StudioTools
Download Buy license
← Back to home
Legal

Privacy Policy

Last updated: 8 June 2026 Version 1.1
We collect the minimum information needed to run Studio Render, bill you, and keep the Service safe. We do not sell your personal information, and we do not use your prompts or images to train AI models.

1. Who we are

Studio Tools (“Studio Tools”, “we”, “us”) is the operator of the Studio Render desktop application and the studiotools.design website. For purposes of EU and UK data-protection law, our controller of record is Studio Tools Inc., 418 Broadway, Ste Y, Albany, NY 12207, USA. You can contact our privacy team at privacy@studiotools.design.

2. Scope of this policy

This policy describes how we handle personal information collected through the Service. It does not apply to third-party sites or services we link to or that integrate with the Service (for example, payment processors), which have their own policies.

3. Information we collect

3.1 Information you provide directly

  • Account data: email address, optional display name, and the license key we issue.
  • Payment data: handled by our payment processor (Stripe, Inc.). We do not store full card numbers. We receive limited information from the processor, including last four digits, card brand, country, and billing postal code.
  • Render Inputs: the prompts, negative prompts, source images, sketches, settings, and seeds you submit at render time.
  • Support & communications: the contents of any email, support request, or feedback you send us.

3.2 Information we collect automatically

  • Service usage: render requests, credit deductions, license validation, error events, and timestamps.
  • Device & technical data: IP address (for security and rate-limiting), operating system, app version, language, and crash diagnostics.
  • Website data: standard server logs (URL, referrer, user agent, IP address) for the marketing site.

3.3 Information from third parties

  • Payment processor: confirmation of successful charge, dispute notifications, refund status.
  • Fraud-prevention services: risk signals associated with your transaction.

4. How we use information

We use personal information to:

  • provide, maintain, and improve the Service, including running renders and managing Credits;
  • authenticate your license and prevent unauthorised use;
  • process payments and issue receipts;
  • respond to support requests and communicate service notices;
  • monitor and investigate fraud, abuse, and security incidents;
  • analyse aggregated, de-identified usage to improve the Service (we do not use your Inputs or Outputs to train third-party foundation models);
  • comply with legal obligations and enforce our Terms.

We send transactional emails (e.g. receipts, password resets, service notices) as part of operating the Service. We will only send marketing emails if you opt in, and you can unsubscribe at any time.

5. Legal bases for processing (GDPR / UK GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following lawful bases:

  • Contract (Art. 6(1)(b)): to provide the Service and to take steps at your request before entering into a contract.
  • Legitimate interests (Art. 6(1)(f)): to keep the Service safe, prevent fraud, debug, and improve features. We balance these interests against your rights.
  • Legal obligation (Art. 6(1)(c)): to retain billing records and respond to lawful requests.
  • Consent (Art. 6(1)(a)): for marketing communications where required and for optional cookies. You may withdraw consent at any time.

6. Sharing and disclosure

We share personal information with the following categories of recipients, under written contracts that require appropriate confidentiality and security:

  • Payment processor: Stripe, Inc., for processing payments and managing subscriptions or one-time purchases.
  • AI model provider: Stability AI (or a successor or alternative provider we may select), to which we transmit your Inputs for the purpose of generating Outputs. We do not authorise these providers to use your Inputs to train their models, to the extent we can contractually limit such use.
  • Cloud and infrastructure providers: for hosting, storage, logging, and security.
  • Email and analytics providers: for sending transactional and (where opted in) marketing email, and for measuring site traffic in an aggregated, privacy-respecting way.
  • Advertising partner: Meta Platforms, Inc., through the Meta Pixel on our marketing website and only where you have consented, to measure and optimise our advertising. You can decline or withdraw this at any time (see “Cookies and similar technologies” below).
  • Professional advisors: accountants, auditors, and lawyers, bound by confidentiality.
  • Legal, safety, and successors: we may disclose information to comply with applicable law, valid legal process, or government requests; to enforce our Terms; to protect the rights, property, or safety of Studio Tools, our users, or others; or in connection with a corporate transaction (merger, acquisition, financing, or sale of assets).

We do not sell personal information. If you consent to advertising cookies through our cookie banner, we “share” limited online identifiers and activity with Meta for cross-context behavioural advertising (as those terms are defined in the California Consumer Privacy Act) so that we can measure and improve our ads. You can opt out at any time — and prevent this sharing entirely — by declining advertising cookies in the banner, using the “Cookie preferences” link in our website footer, or sending a Global Privacy Control signal. If you do not opt in, we do not share your information for cross-context behavioural advertising.

