Privacy policy

Definitions and Key Terms

• Cookie – a small piece of data generated by a website and stored by your browser. It is used to identify your browser, provide analytics, and remember information about you (for example, language preferences or login data).
• Company – when this Policy mentions “Company,” “we,” “us,” or “our,” it refers to GLIMMERSYNC DYNAMICS LTD., the legal entity (developer of Cheese AI) at 124–128 City Road, London, EC1V 2NX, United Kingdom, which is responsible for processing your information in accordance with this Policy.
• Device – any Internet-connected device (for example, a phone, tablet, computer, or any other device) that can be used to access the Cheese AI Service.
• IP Address – each device connected to the Internet is assigned a number known as an Internet Protocol (IP) address. These numbers are typically allocated in geographic blocks, so an IP address can often be used to determine the general location from which a device is connecting to the Internet.
• Personal Data – any information that, directly, indirectly, or in combination with other information (including a personal identification number) allows for identifying a natural person.
• Service – the Cheese AI services, including the website, chatbot, and/or mobile application through which the Company provides image generation services based on photos uploaded by the user.
• Avatar – a user-specific machine learning model trained from the photos you upload. It is used to generate personalized images aligned with your features and improve generation quality. The model is securely stored on our servers for a limited period – generally for the duration of your active use of the Service and up to 30 days after your last subscription expiration or last use of the app, after which it is deleted.

Information Collection

• Technical details about your device and browser: e.g., the type and version of your browser, device characteristics, operating system, language settings, time zone, and other technical parameters.
• Device and network identifiers: e.g., your device’s IP address (which can indicate the general location of your connection) and unique identifiers such as a device ID or cookies.
• Service usage data: information about which sections or features of the Service you use, the dates and times of visits, pages viewed, actions on a page (e.g., clicks, scrolling), interaction duration, crash logs, and other data about your use of the platform.
• Referral information: the URL of the webpage that referred you to our site (if applicable), as well as any external links you click on from our Service.

Use of Data

• Providing and improving services: We need your data primarily to provide Cheese AI’s core function – generating images based on your photos and prompts – and to ensure all features of the Service operate correctly (for example, saving your Avatars and results, managing your subscription, etc.).
• Avatar optimization: We use your uploaded photos to train a user-personalized model (Avatar) that allows us to generate images more accurately aligned with your features and preferences. This Avatar is stored securely and is only used to fulfill your requests. It is not used to train our global AI models or shared with third parties.
• Maintenance and support: We process your data to maintain the Service’s operation, fix technical issues, respond to your support requests, and improve service quality. Technical information about usage helps us analyze the platform’s performance and optimize it for your convenience and efficiency.
• Ensuring security: Automatically collected data (such as IP address and device characteristics) is used to protect against fraud, abuse, and unauthorized access. This allows us to detect suspicious activity and prevent security breaches.
• Improving the Service: We may use aggregated and de-personalized usage data (for example, which features are most popular) to develop new features, enhance the user interface, and improve the quality of our product.
• Push Notifications: Cheese AI may occasionally send push notifications via our mobile application to inform you of important updates, service-related changes, or personalized content (such as generation reminders or new features). You can manage or disable such notifications at any time through your device settings. If you opt out, you may still receive essential notifications (e.g., regarding your subscription status or critical service issues), but you will no longer receive promotional or non-essential updates.
• User communication: Contact information that you provide to us (for example, when reaching out to support) may be used to send you important notices related to the Service (such as notifications of significant changes to this policy or confirmations of actions you requested). We will not send you marketing communications without your separate consent.
• Legal obligations: In some cases we may need to use or retain your information to comply with legal obligations, satisfy lawful requests from government authorities, or defend our legal rights (for example, to investigate violations of our Terms of Use).
• Prohibited uses: We do not sell or rent your personal data to third parties. We also do not use your uploaded photos for any purposes other than providing you with the image-generation service, and we do not use them to train our AI models without your consent.

Use of Facial Data – Additional Explanation

• Facial images voluntarily uploaded by the user.
• Generated images that may contain the user’s facial features.

• To generate AI-based images and train a temporary user-specific Avatar model. This model is individual for each user. We do not use Avatar for any purposes other than ensuring the speed of generation and the quality of the result when processing user requests.
• This enables more accurate and personalized results during image generation.

• Uploaded face photos: Stored temporarily (for no more than 24 hours) during image generation and Avatar training, then automatically deleted.
• Avatar model (LoRA): Retained for the duration of an active subscription (or active use of the service) and up to 30 days after the subscription expires or after the user’s last use of the app, allowing users who return within that period to continue generating content without re-uploading. After this time, the Avatar model is deleted.
• Generated results: Stored for up to 7 days after generation to allow you time to view, download, or save them. After 7 days, these generated images are automatically deleted and cannot be recovered.

• We do not share user face data with any third parties for marketing, analytics, or profiling purposes.
• Infrastructure providers (such as Amazon Web Services) may process the data only to the extent required to host and deliver the service.
• These providers do not have access to image content, do not use it for their own purposes, and do not retain the data beyond what is required for technical storage

• Face photos are not stored by any third party.
• Avatar models are stored only on servers directly controlled by Cheese AI.
• AWS (Amazon Web Services) provides encrypted, access-controlled storage (Amazon S3), compliant with industry security standards.

