Privacy Policy

Last Updated: 30.05.2025

We are committed to protecting your privacy and being transparent about how we handle your data.

Jenssen Teknodugnad ENK ("we," "us," or "our") operates the Mascot Generator website and services (collectively, the "Service"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

We may collect the following types of personal information:

Information You Provide Directly

  • Account Information: When you register for an account, we (via our authentication provider, Clerk) collect information such as your email address. We store your Clerk User ID and email address in our database to associate your generated content with your account and for communication purposes.
  • User-Generated Content: We collect and store the prompts you submit to the Service to generate mascots ("User Prompts").
  • Communications: If you contact us directly (e.g., for support or inquiries), we may receive additional information about you such as your name, email address, the contents of your message, and any other information you may choose to provide.

Information Collected Automatically

  • Usage Data: We may collect information about your interactions with the Service. This may include your IP address, browser type, operating system, device information, pages visited, features used, dates and times of access, and other diagnostic data. We use PostHog for product analytics, which is configured for GDPR compliance.
  • Cookies and Similar Tracking Technologies: We use cookies and similar tracking technologies to track activity on our Service and hold certain information. You can instruct your browser to refuse all cookies, though this may limit some functionality.

Information from Third Parties

  • Authentication Services: We use Clerk for user authentication. When you create an account or log in using Clerk, we receive your Clerk User ID and email address. Clerk manages your password and other authentication credentials securely.
  • Payment Processors: We use Stripe for payment processing when you purchase credits. We do not store your full credit card details, but we may store transaction IDs and necessary billing information provided by Stripe.

2. How We Use Your Information

We use the information we collect for various purposes, including:

To provide, operate, and maintain our Service
To process your transactions and manage your purchases of credits
To manage your account and provide customer support
To communicate with you about the Service and policy changes
To monitor and analyze usage to improve the Service
To display your generation history within your account
To personalize your experience
To ensure security and prevent fraud
To enforce our Terms of Service
To comply with legal obligations

3. Legal Basis for Processing Personal Information (EEA/UK Users)

If you are from the European Economic Area (EEA) or the United Kingdom (UK), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal information we collect and the specific context in which we collect it. We may process your personal information because:

Contract Performance

We need to perform a contract with you (e.g., to provide the Service).

Consent

You have given us consent to do so (e.g., for certain types of cookies).

Legitimate Interests

The processing is in our legitimate interests (e.g., to improve our Service, for security purposes).

Legal Compliance

To comply with the law.

4. Sharing Your Information

We do not sell your personal information. We may share your personal information with third-party service providers in the following circumstances:

🔐 Authentication Provider

With Clerk, to facilitate account creation and login. Clerk's use of your data is governed by their privacy policy.

💳 Payment Processor

With Stripe, to process payments for credits. Stripe's use of your payment information is governed by their privacy policy.

🤖 AI Model Providers

User Prompts are sent to OpenAI (provider of the GPT-image-1 model) to generate mascots. We endeavor to only send the necessary prompt information.

📊 Analytics Providers

With PostHog, for product analytics to help us understand and improve the Service. PostHog is configured for GDPR compliance.

☁️ Cloud Hosting Providers

We use Convex as our backend and database provider. Your Clerk User ID, email, and User Prompts are stored with Convex.

5. Data Security

We take reasonable measures to help protect your personal information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. However, no electronic transmission or storage of information is completely secure, so we cannot guarantee absolute security.

6. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, or as required by law.

Active Accounts

Account information and User Prompts are retained as long as your account is active to provide you with the Service and generation history.

Inactive Accounts

We will automatically delete user data for accounts that have been inactive for five (5) years.

Account Deletion

If you delete your account, we will take steps to delete all your personal information from our active databases.

Usage Data

Anonymized or aggregated usage data may be kept for longer periods for analytical purposes.

7. Your Data Protection Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information:

👁️
The right to access:

You have the right to request copies of your personal information.

✏️
The right to rectification:

You have the right to request that we correct any information you believe is inaccurate.

🗑️
The right to erasure:

You have the right to request that we erase your personal information, under certain conditions.

⏸️
The right to restrict processing:

You have the right to request that we restrict the processing of your personal information.

🚫
The right to object:

You have the right to object to our processing of your personal information, under certain conditions.

📦
The right to data portability:

You have the right to request that we transfer your data to another organization or directly to you.

↩️
The right to withdraw consent:

If we are processing your personal information based on your consent, you have the right to withdraw your consent at any time.

To exercise any of these rights, please contact us at martinkontakter@gmail.com. We will respond to your request in accordance with applicable law.

8. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. Our service providers (e.g., Clerk, Stripe, OpenAI, PostHog, Convex) may be based in countries outside of Norway/EEA, including the United States.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and that appropriate safeguards are in place before transferring your personal data outside of Norway/EEA, such as by relying on Standard Contractual Clauses or adequacy decisions where applicable.

9. Cookies and Tracking Technologies

As mentioned in Section 1, we use cookies and similar technologies. We use these for essential functionality, to remember your preferences, and for analytics via PostHog. You can typically manage your cookie preferences through your browser settings.

10. Children's Privacy

Our Service is not specifically directed to children under the age of 13 (or a higher age threshold as required by applicable law in your jurisdiction). We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and by sending an email to the address associated with your account. We will update the "Last Updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: martinkontakter@gmail.com

Jenssen Teknodugnad ENK
Valheimveien 25
4020, Stavanger, Norway