Article 1 — Information We Collect
RealSnap Inc. (USA) and RealDrop Inc. (Korea) (“we,” “us,” or “our”) collect the following information to provide secure B2B fashion AI services:
- Contact & Payment Data: Name, company, email, billing address, and payment information.
- Third-Party Login Services (SSO): If you use third-party services (such as Google) to log into the Service, our use and disclosure of information received from Google's APIs will strictly adhere to the Google API Services User Data Policy, including the Limited Use requirements.
- Input, Query, and Prompt Data: Commands, descriptive text prompts, spec sheets, reference media, and any other content uploaded by the Subscriber.
- Automatically Collected Data & Metadata: Log data, IP addresses, device info, and metadata detailing how content was generated or formatted.
- No Biometric Data: We do not extract, collect, or process sensitive biometric identifiers from uploaded images. Subscribers must not provide any non-consensual biometric or sensitive information through the Service.
Article 2 — Data Controllers and Processor Role
We operate globally through our US and Korean entities.
- Data Controllers: Depending on your residence and payment method, the Data Controller varies. RealSnap Inc. (USA) acts as the Data Controller for Global Users (Stripe Payments), and RealDrop Inc. (Korea) acts as the Data Controller for Korean Enterprise Users (KRW/Invoice Payments).
- Data Processor Role: This Privacy Policy describes our privacy practices for purposes determined by us and does not apply to our processing of photos, designs, or other content our customers upload to the Platform. We process such data solely on behalf of our customers and under their instructions; in such instances, we act strictly as a “data processor” and the customer remains the “data controller.”
Article 3 — How We Use Information & Strict AI Training Opt-Out
We process your information strictly to operate the Service and maintain system integrity.
- Service Delivery: To operate Agent Modes, deploy custom models, and provide customer support.
- Strict Exclusion of AI Retraining: Unlike general AI platforms, we strictly prohibit the use of your confidential Input Data (including text prompts) and generated Outputs to train, retrain, or improve our general foundation AI models.
Article 4 — Data Retention and Destruction Timeline
- 90-Day Purge Rule: If you choose to cancel or close your account, your content will become immediately inaccessible and will be purged in full from our active servers and backup databases within 90 days.
- Immediate Destruction of Custom Models: Custom AI models trained on a Subscriber's unique brand data are treated as Confidential Information and will be permanently destroyed upon expiration or termination of the subscription.
Article 5 — Notice to European and Global Users (GDPR & CCPA)
If you are located in the European Economic Area (EEA), the United Kingdom (UK), California, or other regulated regions, you have specific rights under applicable data protection laws.
- Legal Bases for Processing: We process your data based on (i) Contractual Necessity to provide the Service, (ii) our Legitimate Interests, (iii) Compliance with Law, and (iv) your specific Consent.
- Your Rights: You have the right to request access to, rectification, deletion (right to be forgotten), restriction of processing, and data portability of your personal data. You may also object to processing or withdraw your consent at any time.
- Right to Complain: Users in the EEA and UK have the right to lodge a complaint with the data protection regulator in their habitual place of residence.
Article 6 — International Data Transfers & Sub-processors
We are a U.S.-based company with operations in South Korea. Your personal information may be transferred to and processed in the United States, South Korea, and other countries via trusted cloud providers. When transferring personal data from the EEA or the UK to countries without an adequacy decision, we implement appropriate safeguards, such as the Standard Contractual Clauses (SCCs) approved by the European Commission, to ensure your data remains protected.
Article 7 — Children and Minors
The Service is a professional B2B solution and is not intended for use by anyone under 18 years of age. If we learn that we have collected personal information from a child under 18 without parental consent, we will immediately delete the information and terminate the account.
Article 8 — Do Not Track & Contact Information
We currently do not respond to “Do Not Track” signals from web browsers. If you have any questions, concerns, or requests regarding your privacy, or wish to exercise your rights, please contact us at: