are sent to Google's Gemini API to generate your redesigned images. We do not sell your personal data and we do not use your images to train AI models. We use a small set of well-known providers (Cloudflare, Google, Stripe, Resend) to operate. You can access, export, or delete your data at any time. The sections below give the full detail and your legal rights.
1. Who is the data controller
[LEGAL_ENTITY_NAME], [MAILING_ADDRESS], is the data controller for personal data we collect about you. For EU/EEA users, our representative under Article 27 GDPR (where applicable) is [EU_REPRESENTATIVE_OR_"not_applicable"]. You can reach our privacy team at [BUSINESS_EMAIL].
2. What data we collect
Account data.
- Email address (required) and password hash (or OAuth provider identifier if you sign in with Google)
- Name (optional, provided by you or by your OAuth provider)
- Audience self-identification (homeowner, agent, designer, stager, builder, decorator) — used to tune the in-app experience and to inform product-direction analytics
- Brand profile fields if you fill them in: display name, logo, phone, contact email, website, tagline
Content you upload and generate.
- Photographs you upload as inputs
- Images we generate from those inputs
- Project organization (project names, render-to-project assignments)
- Share-link metadata (share token, expiry, view count)
To generate your images, the photographs you upload are transmitted to Google's Gemini API for processing. Do not upload images containing sensitive personal information you would not want processed by a third-party AI provider. See Sections 5 and 6 for transfer and subprocessor detail.
Billing data (for paid plans only).
- Stripe customer ID, subscription ID, plan tier, subscription status, trial dates, billing period dates
- Payment-card details are handled directly by Stripe; ShowingSnap never stores or sees full card numbers. We receive only Stripe's customer/subscription identifiers and last-four / brand where Stripe exposes them.
Usage and device data.
- Render counts, timings, mode used (Redesign, Virtual Staging, Declutter, Twilight), success/failure status
- IP address (used for rate limiting and abuse prevention)
- User-agent string, browser locale, viewport size
- Session and authentication cookies
- Session replay and heatmap data (via Microsoft Clarity — see Section 7)
- Pages visited and basic interaction events
Communications.
- Emails you send us (support, sales, feedback)
- Invite emails sent via Resend on your behalf when you use "Invite a pro"
- Marketing-email opt-in status (when applicable)
3. How we use your data
We use personal data for the following purposes:
| Purpose | Legal basis (GDPR) |
|---|---|
| Operate the Service, authenticate you, store your renders | Contract (Article 6(1)(b)) |
| Process payments and manage subscriptions | Contract (Article 6(1)(b)) |
| Send transactional email (account, billing, share invites) | Contract (Article 6(1)(b)) |
| Prevent abuse, enforce rate limits, secure the Service | Legitimate interest (Article 6(1)(f)) |
| Improve product (aggregate analytics, session replay) | Legitimate interest (Article 6(1)(f)) |
| Send marketing email about new features (optional) | Consent (Article 6(1)(a)) |
| Comply with legal obligations (tax, lawful requests) | Legal obligation (Article 6(1)(c)) |
We do not use your uploads or generated images to train generative AI models — neither our own nor a third party's. The Gemini API call sends your image to Google for generation only; Google's enterprise terms applicable to API usage prohibit training on submitted content. See Section 6 for the subprocessor list.
4. Who we share data with
We do not sell or rent personal data. We share it only with:
- Subprocessors performing services on our behalf (see Section 6). Each is bound by a data-processing agreement.
- Other users you explicitly share with. When you generate a share link or send an invite, the recipient sees the linked Output. When an invited pro accepts an invite, they become linked to that render and to you via a relationship row.
- Legal authorities when we are required by valid legal process, when we believe in good faith it is necessary to protect rights, property, or safety, or to investigate fraud or abuse. We will challenge overbroad requests.
- An acquirer in a merger, acquisition, or sale of all or substantially all of our assets, subject to standard confidentiality protections.
5. International transfers
ShowingSnap is operated from the United States. Our infrastructure (Cloudflare D1, R2, Workers) runs in a globally distributed edge network with primary data residency in the United States. If you access the Service from outside the United States, your personal data will be transferred to and processed in the United States and other countries where our subprocessors operate. Where transfers from the EU/EEA, UK, or Switzerland are involved, we rely on the European Commission's Standard Contractual Clauses (or the UK addendum / Swiss equivalent), or other lawful transfer mechanisms.
