← ailoft.app

Privacy Policy

Last updated: June 2026

1. Controller

The controller is DEBRUSK s.r.o., IČO 09999973, DIČ CZ09999973, Marešova 643/6, Černý Most, 198 00 Praha 9, Czech Republic. Contact: privacy@ailoft.app.

2. What data we process

  • Account data: e-mail, name, locale, login and session data.
  • AI Studio data: prompts, uploaded reference files, generated outputs, credit transactions and video job status.
  • Catalog and Creator data: submitted product descriptions, uploaded review files, public provider links and lead form messages.
  • Technical data: IP address, user agent, logs, security and audit events.
  • Payment records: Paddle order/customer identifiers, billing e-mail/name, amount, currency, tax/accounting status and fulfillment events needed to deliver credits or access.

3. Purposes and legal basis

  • Providing the service and account features — contract performance.
  • Security, abuse prevention, moderation and diagnostics — legitimate interest.
  • Accounting and tax obligations — legal obligation.
  • Marketing or optional analytics — consent where required.

4. AI and third-party providers

AI generation may be processed by selected AI providers. Do not upload confidential or sensitive data unless you are allowed to do so. Payment processing is handled by Paddle as merchant of record; AILoft does not store full card numbers.

5. Retention

Account data is kept while your account is active and for a reasonable legal limitation period after deletion. Accounting/payment records are kept according to Czech legal obligations. Logs and temporary uploaded files are kept only as long as needed for security, review or service delivery.

6. Your rights

You can request access, correction, deletion, portability, restriction or objection. You may also lodge a complaint with a data protection authority. Contact: privacy@ailoft.app.

7. Cookies and local storage

We use only the storage needed to run AILoft and optional features you enable:

  • NEXT_LOCALE — keeps your selected language.
  • Authentication/session cookies keep you signed in and protect the e-mail login flow.
  • cookie_consent / cookie_consent_detail — remembers your cookie preference where the banner is shown.
  • Browser localStorage may be used by standalone agents and sandbox previews to remember local UI settings, language, sandbox provider settings or user-entered provider keys.

Optional analytics or marketing cookies are used only if enabled.