7. International transfers

We are based in the United States, and our service providers may be located in countries other than your own. Where we transfer personal information from the EEA, the UK, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses or the UK International Data Transfer Addendum.

8. Retention

We retain personal information for as long as needed to provide the Service and fulfil the purposes described in this policy. Typical retention periods:

  • Account data: while your account is active and for up to 30 days after deletion (for backup and abuse prevention).
  • Billing records: for the period required by tax and accounting law (typically 6–10 years).
  • Render Inputs and Outputs: Inputs are processed transiently for the render and may be retained for a short period (up to 30 days) for safety review and abuse investigation; Outputs are stored in your local project database on your device unless you upload them to us.
  • Server logs: typically 90 days, longer where required for security investigation.

9. Your rights (EEA, UK, Switzerland)

Depending on your location, you may have the right to:

  • access the personal information we hold about you;
  • have inaccurate information corrected;
  • have personal information erased in certain circumstances;
  • restrict or object to certain processing;
  • obtain a portable copy of your information;
  • withdraw consent where processing is based on consent; and
  • lodge a complaint with your local supervisory authority.

To exercise any of these rights, email privacy@studiotools.design from the address associated with your account. We will respond within the time required by law.

10. U.S. state privacy rights

If you reside in California, Colorado, Connecticut, Virginia, Utah, or other states with comprehensive consumer-privacy laws, you may have the right to:

  • know what categories of personal information we have collected about you and the purposes;
  • request a copy of specific pieces of personal information;
  • request deletion of personal information, subject to exceptions;
  • correct inaccurate personal information;
  • opt out of the sale or sharing of personal information (we do not engage in such activity);
  • limit the use of sensitive personal information (we do not knowingly process sensitive personal information beyond what is necessary to provide the Service); and
  • be free from retaliation for exercising your rights.

To exercise a request, email privacy@studiotools.design. We will verify your identity by matching the request to an account on file. You may designate an authorised agent to make a request on your behalf.

You can also delete your account and all associated data yourself at any time. Email privacy@studiotools.design from the address associated with your account and we will erase you within 72 hours, or make an authenticated request to DELETE /me?confirm=delete on our API directly. If you have an active subscription, cancel it via the Customer Portal first. If you own a Firm team with other members, transfer ownership or remove members before deleting. Deletions are immediate and permanent.

11. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information, including encryption in transit, access controls, OS-keychain storage of license keys on the client, and regular security review. No system is perfectly secure; you use the Service at your own risk.

12. Cookies and similar technologies

Our marketing website uses a small number of strictly necessary cookies that are always active. With your consent — given through the cookie banner shown on your first visit — we also load the Meta (Facebook) Pixel, which sets cookies (such as _fbp) and shares limited information about your visit and actions (for example, that you downloaded the app) with Meta Platforms, Inc. We use this only to measure and improve our advertising. The Pixel does not load, and these cookies are not set, unless you select “Accept.” You can change or withdraw your choice at any time using the “Cookie preferences” link in the footer of any page, and we honour Global Privacy Control signals as an opt-out. Declining leaves only the strictly necessary cookies in place. The Studio Render desktop application does not use cookies; it stores limited preferences locally on your device.

13. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

14. Do Not Track

Because no common standard for “Do Not Track” signals has been adopted, our website does not respond to them. We honour Global Privacy Control signals where required by law.

15. Changes to this policy

We will post the updated policy on this page and update the “Last updated” date. If changes are material, we will provide additional notice (for example by email or in-app notification).

16. Contact

For privacy questions, requests, or complaints:
Email: privacy@studiotools.design
Postal: Studio Tools Inc., Attn: Privacy, 418 Broadway, Ste Y, Albany, NY 12207, USA

EU/UK Article 27 representative: not currently designated. Studio Tools' processing of personal data of EU/UK data subjects is currently occasional and small-scale (we accept payments and serve renders to EU/UK customers without targeting them, and do not process special categories of data), which we believe brings us within the Article 27(2) exemption. If our EU/UK volume grows past the occasional threshold, we will designate a representative and update this notice. EU/UK data subjects may, in the interim, contact our Data Protection contact at privacy@studiotools.design.