Privacy Policy

We collect the following types of information:

• Account information: Email address and hashed password when you create an account.
• API usage data: Request timestamps, response status codes, rendering parameters, and monthly usage counts.
• Generated images: HTML templates you submit and the resulting rendered images are temporarily stored.
• Technical data: IP addresses, user agent strings, and request metadata for security and rate-limiting.

We use your information to:

• Provide, maintain, and improve the Service
• Authenticate requests and enforce rate limits and usage quotas
• Process payments and manage your subscription
• Send transactional emails (account verification, password resets, usage alerts)
• Monitor for abuse, fraud, and security threats
• Generate aggregated, anonymized analytics to improve reliability

We use the following third-party providers:

• Neon — PostgreSQL database hosting
• Stripe — Payment processing (we do not store your full card details)
• Sentry — Error tracking and performance monitoring
• Cloudflare R2 — Object storage for generated images
• Resend — Transactional email delivery
• Upstash — Redis-based rate limiting and caching

We retain your data according to the following schedule:

• Account data: Retained while your account is active, deleted within 30 days of closure.
• Generated images: Deleted after 7 days (Free) or 30 days (Pro). Enterprise by contract.
• Usage logs: Aggregated monthly data retained for billing. Detailed logs purged after 90 days.

We implement industry-standard security measures. API keys are stored as SHA-256 hashes and never displayed after creation. All data is transmitted over TLS. Passwords are hashed using bcrypt. We enforce SSRF protections to prevent the rendering engine from accessing internal network resources.

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Deletion: Request deletion of your account and all associated data.
• Portability: Request an export of your data in a machine-readable format.
• Correction: Request correction of inaccurate personal data.
• Objection: Object to certain processing of your personal data.

To exercise any of these rights, contact us at support@rendshot.ai. We will respond within 30 days.

The Service uses essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page. Your continued use of the Service after changes constitutes acceptance of the revised policy.