Back to Home

Privacy Policy

Last updated: March 2, 2026

1. Introduction

NorvaCreate ("we," "us," or "our") operates the NorvaCreate platform, an AI-powered e-commerce content generation service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

By using NorvaCreate, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our services.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Name and email address (via our authentication provider, Clerk)
  • Profile image (if provided through your authentication provider)
  • Billing information (processed and stored by Stripe; we do not store full payment card details)

Product Data

When you use our services, we collect:

  • Product images you upload for analysis and content generation
  • Product names, descriptions, and categories you provide
  • AI-generated content (images, videos, and associated metadata)
  • Ad copy and content generation preferences

Usage Data

We automatically collect:

  • Generation history and credit usage
  • Feature usage patterns and preferences
  • Log data including IP address, browser type, and access times

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our AI content generation services
  • Process your transactions and manage your account
  • Send administrative communications (account confirmations, billing notices, security alerts)
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage trends to improve user experience
  • Detect, prevent, and address technical issues or fraud

4. AI Processing

When you upload product images or request content generation, your data is processed by third-party AI services (including Google Gemini) to perform image analysis and content generation. These services process your data according to their own privacy policies.

We do not use your uploaded product images or generated content to train AI models. Your content remains yours.

5. Data Sharing and Third-Party Services

We share your information with the following categories of third parties:

  • Authentication: Clerk (account management and login)
  • Payments: Stripe (payment processing and billing)
  • AI Services: Google (image analysis and content generation)
  • Storage: UploadThing (file and image storage)
  • Hosting: Vercel (application hosting)
  • Database: Neon (data storage)

We do not sell your personal information to third parties. We may disclose your information if required by law or to protect our rights and safety.

6. Data Retention

We retain your account information and generated content for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or compliance purposes.

Generated images and videos are stored indefinitely while your account is active. You may delete individual generations at any time through the Asset Library.

7. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS/HTTPS), secure database connections, and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability (receive your data in a structured format)
  • Withdraw consent at any time

To exercise any of these rights, please contact us at the email address below.

9. Cookies

We use essential cookies required for authentication and session management. We do not use advertising or tracking cookies. Our authentication provider (Clerk) may set cookies necessary for secure login functionality.

10. Children's Privacy

NorvaCreate is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of NorvaCreate after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

create@norvalabs.io

© 2026 NorvaCreate. All rights reserved.

Terms of Service