6. Subprocessors
We use the following subprocessors to deliver the Service. We update this list as our stack evolves; material changes are announced by email to current users where required by law.
| Subprocessor | Purpose | Region |
|---|---|---|
| Cloudflare, Inc. | Edge compute (Workers), database (D1), object storage (R2), image delivery (CF Images), DNS, security | Global edge; primary US |
| Google LLC (Gemini API) | Generative-AI image processing | US |
| Stripe, Inc. | Subscription billing and payment processing | US / EU |
| Resend, Inc. | Transactional email delivery | US |
| Better Auth | Authentication (self-hosted library; sessions stored in our own D1) | Our infra |
| Google LLC (OAuth) | Sign-in with Google option | US |
| Microsoft Corporation (Clarity) | Anonymous session replay and heatmaps for UX improvement | US |
7. Cookies and tracking
Essential cookies. Set by Better Auth for session management. Required for sign-in. No opt-out option (the Service cannot function without them).
Analytics and session replay. Microsoft Clarity records anonymous session replays and heatmaps to help us improve the product. Clarity masks form inputs by default and we configure it to mask text content where possible. You can opt out by enabling "Do Not Track" in your browser or via Clarity's cookie list.
We do not use third-party advertising cookies. We do not embed Meta Pixel, Google Ads tags, or similar.
8. Data retention
| Data category | Retention |
|---|---|
| Account profile | Lifetime of the account; 30 days after deletion for backup rollback, then purged |
| Uploaded inputs and generated outputs | Until you delete the render or close your account; 30-day backup window after deletion |
| Billing records | 7 years (tax/accounting obligation), stored by Stripe and in our records |
| Server logs / IP-keyed rate-limit data | 30 days |
| Session replay (Clarity) | Per Clarity's defaults (typically 13 months) |
| De-identified, aggregated metrics | Indefinitely |
| Communications you send us | 2 years from last contact |
9. Your rights (GDPR / UK GDPR)
If you are in the EU/EEA, UK, or Switzerland, you have the following rights regarding personal data we hold about you:
- Access (Article 15): obtain a copy of your personal data.
- Rectification (Article 16): correct inaccurate or incomplete data.
- Erasure (Article 17): request deletion of your data ("right to be forgotten"). Caveats: we may retain data required by law (billing records) or to defend legal claims.
- Restriction (Article 18): limit how we process your data.
- Portability (Article 20): receive your data in a machine-readable format.
- Object (Article 21): object to processing based on legitimate interest.
- Withdraw consent (Article 7(3)): withdraw consent at any time for processing based on consent (such as marketing email). Withdrawal does not affect prior lawful processing.
- Lodge a complaint with your local data-protection authority. You can also contact us first; we will try to resolve your concern.
To exercise any of these rights, email [BUSINESS_EMAIL] from the address on your account. We respond within 30 days (extensible by an additional 60 days for complex requests, with notice to you). We do not charge a fee unless a request is manifestly unfounded or excessive.
10. Your rights (California / CCPA / CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (as amended by the CPRA):
- Right to know what categories of personal information we collect, the sources, the business purpose, and the categories of third parties we share with.
- Right to access the specific pieces of personal information we have about you.
- Right to delete personal information, subject to exceptions in Civ. Code §1798.105(d).
- Right to correct inaccurate personal information.
- Right to opt out of "sale" or "sharing" for cross-context behavioral advertising. We do not sell or share your personal information as those terms are defined under the CCPA.
- Right to limit use of sensitive personal information. We do not collect sensitive personal information for purposes outside the §7027 use-purpose limits.
- Right to non-discrimination for exercising any of the above.
To exercise these rights, email [BUSINESS_EMAIL]. We verify requests by confirming you control the account email. Authorized agents may submit requests with written authorization.
11. Children's privacy
The Service is not directed to children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, contact [BUSINESS_EMAIL] and we will delete it.
12. Security
We protect personal data with administrative, technical, and physical safeguards appropriate to the data's sensitivity. These include TLS in transit, encryption at rest where supported by our subprocessors, scoped access controls, audit logging of administrative actions, magic-byte validation of uploaded files, and rate limiting on public endpoints. No system is perfectly secure; if we become aware of a breach affecting your personal data, we will notify you and regulators where required by applicable law.
13. Automated decision-making
We do not use solely automated decision-making, including profiling, that produces legal or similarly significant effects on you (GDPR Article 22).
14. Changes to this Policy
We may update this Policy. For material changes, we will notify you by email at least 30 days before the effective date and update the "Last updated" date above. Continued use of the Service after the effective date means you accept the updated Policy.
15. Contact
Privacy questions or requests: [BUSINESS_EMAIL]
Mailing address: [LEGAL_ENTITY_NAME], [MAILING_ADDRESS]
Bracketed placeholders (e.g., [LEGAL_ENTITY_NAME]) must be filled in before paid signup goes live. See also our Terms of Service.