We collect what you give us (email, prompts, generated content). We use it to run the service, improve our AI, and comply with the law. We don't sell your data. You can request a copy of your data, delete your account, or opt out of AI training at any time.
| Category | Examples | Purpose |
|---|---|---|
| Account Data | Email, name, password hash | Authentication, communication |
| Generation Data | Prompts, AI outputs, model used | Service delivery, self-learning |
| Usage Data | IP address, browser, timestamps | Security, analytics, billing |
| Payment Data | Processed by Stripe (not stored by Skylina) | Payment processing |
| Cookie Data | Analytics, functional, marketing preferences | Site functionality, consent compliance |
We use your data to: (a) deliver the AI generation service; (b) maintain account security; (c) process payments via Stripe; (d) improve our AI models and platform (unless you opt out); (e) comply with legal obligations; (f) respond to support requests.
We do not sell your personal data. We share data only with: (a) service providers (Stripe for payments, Anthropic for AI models, cloud hosting); (b) law enforcement when legally required; (c) third parties with your explicit consent. See our Sub-processors List for full details.
We retain your data as long as your account is active. Upon account deletion, data enters a 30-day grace period during which you can cancel the deletion. After the grace period, data is permanently deleted within 30 days. Legal compliance data (consent logs, DMCA records) is retained for 7 years per legal requirements.
Depending on your jurisdiction, you may have:
Submit requests via email to privacy@skylinaai.com. We respond within 30 days.
We use industry-standard encryption (TLS 1.2+), secure password hashing (bcrypt), and access controls. No system is 100% secure — if a breach occurs that affects your data, we will notify you within 72 hours per GDPR requirements.
Your data is primarily stored in the United States. For EU users, data transfers are covered by Standard Contractual Clauses (SCCs) and adequacy decisions. See our Sub-processors List for enterprise customers.
See our Cookie Policy for full details on what cookies we use and how to control them.
Skylina collects analytics data to understand how users interact with the platform and to improve our services. This includes:
| Data Type | Example | Used For |
|---|---|---|
| User-facing analytics | Pages visited, features used, generation counts by format | Product improvement, onboarding optimization |
| Admin dashboards | Aggregate usage, error rates, feature adoption, retention cohorts | Business decision-making, infrastructure planning |
| Quality metrics | Quality scores, latency, model success rates | Model selection, SLA monitoring |
| Funnel data | Signup completion, first generation step, upgrade triggers | Conversion optimization |
Analytics data is collected via server-side instrumentation and client-side events. Aggregated data (non-individual) may be shared with third-party analytics providers. We do not combine analytics data with advertising profiles. User-level analytics linked to your account is retained for 90 days; aggregate reports are retained indefinitely.
You may disable non-essential analytics cookies via the Cookie Settings link in the footer. Disabling may affect our ability to detect bugs and measure product health.
Skylina sends email notifications triggered by specific events. Notification types include:
| Notification Type | Trigger | Can Opt Out? |
|---|---|---|
| Generation completed | Your generation finishes | Yes — per type |
| Credit low / depleted | Credit balance below threshold | Yes — per type |
| New follower | User follows you | Yes — per type |
| Community engagement | Like or comment on your post | Yes — per type |
| Team invite | Workspace invitation received | No — required for participation |
| NFT mint completed | Minting transaction confirms | Yes — per type |
| Weekly digest | Weekly summary of your activity | Yes — per type |
| Webhook delivery failure | Webhook POST fails after retries | No — operational notification |
| Security notices | Password change, new login, 2FA changes | No — required for account security |
Transactional emails (security notices, billing receipts, account verification) cannot be opted out as they are necessary for account operation. You may manage notification preferences at any time in Account Settings. Opting out of marketing emails does not affect transactional notifications.
Skylina tracks follow/subscription relationships between users for the activity feed and community features. Data tracked includes: who follows whom, when follows were created, and which users are followed. This data is used to power the activity feed, follower counts, and "following" lists displayed on profiles.
Follow relationships may be visible to: (a) the person being followed (follower list); (b) the follower themselves (following list); (c) other users browsing public profiles (follower/following counts and public profiles only). Private accounts may restrict profile visibility but follower counts remain visible.
When you follow or unfollow a user, the action is logged and reflected immediately across the platform. Follow data is retained for the duration of your account and deleted within 30 days of account deletion.
Skylina logs search queries to: (a) return relevant results; (b) detect and block abuse of the search feature; (c) improve search ranking. Logged data includes the query text, timestamp, your user ID (if logged in), and result selection (if you clicked a result).
Search query logs are retained for 30 days for abuse detection. Logs are not shared with third parties. Aggregate search trend data (which terms are searched most frequently) may be used for product planning and shared internally.
When you configure webhook endpoints, Skylina logs each delivery attempt to provide debugging visibility. Logged data includes: endpoint URL (hashed in long-term storage), HTTP response code, response body (truncated to 512 bytes), response time, attempt number, and delivery status.
Webhook delivery logs are retained for 90 days. Logs are accessible only to the webhook owner via their account. After 90 days, logs are deleted and are not recoverable. Skylina may retain anonymized aggregate webhook metrics (delivery success rates, average latency) indefinitely for platform reliability monitoring.
Skylina does not knowingly collect data from users under 13. Accounts identified as under 13 cannot complete registration. For users aged 13-17, parental consent may be required depending on jurisdiction. See our AI Safety Policy for content restrictions on minor accounts.
We will notify you of material changes via email and the in-app notification system. The "Last updated" date reflects the effective date of the current version.
Privacy questions: privacy@skylinaai.com