Hypnopixels

Privacy Policy

Last updated: 28 January, 2026.

PLEASE READ THIS PRIVACY POLICY CAREFULLY.

This Privacy Policy explains how Ads4you OÜ, registry code 16617352, registered address Harju maakond, Tallinn, Kesklinna linnaosa, Narva mnt 7-636, 10117, Estonia (hereinafter referred to as the “Company”, “we”, “us”, or “our”) collects, uses, processes, stores, discloses, and protects personal information in connection with your use of our AI-powered mobile application (Hypnopixels) and related services (the “App” or the “Service”), as well as our website located at hypnopixels.com (the “Website”).

This Privacy Policy describes what information we collect, why we collect it, how we use it, how we share it, how long we keep it, and what rights and choices you have regarding your personal information.

This Privacy Policy is incorporated into and forms an integral part of our Terms of Use.

The Company acts as the data controller (or business, where applicable under U.S. law) for personal data processed under this Privacy Policy.

You may contact us regarding privacy matters at: https://hypnopixels.zendesk.com/hc/en-us/requests/new.

ACCEPTANCE OF THIS POLICY

By downloading, accessing, or using the Service, you acknowledge that you have read and understood this Privacy Policy.

IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, YOU MUST NOT USE THE SERVICE.

Your continued use of the Service constitutes your acceptance of this Privacy Policy and any updates to it. We may modify this Privacy Policy from time to time. When we do, we will update the “Last updated” date above. Material changes will be reflected in the updated version.

SCOPE OF THIS PRIVACY POLICY

This Privacy Policy applies to personal information processed through:

the mobile application
AI aging videos and photos
AI hairstyles
Video effects
AI photo effects and filters
AI image enhancer
in-app purchases and subscriptions
the Website funnel used to promote and sell access
customer support communications
analytics and attribution systems integrated into the Service

This Privacy Policy does not apply to third-party platforms such as the Apple App Store, payment processors, or analytics providers acting under their own privacy policies, though we describe their role below.

DEFINITIONS

For purposes of this Privacy Policy:

Personal information / personal data means information that identifies, relates to, describes, or can reasonably be linked to an individual or household, including identifiers such as email address, device identifiers, online identifiers, and image data that may contain identifiable persons.
Processing means any operation performed on personal data, including collection, use, storage, transmission, analysis, restriction, or deletion.
User Images means photos, screenshots, or images uploaded or captured by users for AI aging videos and photos, AI hairstyles, Video effects, AI photo effects and filters, and AI image enhancer.
Generated Outputs means AI-generated photos, videos, effects, filters, enhanced images, and related generated images produced by the Service.
Service providers / processors means third parties that process personal data on our behalf under contractual safeguards and only for defined purposes.
Consent means your freely given, informed, and unambiguous agreement to specific processing where required.

WHAT INFORMATION WE COLLECT

We collect personal information only to the extent reasonably necessary to provide, operate, secure, and improve the Service. The categories of information we collect depend on how you interact with the Service — whether you use the mobile application only or whether you also purchase access through the Website funnel.

We collect information directly from you, automatically through your use of the Service, and from trusted third-party service providers involved in payments, analytics, attribution, infrastructure, and AI processing.

We design the Service to minimize mandatory identification. Core mobile app functionality does not require account registration when installed through the App Store.

Information you provide

The Service allows you to upload, capture, or select images in order to generate AI-based outputs. These images may constitute personal information where they contain identifiable persons, personal items, addresses, or other identifying elements.

We collect and process images that you submit for generation, including photos taken through camera permission, images selected from your device gallery, screenshots, and images selected from built-in demo libraries. We also process the generated AI outputs and modified images created from your inputs.

AI generation occurs only when you actively initiate a generation request. The Service does not automatically scan your gallery or camera roll. Access to camera or photos is controlled by your device permission settings and can be denied or revoked at any time.

Images you upload may be temporarily stored on our servers and processed by third-party AI providers, including Replicate, AWS, and other trusted AI providers used to operate the Service, solely to generate the requested results.

Email and identity data

If you purchase access through the Website funnel, we collect your email address. We use your email address to send purchase confirmations, receipts, login credentials where applicable, and service-related communications regarding your purchase.

If you install and purchase only through the App Store, we do not require account registration and do not require your email address for core functionality. In that case, identity and billing are handled by the platform provider.

Generation parameters and usage content

When you request AI generation, we may process generation parameters and feature selections, such as selected styles, effects, and configuration options. These parameters may be temporarily logged to enable generation processing, diagnose failures, maintain system integrity, and prevent abuse.

