StudioTools
Download Buy license
← Back to home
Legal

Privacy Policy

Last updated: 24 May 2026 Version 1.0
We collect the minimum information needed to run Studio Render, bill you, and keep the Service safe. We do not sell your personal information, and we do not use your prompts or images to train AI models.

1. Who we are

Studio Tools (“Studio Tools”, “we”, “us”) is the operator of the Studio Render desktop application and the studiotools.app website. For purposes of EU and UK data-protection law, our controller of record is [Studio Tools, Inc., Street, City, State / Postal Code, Country]. You can contact our privacy team at privacy@studiotools.app.

2. Scope of this policy

This policy describes how we handle personal information collected through the Service. It does not apply to third-party sites or services we link to or that integrate with the Service (for example, payment processors), which have their own policies.

3. Information we collect

3.1 Information you provide directly

  • Account data: email address, optional display name, and the license key we issue.
  • Payment data: handled by our payment processor (Stripe, Inc.). We do not store full card numbers. We receive limited information from the processor, including last four digits, card brand, country, and billing postal code.
  • Render Inputs: the prompts, negative prompts, source images, sketches, settings, and seeds you submit at render time.
  • Support & communications: the contents of any email, support request, or feedback you send us.

3.2 Information we collect automatically

  • Service usage: render requests, credit deductions, license validation, error events, and timestamps.
  • Device & technical data: IP address (for security and rate-limiting), operating system, app version, language, and crash diagnostics.
  • Website data: standard server logs (URL, referrer, user agent, IP address) for the marketing site.

3.3 Information from third parties

  • Payment processor: confirmation of successful charge, dispute notifications, refund status.
  • Fraud-prevention services: risk signals associated with your transaction.

4. How we use information

We use personal information to:

  • provide, maintain, and improve the Service, including running renders and managing Credits;
  • authenticate your license and prevent unauthorised use;
  • process payments and issue receipts;
  • respond to support requests and communicate service notices;
  • monitor and investigate fraud, abuse, and security incidents;
  • analyse aggregated, de-identified usage to improve the Service (we do not use your Inputs or Outputs to train third-party foundation models);
  • comply with legal obligations and enforce our Terms.

We send transactional emails (e.g. receipts, password resets, service notices) as part of operating the Service. We will only send marketing emails if you opt in, and you can unsubscribe at any time.

5. Legal bases for processing (GDPR / UK GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following lawful bases:

  • Contract (Art. 6(1)(b)): to provide the Service and to take steps at your request before entering into a contract.
  • Legitimate interests (Art. 6(1)(f)): to keep the Service safe, prevent fraud, debug, and improve features. We balance these interests against your rights.
  • Legal obligation (Art. 6(1)(c)): to retain billing records and respond to lawful requests.
  • Consent (Art. 6(1)(a)): for marketing communications where required and for optional cookies. You may withdraw consent at any time.

6. Sharing and disclosure

We share personal information with the following categories of recipients, under written contracts that require appropriate confidentiality and security:

  • Payment processor: Stripe, Inc., for processing payments and managing subscriptions or one-time purchases.
  • AI model provider: Stability AI (or a successor or alternative provider we may select), to which we transmit your Inputs for the purpose of generating Outputs. We do not authorise these providers to use your Inputs to train their models, to the extent we can contractually limit such use.
  • Cloud and infrastructure providers: for hosting, storage, logging, and security.
  • Email and analytics providers: for sending transactional and (where opted in) marketing email, and for measuring site traffic in an aggregated, privacy-respecting way.
  • Professional advisors: accountants, auditors, and lawyers, bound by confidentiality.
  • Legal, safety, and successors: we may disclose information to comply with applicable law, valid legal process, or government requests; to enforce our Terms; to protect the rights, property, or safety of Studio Tools, our users, or others; or in connection with a corporate transaction (merger, acquisition, financing, or sale of assets).

We do not sell personal information, and we do not “share” it for cross-context behavioural advertising as those terms are defined in the California Consumer Privacy Act.

7. International transfers

We are based in [the United States], and our service providers may be located in countries other than your own. Where we transfer personal information from the EEA, the UK, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses or the UK International Data Transfer Addendum.

8. Retention

We retain personal information for as long as needed to provide the Service and fulfil the purposes described in this policy. Typical retention periods:

  • Account data: while your account is active and for up to 30 days after deletion (for backup and abuse prevention).
  • Billing records: for the period required by tax and accounting law (typically 6–10 years).
  • Render Inputs and Outputs: Inputs are processed transiently for the render and may be retained for a short period (up to 30 days) for safety review and abuse investigation; Outputs are stored in your local project database on your device unless you upload them to us.
  • Server logs: typically 90 days, longer where required for security investigation.

9. Your rights (EEA, UK, Switzerland)

Depending on your location, you may have the right to:

  • access the personal information we hold about you;
  • have inaccurate information corrected;
  • have personal information erased in certain circumstances;
  • restrict or object to certain processing;
  • obtain a portable copy of your information;
  • withdraw consent where processing is based on consent; and
  • lodge a complaint with your local supervisory authority.

To exercise any of these rights, email privacy@studiotools.app from the address associated with your account. We will respond within the time required by law.

10. U.S. state privacy rights

If you reside in California, Colorado, Connecticut, Virginia, Utah, or other states with comprehensive consumer-privacy laws, you may have the right to:

  • know what categories of personal information we have collected about you and the purposes;
  • request a copy of specific pieces of personal information;
  • request deletion of personal information, subject to exceptions;
  • correct inaccurate personal information;
  • opt out of the sale or sharing of personal information (we do not engage in such activity);
  • limit the use of sensitive personal information (we do not knowingly process sensitive personal information beyond what is necessary to provide the Service); and
  • be free from retaliation for exercising your rights.

To exercise a request, email privacy@studiotools.app. We will verify your identity by matching the request to an account on file. You may designate an authorised agent to make a request on your behalf.

11. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information, including encryption in transit, access controls, OS-keychain storage of license keys on the client, and regular security review. No system is perfectly secure; you use the Service at your own risk.

12. Cookies and similar technologies

Our marketing website uses a small number of strictly necessary cookies and, if you opt in, a privacy-respecting analytics tool that records aggregated traffic data without setting cross-site tracking cookies. The Studio Render desktop application does not use cookies; it stores limited preferences locally on your device.

13. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

14. Do Not Track

Because no common standard for “Do Not Track” signals has been adopted, our website does not respond to them. We honour Global Privacy Control signals where required by law.

15. Changes to this policy

We will post the updated policy on this page and update the “Last updated” date. If changes are material, we will provide additional notice (for example by email or in-app notification).

16. Contact

For privacy questions, requests, or complaints:
Email: privacy@studiotools.app
Postal: [Studio Tools, Inc., Attn: Privacy, Street, City, State / Postal Code, Country]

EU/UK representative (if applicable): [Name, address, email].