1. Who we are

GraphX ("GraphX", "we", "us", or "our") provides image workflow tools for creators preparing print-ready artwork. This Privacy Policy applies to the GraphX website, applications, and related services (the "Service").

2. Information we collect

• Account information. Email address, password (hashed by our authentication provider), display name, and authentication identifiers (for example Google sign-in IDs).
• Billing information. Plan, subscription status, and limited payment metadata returned by our payment processor. Card numbers are handled by the processor and not stored on our servers.
• Content you upload. Images and parameters you submit for processing, and outputs generated for you.
• Usage and device data. Log data such as IP address, browser type, device information, pages and features used, timestamps, and crash or error diagnostics.
• Cookies and similar technologies. Used for authentication, security, preferences, and analytics. You can control cookies through your browser settings.
• Communications. Messages you send us, including support requests and feedback.

3. How we use information

• Operate, maintain, secure, and improve the Service.
• Authenticate you, manage your account, process payments, and provide customer support.
• Send transactional messages such as receipts, security alerts, and important Service notices.
• Send marketing emails about features, tips, promotions, and announcements (see Section 5).
• Detect, prevent, and respond to abuse, fraud, and security incidents.
• Comply with legal obligations and enforce our Terms.

4. Legal bases for processing

Where the GDPR or similar laws apply, we rely on the following legal bases: performance of a contract (to provide the Service), our legitimate interests (to operate, secure, and improve the Service and to send marketing to existing customers), your consent (where required, including certain marketing communications), and compliance with legal obligations.

5. Marketing emails

By creating a GraphX account or providing your email address through our forms, you agree that we may send you marketing emails. These may include newsletters, product updates, feature announcements, promotions, tips, surveys, and offers from GraphX.

• Every marketing email includes an unsubscribe link. One click is enough to opt out.
• You can also opt out by emailing support@graphx.app.
• Opting out of marketing does not stop transactional emails (receipts, security alerts, and other Service-required messages), which are necessary to operate your account.
• Where laws require explicit consent before sending marketing, we will request and rely on that consent and you can withdraw it at any time.

6. How we share information

We do not sell your personal information. We share information only in these cases:

• Service providers. Vendors who process data on our behalf under contractual obligations, such as authentication, cloud hosting, storage, payment processing, email delivery, customer support, and analytics.
• Legal and safety. When required by law, legal process, or to protect the rights, property, or safety of GraphX, our users, or the public.
• Business transfers. In connection with a merger, acquisition, financing, or sale of assets, with appropriate confidentiality protections.
• With your direction. When you explicitly ask us to share your information.

7. Data retention

We retain account information for as long as your account is active and as needed to provide the Service. We retain logs, billing records, and other operational data for as long as required for legitimate business, security, or legal purposes. Uploaded content and processing artifacts may be removed automatically based on Service settings or upon account deletion, except where retention is required by law.

8. Security

We use technical and organizational measures designed to protect your information, including encryption in transit, access controls, and authentication safeguards. No system is completely secure, and we cannot guarantee absolute security. Please use a strong, unique password and notify us promptly of any suspected unauthorized access.

9. International transfers

Your information may be processed in countries other than where you reside. Where required, we use appropriate safeguards (such as standard contractual clauses) to protect personal information transferred across borders.

10. Your rights and choices

Depending on your location, you may have the right to access, correct, delete, port, or restrict the processing of your personal information, and to object to certain processing or withdraw consent. You can exercise these rights, including unsubscribing from marketing emails, by contacting us at support@graphx.app. We may need to verify your identity before acting on a request. If you are in the EEA or UK and have an unresolved concern, you have the right to lodge a complaint with your local data protection authority.

11. Children

The Service is not directed to children under 16 (or the age required by your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, please contact us so we can delete it.

12. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice (for example, by email or in-app notice). The "Last updated" date above indicates when this policy was last revised.

13. Contact us

Questions or requests about this Privacy Policy? support@graphx.app. You can also review our Terms of Service.