Generation parameters are used only for service operation and quality control and are not used to build marketing profiles about you.

Automatically collected technical and usage data

When you use the Service, we automatically collect certain technical and usage-related information necessary for performance, analytics, and security.

This may include device type, operating system version, app version, language settings, feature usage events, generation attempts, interaction flows, crash logs, diagnostic data, and performance metrics. We may also collect approximate attribution data indicating which campaign or source led to installation.

This data is typically collected through analytics and attribution SDKs and is used in aggregated or pseudonymized form to understand product performance and improve functionality.

We do not intentionally collect precise geolocation data.

Payment information

Payments within the iOS App are processed by Apple through the App Store billing system. Apple acts as an independent controller of payment information. We receive transaction metadata such as purchase status, subscription status, product identifier, and country code, but we do not receive full payment card numbers.

Payments initiated through the Website are processed by certified third-party payment processors such as Stripe. Those processors collect and process payment card information directly. We receive payment confirmations, transaction identifiers, amount, currency, and limited billing metadata needed for accounting and support. We do not store full card numbers.

Payment information is processed strictly for billing, fraud prevention, accounting, and legal compliance.

Support communications

If you contact customer support, we process the information you provide, which may include your email address, message content, screenshots, and related technical details. Support communications are used solely to respond to your request, resolve issues, and improve service reliability.

HOW WE USE INFORMATION

We use personal information only for defined and limited purposes connected with providing and operating the Service. We do not use personal information for unrelated purposes and do not build advertising or behavioral profiles about users.

The primary purpose of processing is to provide the functionality of the Service you request. This includes processing User Images and generation parameters to produce AI-generated photos, videos, effects, filters, and enhanced images, enabling features, delivering generated outputs, supporting app functionality, and storing generation results for a limited period so that they can be displayed to you.

We use personal information to process purchases and subscriptions, confirm transactions, deliver receipts, and provide access to paid features. Where purchases are made through the Website funnel, we use your email address to send purchase confirmations and login credentials. Where purchases are made through the App Store, transaction handling is performed by the platform provider and we use transaction metadata to enable or disable paid features.

We use technical and usage data to operate, maintain, secure, and improve the Service. This includes debugging errors, diagnosing crashes, measuring generation success rates, analyzing feature usage, preventing abuse, enforcing technical limits, and improving performance and reliability. This processing is necessary to run a stable and secure product.

We use limited analytics and attribution information to understand how users discover the Service and how features are used at an aggregated level. This helps us evaluate marketing performance and product quality. We do not use this data to identify you personally or to track you across unrelated services for advertising profiling.

We use support communication data to respond to your inquiries, resolve technical issues, handle billing questions, and process refund requests.

We may also process personal information where necessary to comply with legal obligations, accounting requirements, regulatory requests, lawful investigations, or enforcement of our Terms.

AI PROCESSING LIMITATIONS

User Images and generation inputs are processed by AI systems only for the purpose of generating the outputs you request. AI processing is request-based and occurs only when you initiate generation.

We do not use uploaded images, generation inputs, or generated outputs to train our own AI models. We contractually require AI processing providers to restrict use of submitted data to generation processing and not to use it for their own model training where such restriction is available.

AI processing providers acting on our behalf are contractually restricted from reusing submitted data for their own independent purposes.

We do not perform identity recognition, biometric identification, or facial identity matching. We do not attempt to determine who appears in uploaded images. Automated content filters may be applied to detect prohibited content categories for safety enforcement only.

We do not perform automated decision-making about users that produces legal or similarly significant effects.

LEGAL GROUNDS FOR PROCESSING

For users in the United States, we process personal information for permitted business purposes, including service delivery, security, analytics, fraud prevention, payment processing, and product improvement, as allowed under applicable U.S. state privacy laws.

For users in the European Economic Area and other jurisdictions where GDPR-style legal bases apply, we rely on the following grounds where applicable: performance of a contract when processing is necessary to provide the Service you request; legitimate interests when processing is necessary to operate, secure, and improve the Service and does not override user rights; consent where required for device permissions, cookies, or certain tracking technologies; and legal obligation where processing is required by law.

Where consent is the legal basis, you may withdraw it at any time through device settings, browser controls, or by contacting us.

NO SALE OF PERSONAL INFORMATION

We do not sell personal information for monetary consideration. We do not operate as a data broker. We do not trade user data lists. We do not disclose personal information to third parties for their independent marketing use.

We also do not share personal information for cross-context behavioral advertising in a manner that constitutes “sale” or “sharing” under California and similar state privacy laws.

