minifigmaker.ai

Privacy Policy

Last Updated: October 27, 2025

1. Introduction

MinifigMaker.ai ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our AI-powered LEGO minifigure creation service at minifigmaker.ai.

2. Information We Collect

Account Information

  • Email address
  • Display name (if provided)
  • Password (hashed and encrypted)

Google OAuth Information

When you sign in with Google, we access only:

  • Your email address
  • Your profile name
  • Your profile photo

We do NOT access your Google Calendar, Contacts, Drive, or any other Google services.

Images You Upload

Character images you upload for AI analysis are processed temporarily to generate LEGO part recommendations. These images are not permanently stored on our servers and are only retained during the active session for processing purposes.

User Preferences

  • Language preferences
  • Timezone settings
  • Theme preferences (dark mode)

Automatically Collected Information

  • Usage data and interaction patterns
  • Device information (browser type, operating system)
  • IP addresses and access logs
  • Session information

3. How We Use Your Information

We use the information we collect to:

  • Provide and improve our AI-powered LEGO minifigure creation service
  • Authenticate your identity and manage your account
  • Process uploaded images to generate part recommendations
  • Personalize your experience based on your preferences
  • Communicate with you about service updates or support requests
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Data Storage and Security

Storage

  • Account data is stored in a secure cloud database (Supabase/PostgreSQL)
  • Data is encrypted both at rest and in transit using industry-standard encryption
  • Passwords are hashed using bcrypt before storage
  • Uploaded images are processed temporarily and not permanently stored

Security Measures

  • All data transmission uses HTTPS with TLS encryption
  • Row-level security (RLS) policies ensure users can only access their own data
  • Regular security audits and monitoring
  • Access logging and anomaly detection
  • Input validation and sanitization to prevent XSS and injection attacks

Data Retention

We retain your account information and preferences as long as your account remains active. You can request deletion of your account and associated data at any time through your account settings.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • Service Providers: We work with trusted third-party service providers (cloud hosting, AI services, authentication) who help us operate our service. These providers are bound by strict confidentiality agreements.
  • Legal Requirements: We may disclose information if required by law, court order, or governmental authority, or to protect our rights, safety, or property.
  • Business Transfers: If MinifigMaker.ai is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and associated data
  • Export: Request a machine-readable copy of your data
  • Google Account Disconnection: Disconnect your Google account from MinifigMaker.ai

To exercise any of these rights, please contact us at support@minifigmaker.ai or use the account settings page.

7. Cookies and Tracking

We use cookies and similar technologies for:

  • Authentication and session management
  • Remembering your preferences (theme, language)
  • Analytics to understand how users interact with our service
  • Security and fraud prevention

You can control cookies through your browser settings, but disabling cookies may affect the functionality of our service.

8. Children's Privacy

MinifigMaker.ai is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected such information, we will delete it immediately.

9. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country of residence. By using our service, you consent to this transfer.

10. Third-Party Services

Our service integrates with the following third-party services:

  • Google OAuth: For authentication (Google Privacy Policy applies)
  • OpenAI: For AI image analysis (OpenAI Privacy Policy applies)
  • Supabase: For database and authentication (Supabase Privacy Policy applies)
  • Vercel: For hosting and deployment (Vercel Privacy Policy applies)

We encourage you to review the privacy policies of these third-party services.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: support@minifigmaker.ai
Website: minifigmaker.ai