EasyAICards LogoEasyAICards

Privacy Policy

Last Updated: February 6, 2026

The EasyAICards Privacy Promise

  • We do not sell your photos or personal data. Your privacy is non-negotiable.
  • We do not use your family photos to "train" our AI models. Your images are yours alone.
  • Your uploaded images are used strictly to generate your card and are automatically deleted from our servers after 7 days.

1. Data Minimization

We believe in collecting only what we need. When you use EasyAICards:

  • We collect only the photo you upload and the text you provide for your card
  • We do not track your location or access your device's photo gallery
  • We do not collect browsing history or use tracking cookies beyond essential functionality
  • We do not require social media connections or access to your contacts

2. Phone Number Collection (Optional)

Phone numbers are collected only if you choose to enable Two-Factor Authentication (2FA) to protect your account.

When We Collect

  • We prompt you to set up 2FA after your first purchase to protect your credits and saved cards
  • You can also enable 2FA at any time in your account settings
  • Providing your phone number is completely optional

How We Use It

  • Send verification codes when logging in (if 2FA is enabled)
  • Verify your identity for account changes (e.g., email address updates)
  • Send security alerts for suspicious activity on your account

Your Choices

  • 2FA is completely optional – you can decline the setup prompt
  • You can enable or disable 2FA at any time in your account settings
  • If you disable 2FA, your phone number will be deleted from our system

What We Never Do

  • We never share your phone number with third parties
  • We never use your phone number for marketing or promotional messages
  • We never sell your phone number to advertisers or data brokers

Data Retention

Your phone number is stored encrypted in our database for as long as you have 2FA enabled. If you disable 2FA or delete your account, your phone number is immediately deleted. We may retain a hashed version for 30 days after account deletion for security and fraud prevention purposes.

3. Third-Party AI Processing

To create your AI-powered cards, we securely transmit your photo and text to our AI partner, Abacus.AI.

Important: Abacus.AI is legally bound by a Data Processing Agreement to protect your data. They:

  • Cannot use your photos for their own purposes
  • Cannot share your data with third parties
  • Must delete your data according to our retention policy
  • Are GDPR and privacy law compliant

Content Safety: We also use Google Gemini for content moderation to ensure uploaded images and text comply with our content policies. Google processes this data solely for safety screening—checking for inappropriate, harmful, or illegal content. This screening happens before card generation and no data is retained by Google after moderation.

4. Handling "Living" Media and Metadata

When you upload a photo for animation or "living card" features, we process technical metadata to ensure proper functionality:

  • Image resolution and dimensions: To properly size and scale your photo within the card design
  • Image orientation: To ensure your photo displays correctly
  • File format information: To optimize processing and output quality

Privacy Note: We strip all EXIF data (including GPS location, camera model, and timestamps) from uploaded photos before processing. This metadata is never used to identify your real-world location or personal information.

Invisible Copyright Watermark

We embed an invisible digital watermark in generated cards containing your card ID, account ID, and creation timestamp. This watermark is used solely for copyright protection and dispute resolution—for example, if someone claims your card as their own or if we need to verify ownership. The watermark cannot be seen with the naked eye and does not affect image quality. It does not contain your name, email, or any other personally identifiable information.

5. Your Content Rights

You own the photos you upload. By using EasyAICards, you grant us a temporary, limited license to:

  • Process your photo to generate your requested card
  • Store your card on our servers for up to 7 days
  • Display the card to you for download and sharing

This license automatically expires when your card is deleted (after 7 days or when you manually delete it).

6. Data Retention & Automatic Deletion

Automatic Cleanup:

  • All uploaded photos and generated cards are automatically deleted from our servers 7 days after creation
  • You can manually delete your cards at any time before the 7-day period
  • Once deleted, cards cannot be recovered

What we keep: We retain basic transaction records (purchase date, plan type) for accounting and legal purposes, but these records do not include your photos or card content.

7. The "Right to be Forgotten" (GDPR)

If you create an account, you have the right to request that all your data be permanently deleted at any time.

This includes:

  • Your account information
  • All cards you've created
  • All uploaded photos
  • Purchase history (after legal retention period)

To exercise this right, visit your Dashboard and click "Delete My Account" or contact us at [email protected].

8. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: All data is encrypted in transit (TLS/SSL) and at rest
  • Secure Storage: Photos are stored in AWS S3 with restricted access
  • Access Control: Only authorized personnel can access backend systems
  • Regular Audits: We conduct regular security audits and updates

Security Logging

To protect your account and detect unauthorized access, we log security-related events including:

  • Login attempts (successful and failed)
  • Password changes and resets
  • Two-factor authentication events
  • Suspicious activity alerts

These logs include your IP address and browser information to help identify unauthorized access attempts. Security logs are retained for 90 days and are used solely for account protection and fraud prevention.

Card Creation Records

We maintain records of card creation activity for abuse prevention and customer support purposes. These records include when cards were created, card quality settings, and your internal card credit balance—but do not include the content of your photos or messages. We do not process or store payment card information—all payment processing is handled securely by our third-party merchant service.

9. Children's Privacy

EasyAICards is not intended for children under 13 years old. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: [email protected]

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of EasyAICards after changes constitutes acceptance of the updated policy.