THIRD-PARTY SERVICE PROVIDERS

To operate and deliver the Service, we use trusted third-party service providers that process information on our behalf under contractual and technical safeguards. These providers act only for defined service purposes and are not permitted to use personal information for their own independent marketing purposes.

These service providers may include cloud infrastructure providers located in the European Union, AI processing providers such as Replicate, AWS, and other trusted AI providers used to generate outputs from submitted images, analytics and attribution providers, payment processors, customer support systems, and security and fraud-prevention tools.

When you submit images for AI generation, those images and related generation parameters are transmitted to external AI processing providers acting as processors on our behalf, including Replicate, AWS, and other trusted AI providers used to operate the Service. Such providers process the data solely to generate the requested outputs and return the results to our systems. We require such providers by contract to implement appropriate security measures and to restrict use of submitted data to generation processing only.

We prohibit reuse of submitted images for model training or unrelated purposes.

Analytics and attribution providers help us measure app performance, installation sources, subscription events, feature usage patterns, and aggregated behavioral metrics. These providers receive limited device and event data necessary for measurement and product improvement.

Payment processors process transaction data necessary to complete purchases. For in-app purchases, the platform provider (such as Apple) processes payment data under its own privacy policy. For website purchases, certified payment processors process card and billing data directly. We receive only confirmation data and limited transaction metadata needed for accounting and support.

Customer support and communication tools may process your contact details and message content when you contact us for assistance.

All such providers are required to maintain confidentiality and security protections appropriate to the nature of the data they process.

HOW AND WHEN WE DISCLOSE INFORMATION

We disclose personal information only in limited and defined circumstances.

We disclose information to service providers and processors that support operation of the Service, including infrastructure, AI processing, analytics, attribution, payment processing, security monitoring, and customer support, strictly to the extent necessary for those services.

We may disclose information when required to comply with applicable law, regulation, subpoena, court order, or lawful government request. We may also disclose information where reasonably necessary to investigate fraud, abuse, security incidents, violations of our Terms, or threats to the safety of users or the public.

We may disclose limited information to professional advisors such as lawyers, auditors, and accountants under confidentiality obligations where necessary for legal or compliance purposes.

We do not disclose personal information to third parties for their own direct marketing purposes.

BUSINESS TRANSFERS

If the Company or the Service is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction subject to confidentiality protections. In such cases, the successor entity will be required to respect applicable privacy obligations. Where required by law, users will be notified.

THIRD-PARTY PLATFORMS

The Service may be distributed through third-party platforms such as app stores. Your use of those platforms is governed by their own privacy policies and terms. We are not responsible for the data practices of platform operators acting as independent controllers.

Our Website uses cookies and similar technologies to support functionality, measure performance, understand visitor behavior, and improve usability. These technologies are used primarily on the Website funnel. The mobile App itself does not rely on browser cookies but may use SDK-based analytics and attribution technologies as described below.

Cookies are text files that are stored in a computer system via an Internet browser. Cookies are small files that your web browser places on your hard drive for record-keeping purposes. By showing how and when visitors use the Website, cookies help us track user trends and patterns. They also prevent you from having to re-enter your preferences on certain areas of the Website where you have entered preference information before.

Cookies contain a cookie identifier. A cookie identifier is a unique string through which Internet pages and servers can be assigned to the specific browser in which the cookie was stored. This allows visited Internet sites and servers to distinguish the individual browser from other browsers that contain other cookies. A specific browser can be recognized and identified using the unique cookie ID.

Through the use of cookies, we can provide more user-friendly Website functionality that would not be possible without cookie settings. By means of cookies, the information and offers on our Website can be optimized based on aggregated usage patterns.

You may, at any time, prevent the setting of cookies through our Website by adjusting your browser settings and permanently deny the setting of cookies. Already set cookies may also be deleted at any time via your browser or other software programs. This is possible in all popular Internet browsers. If you deactivate cookies in your browser, some Website functions may not be fully usable.

If you do not wish to receive cookies, you may refuse them through your browser settings. If you do so, certain functionalities, services, or support features may not operate properly. If you have previously visited the Website, you may need to delete existing cookies from your browser.

We may also use pixel tags and similar technologies (including transparent GIFs, clear GIFs, and web beacons) to access cookies, count users who visit the Website, measure campaign effectiveness, and understand whether email messages are opened.

ANALYTICS AND MEASUREMENT TECHNOLOGIES (APP)

The App uses analytics and measurement SDKs to understand feature usage, generation performance, subscription events, crash diagnostics, and aggregated behavioral trends. These tools help us improve reliability, usability, and product quality.

