Image2Coloring
Login

Legal

Privacy Policy

Last updated: April 2, 2026

This policy is written for Image2Coloring's current production workflow: account login, credits, PayPal payments, and Replicate-powered generation.

1. Scope of this policy

  • • This policy applies to the Image2Coloring web app and APIs under image2coloring.art.
  • • It explains how we handle data for account login, credit purchases, and photo-to-coloring-page generation.

2. Account data we store

  • • When you register with email, we store your email, username, and password hash.
  • • When you sign in with Google OAuth, we receive account identity information from Google and store the linked provider account record.
  • • We store session records required for authentication and sign-in continuity.

3. Generation workflow data

  • • When you run /api/transform-ai, your uploaded image and prompt are used to generate the main coloring page and included variations.
  • • We store generation session metadata such as session ID, file name, prompt text, generation status, variation status, and output URL references.
  • • Current implementation avoids persisting base64 data URLs in D1 session tables; database storage focuses on metadata and URL references.

4. Credits and payment data

  • • We store wallet balances and credit transaction history to support account billing.
  • • For PayPal purchases, we store top-up order records including package, amount, payment status, provider order/capture identifiers, and related timestamps.
  • • Card details are processed by PayPal and are not stored directly by Image2Coloring.

5. Abuse prevention and security logs

  • • We record rate-limit and guard events to protect APIs from abuse and repeated attacks.
  • • These records include derived fingerprints and timestamps used for throttling generation, sign-in, and registration requests.
  • • We use origin checks and authentication checks on protected API routes.

6. Third-party processors

  • • Image generation is powered by Replicate model APIs.
  • • Payment processing is provided by PayPal.
  • • Google is used only when you choose Google sign-in.
  • • These services process data under their own terms and privacy commitments.

7. Retention and deletion

  • • We retain account, wallet, order, and generation records as needed for product operation, fraud prevention, and financial reconciliation.
  • • Some generated output URLs may become unavailable over time, and long-term availability is not guaranteed.
  • • Retention windows may be adjusted as our infrastructure and compliance requirements evolve.

8. Children and guardian usage

  • • Image2Coloring is intended to be operated by adults such as parents, guardians, or teachers.
  • • If you believe personal data was submitted improperly, contact us through your logged-in account context for review.

9. Changes to this policy

  • • We may update this policy as product behavior or legal requirements change.
  • • When updated, the Last updated date on this page will be revised.
Read Terms of ServiceView Account Records