Privacy Policy

1. Introduction

Yontari (“we”, “us”, “our”) operates the AI 3D model generation service at yontari.ai and yontari.com. This Privacy Policy explains what personal data we collect, how we use it, how long we keep it, and what rights you have under applicable data protection law, including the EU General Data Protection Regulation (GDPR).

2. Data We Collect

2.1 Account data

When you create an account, we collect your email address, display name (optional), and a hashed version of your password. Your password is hashed with bcrypt before storage; the plaintext is never stored or logged.

2.2 Input images

To generate a 3D model, you upload one or more images. These images are stored temporarily in our Cloudflare R2 object storage and passed to our AI pipeline (Rodin Gen 2). Input images are retained for a maximum of 30 days, then permanently deleted.

2.3 Generated outputs

The 3D model files produced by the service (GLB, OBJ, FBX, USDZ, and PBR texture maps) are stored in Cloudflare R2. Output files are associated with your account and are accessible only to you. You may delete a generation at any time; deleted generations are removed from our systems within 30 days.

2.4 Credit ledger

We maintain an append-only record of credit transactions (purchases, debits for generations, refunds). This record is kept for billing, dispute resolution, and auditing purposes.

2.5 Analytics (optional, after consent)

If you accept analytics cookies, we use PostHog to collect anonymised usage data (page views, feature interactions). Analytics are administered via a separate admin-only API key; no identifiable user input data (images, prompts) is sent to PostHog. You may withdraw consent at any time by clearing the cookie consent setting in your browser's local storage for this site.

3. How We Use Your Data

• Service delivery: to process generation requests, store your models, and serve download links.
• Billing: to track credit balances, process subscriptions via Stripe, and issue refunds.
• Security and abuse prevention: to detect fraud, rate-limit requests, and enforce our Terms of Service.
• Service improvement: aggregated analytics (with consent) help us understand how the service is used and where to invest engineering effort.
• Legal compliance: to satisfy applicable legal obligations, including GDPR data-subject rights requests and tax record-keeping.

4. Data Retention

When you delete your account, all owned generations, input images, and output files are queued for deletion within 24 hours. Credit ledger entries are anonymised but retained for billing compliance.

5. Your Rights

Under GDPR (if you are located in the EEA or UK) and applicable privacy laws, you have the following rights:

• Right of access: you may download a copy of all data we hold about you via your account profile page (data export). The export includes your account details, all generation job records, and your credit ledger history.
• Right to deletion: you may permanently delete your account from your profile page. All personal data (including generations and input images) is deleted within 24 hours.
• Right to correction: you may update your display name and email address from the profile page at any time.
• Right to data portability: the data export download (JSON format) is machine-readable and may be used to port your generation history to another service.
• Right to object / withdraw consent: you may withdraw analytics consent at any time by clearing the consent state in local storage.

6. Third-Party Services

We use the following third-party processors to deliver the service:

• Cloudflare — CDN, Workers (serverless compute), R2 (object storage), D1 (database). Data is processed within Cloudflare's infrastructure.
• FAL / Rodin Gen 2 — AI 3D model generation pipeline. Input images and text prompts are transmitted to the Rodin API to produce the 3D output.
• Stripe — Payment processing for subscription and credit purchases. Stripe stores payment card details; Yontari does not handle raw card data.
• PostHog — Product analytics (admin-only, requires explicit consent). No user input data is shared.

7. Security

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, HMAC-signed webhook payloads, and short-lived presigned URLs for file access. We do not store plaintext passwords or payment card details.

8. Contact

For privacy-related questions or data-subject rights requests, contact us at [email protected]. We aim to respond to all requests within 30 days.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be notified via email or a prominent in-app notice. Continued use of the service after a policy change constitutes acceptance of the updated terms.