Analytics providers may receive device identifiers, app version, event timestamps, feature interaction signals, and subscription status events. This data is used for internal analytics and service improvement and is not used by us to build cross-service advertising profiles about you.

Analytics data is generally processed in aggregated or pseudonymized form.

ATTRIBUTION AND MARKETING MEASUREMENT

We use attribution tools to understand which marketing channels and campaigns lead users to install the App or purchase subscriptions. Attribution providers may process limited identifiers and campaign metadata necessary to measure install sources and conversion events.

This measurement allows us to evaluate marketing performance and allocate advertising budgets efficiently. It is used for internal measurement purposes and not for selling user profiles.

APP TRACKING TRANSPARENCY (ATT)

Where required by platform rules, tracking across apps and websites owned by other companies is subject to user permission through platform consent frameworks such as Apple App Tracking Transparency (ATT).

If you decline ATT permission, cross-app tracking identifiers are not accessed, and attribution data is correspondingly limited. Core app functionality is not dependent on granting tracking permission.

DO NOT TRACK SIGNALS

Some browsers transmit “Do Not Track” signals. Because there is not yet a uniform industry standard for interpreting these signals, our Website does not currently respond differently to such signals. Users can manage tracking preferences through browser cookie controls and device privacy settings.

DATA STORAGE AND SECURITY

We implement technical and organizational security measures designed to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure. These measures are based on industry best practices and are continuously reviewed and updated where appropriate.

Access to personal information is restricted to authorized personnel and service providers who need such access to operate, maintain, or improve the Service and who are bound by confidentiality and data protection obligations.

WHERE INFORMATION IS STORED

Personal information is generally stored on secure servers located within the European Union, including Germany and the Netherlands, and in EU multi-regional cloud environments. Our infrastructure providers are required to maintain appropriate security, confidentiality, and access controls.

Some processing operations may involve trusted service providers located in other jurisdictions. Where cross-border transfers occur, we rely on contractual safeguards and data protection agreements designed to ensure an adequate level of protection.

Infrastructure providers may include cloud hosting platforms, database providers, and media storage systems used to temporarily store uploaded images and generated outputs.

AI DATA FLOW SECURITY

When you initiate AI generation, User Images and generation parameters are transmitted securely to external AI processing providers, including Replicate, AWS, and other trusted AI providers used to operate the Service. Transmission is performed using encrypted network protocols. AI providers process the data only to generate the requested outputs and return results to our systems.

We require AI providers to apply appropriate security controls and to restrict processing strictly to generation tasks. We contractually prohibit independent reuse of submitted images.

AI processing is request-based and not continuous. No automatic background scanning of user images occurs.

ENCRYPTION AND TRANSMISSION SECURITY

We use encrypted communication channels for data transmission between devices, servers, and processors using industry-standard secure transport protocols. Stored data is protected using access controls and platform-level encryption mechanisms provided by our infrastructure partners.

While no system can guarantee absolute security, we apply reasonable and appropriate safeguards consistent with industry standards.

YOUR PRIVACY RIGHTS

Depending on your place of residence, you may have certain rights regarding your personal information under applicable U.S. state privacy laws and international data protection laws. We apply a unified approach and extend core privacy rights to users where reasonably possible.

Subject to verification and legal limitations, you may have the following rights:

Right to Access — you may request confirmation of whether we process your personal information and obtain access to the personal information we hold about you.
Right to Obtain a Copy — you may request a copy of your personal data associated with your use of the Service, where technically feasible.
Right to Correction — you may request correction of inaccurate or incomplete personal information we maintain about you.
Right to Deletion — you may request deletion of your personal information. We will delete data unless retention is required for legal compliance, fraud prevention, security purposes, accounting obligations, or dispute resolution.
Right to Data Portability — where applicable, you may request that certain data you provided be delivered in a structured and commonly used format.
Right to Restrict Processing — you may request limitation of certain types of processing where provided by applicable law.
Right to Object — you may object to certain processing based on legitimate interests where such rights apply.
Right to Withdraw Consent — where processing is based on consent, you may withdraw that consent at any time. Device permissions such as camera and photo access can be revoked through device settings.
Right to Non-Discrimination — we will not discriminate against you for exercising your privacy rights.

We do not sell personal information and do not share personal information for cross-context behavioral advertising profiling. Therefore, opt-out rights related to sale or targeted advertising sharing are generally not applicable to our current practices.

To exercise your rights, contact us at: https://hypnopixels.zendesk.com/hc/en-us/requests/new.

We may take reasonable steps to verify your identity before fulfilling requests.

We will respond within legally required timeframes. If we cannot fulfill a request, we will explain the reason.