Disclosure of Information to Third Parties

• Third-party service providers: We may use trusted third-party service providers to perform functions on our behalf – for example, cloud storage and data processing services, payment processing, analytics, or sending notifications. These providers are given access only to the data necessary for them to perform their specific tasks, and they are obligated to keep your data confidential and use it only for the purposes we specify.
• Legal requirements and protection of rights: We may disclose your information if we have a good-faith belief that such action is necessary to comply with applicable laws or in response to a lawful request (e.g., a court order or law enforcement request), or to protect our rights, your safety, or the safety of others. For example, if you violate someone’s rights or the law in using the Service, information about you may be provided to the affected parties or competent authorities when legally justified.
• Affiliates: If Cheese AI forms any subsidiaries, affiliates, or other related entities, we may share your information with these affiliated organizations. In such cases, they will process your data under the same terms of this Privacy Policy (i.e., providing the same level of data protection).
• Business sale or merger: In the event our Company undergoes a business transition – such as a merger, acquisition, or sale of all or part of its business – user personal data may be transferred to a third party (the new owner or successor) as part of that transaction. We reserve the right to include your information among the transferred assets, but we will ensure that the acquiring party agrees to honor the terms of this Privacy Policy. Similarly, in the case of bankruptcy or another reorganization of the business, your data may be transferred to a successor in accordance with applicable data protection laws.

International Data Transfers

Data Storage and Deletion

• Uploaded photos: Your uploaded photos are temporarily stored on our secure Amazon S3 servers while image generation and Avatar training are in progress. Typically, only the first 10 photos are used to create your Avatar. Once the generation and model training are completed, your original uploaded photos are automatically deleted and are not stored for any longer than necessary.
• Avatar: Your personal model (Avatar), created from your uploaded photos, is stored on our servers so you can continue generating images without having to re-upload photos frequently. If you do not have an active subscription (for example, you made a one-time purchase or are using the free version), your Avatar will be retained for up to 30 days after your last generation request or last use of the app. If you have an active subscription, your Avatar is retained for the duration of your subscription and for up to 30 days after the subscription ends. After these periods, the Avatar will be deleted from our servers. To continue using the Service after an Avatar is deleted, you would need to re-upload your photos to create a new Avatar.
• Generation results (images): Final AI-generated images are stored on our servers for up to 7 days after creation to allow you to view, download, or regenerate variations. After this period, the images are automatically deleted and cannot be recovered. Users are encouraged to save any important results to their device promptly.
• Text prompts: As noted above, your text prompts (requests) are stored securely for no more than 30 days, after which they are automatically deleted (unless we are required by law to retain them longer).
• Other data: Other personal data is stored for as long as necessary for the purposes for which it was collected (for example, until your support inquiry is resolved), or for the period required by law.

Data Security

Access by Personnel and Confidentiality

User Rights

• Right of Access: You have the right to request confirmation of whether we are processing your personal data, and to obtain a copy of the personal data we hold about you.
• Right to Rectification: You have the right to request correction of inaccurate personal information about you, and to have incomplete data completed or updated.
• Right to Erasure (“Right to be Forgotten”): You can request deletion of your personal data, and we are obligated to comply with this request if we have no lawful grounds to continue processing the data. (In Cheese AI, you can always have your profile and related data deleted by contacting support.)
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances (for example, while we verify the accuracy of your data or the legality of our processing), as provided by law.
• Right to Data Portability: You have the right to receive your personal data in a structured, machine-readable format and, if desired, to have that data transmitted to another controller (including, where technically feasible, a direct transfer from us to another party).
• Right to Object: You have the right to object at any time to the processing of your personal data if we are processing it based on our legitimate interests. In particular, you can opt out of any marketing communications from us (if we were to send any) – each marketing email would include an unsubscribe link, or you can contact us directly to opt out.
• Right to Withdraw Consent: If we are processing your data based on your consent, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of processing conducted prior to the withdrawal, but it may mean we can no longer provide certain services to you that rely on that consent.

• Right to Know: You have the right to request that we disclose what categories of personal information we have collected about you, the purposes for collecting that information, the categories of sources from which the information was collected, and the categories of third parties with whom we share that information. Upon your request, we will also provide you with the specific pieces of personal information we have collected about you.
• Right to Deletion: You have the right to request that we delete personal information we have collected from you. We will honor such a request except where the information is necessary to provide a service you requested or where retention is otherwise permitted by law.
• Right to Equal Services: We will not discriminate against you for exercising any of your privacy rights. This means we will provide you with the same level and quality of service even if you exercise your rights (for example, we will not deny you services or charge you a different price just because you exercised your rights).
• Right to Opt Out of Sale of Personal Information: CCPA gives you the right to direct a business that sells your personal data to stop selling it. However, we do not sell users’ personal data to any third parties. If in the future we plan to share your data in a way that constitutes a “sale” under CCPA, we will inform you beforehand and provide you an opportunity to opt out.

Children’s Privacy

Changes to the Privacy Policy

Contact Information