You also have the right to lodge a complaint with a competent supervisory or regulatory authority where applicable.

ACCOUNT AND DATA DELETION

You may delete your account and associated personal data directly from the settings section of the App.

When you submit an account deletion request through the App settings, we will delete or irreversibly anonymize your account data and associated personal information within a reasonable timeframe, subject to legal, security, fraud-prevention, accounting, dispute-resolution, and technical retention requirements.

Deletion of your account may also result in deletion of associated generated outputs, usage history, and other data linked to your account, except where retention is required or permitted by law.

If certain data cannot be deleted immediately from active systems, it will be securely isolated and deleted through our regular retention and backup rotation processes.

CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you may have certain rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Subject to verification and legal limitations, you have the right to request access to the categories and specific pieces of personal information we have collected about you, the right to request deletion of your personal information, and the right to request correction of inaccurate personal information.

You also have the right to know the categories of sources from which personal information is collected, the business purposes for collecting and using it, and the categories of third parties to whom it is disclosed.

We do not sell personal information and we do not share personal information for cross-context behavioral advertising as defined under California law.

We will not discriminate against you for exercising your privacy rights.

You may submit a privacy request by contacting us at: https://hypnopixels.zendesk.com/hc/en-us/requests/new. We may need to verify your identity before processing your request. Authorized agents may submit requests on your behalf where permitted by law and where authorization can be verified.

CHILDREN’S PRIVACY

The Service is not directed to children and is intended for use only by individuals who have reached the legal age of adulthood in their country or jurisdiction of residence.

We do not knowingly collect personal information from individuals who have not reached the legal age of adulthood in their country or jurisdiction. If you have not reached the legal age of adulthood, you must not use the Service or submit any personal information to us.

We encourage parents and legal guardians to monitor minors’ internet usage and to help enforce this Privacy Policy by instructing minors not to use the Service or provide personal information without appropriate authorization where required by law.

If we become aware that personal information has been collected from a person who has not reached the legal age of adulthood, we will take reasonable steps to delete such information as soon as practicable, unless we are legally required to retain it.

If you believe that a person who has not reached the legal age of adulthood may have provided personal information to us, please contact us at https://hypnopixels.zendesk.com/hc/en-us/requests/new, and we will investigate and take appropriate action.

Where local law sets specific digital consent or data processing age thresholds, those higher standards will apply where required.

DATA RETENTION

We retain personal information only for as long as it is reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

User Images, generated outputs, and related AI generation data are generally retained for up to ninety (90) days and are then automatically deleted or irreversibly anonymized from active systems, unless you delete them earlier or retention is required for security, fraud prevention, dispute resolution, or legal compliance purposes.

Technical logs, analytics records, and diagnostic data are retained for limited operational periods necessary to maintain security, prevent abuse, analyze performance, and improve reliability.

Encrypted backup copies may persist for a limited additional period due to backup rotation schedules and are then overwritten automatically.

Where deletion is requested and verified, we will delete applicable personal information within a reasonable timeframe, subject to legal and technical constraints.

INTERNATIONAL DATA TRANSFERS

Because the Company is established in Estonia and uses European cloud infrastructure, personal information is primarily processed and stored within the European Union.

Some of our service providers, analytics partners, attribution providers, payment processors, and AI processing providers may operate in other jurisdictions, including the United States.

When personal information is transferred internationally, we rely on contractual safeguards, data processing agreements, and industry-standard protections designed to ensure an appropriate level of data protection.

By using the Service, you acknowledge that your information may be transferred to and processed in countries other than your state or country of residence, subject to appropriate safeguards.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in legal requirements, technical architecture, product features, or data practices.

When we make updates, we will revise the “Last updated” date at the top of the Policy. Material changes will be reflected in the updated version published through the Service or Website.

Your continued use of the Service after the updated version becomes effective constitutes your acceptance of the revised Privacy Policy.

If you do not agree with changes, you should discontinue use of the Service.

GOVERNING LAW

This Privacy Policy is governed by and construed in accordance with the laws of Estonia, without regard to conflict of law principles. Any disputes related to this Privacy Policy shall be resolved as provided in the Terms of Use.

CONTACT INFORMATION

If you have questions, requests, or complaints regarding this Privacy Policy or our data practices, you may contact us at:

Ads4you OÜ
Registry code: 16617352
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Narva mnt 7-636, 10117, Estonia
Contact us: https://hypnopixels.zendesk.com/hc/en-us/requests/new
Phone number: +37253687293

When contacting us regarding privacy rights requests, please include sufficient information to allow us to verify your request.