Privacy Policy
This Privacy Policy explains how Mormir Foundry LLC ("PewPreview," "we," "us") collects, uses, and shares information when you use the PewPreview website, applications, and software (the "Service").
1. Information we collect
- Account information — email address and authentication details when you create an account.
- Uploaded images — photographs of items you upload to generate a preview, and the previews we generate for you.
- Usage data — render history, credit activity, plan, and basic product interactions.
- Device and technical data — IP address, browser/device characteristics, and a device fingerprint used to prevent fraud and abuse of free usage limits.
- Payment data — handled by our payment provider (see Section 3). We do not store full card numbers.
2. How we use information
- To provide, operate, and secure the Service and generate your previews;
- To screen uploaded content for safety and legal compliance (see Section 4);
- To manage accounts, credits, subscriptions, and support;
- To prevent fraud, abuse, and circumvention of usage limits;
- To comply with legal obligations.
3. Payments and the Merchant of Record (two data controllers)
Purchases are processed by Paddle.com Market Limited and its affiliates ("Paddle"), which act as the Merchant of Record for the Service. For payment transactions, Paddle is an independent data controller of your payment and billing information and processes it under its own privacy policy. PewPreview is the data controller of your account and usage data. Because there are two controllers, a request to access or delete your data may need to be made both to us and to Paddle. Mobile in-app purchases are processed by Apple or Google under their respective terms.
4. Image handling and content safety
Uploaded images are first placed in a restricted, access-controlled storage area. Before an image is used or stored in our main system, it is scanned by automated content-safety services to detect prohibited content (including a dedicated layer for detecting illegal child-sexual-abuse material). Content that passes is promoted to processing; content that fails is rejected and deleted, and illegal content is reported to the appropriate authorities as required by law. Uploaded images and generated previews are transmitted to our AI-rendering and content-safety providers listed below.
5. Service providers (subprocessors)
We share data with the following providers solely to operate the Service:
| Provider | Purpose |
|---|---|
| Supabase | Database, authentication, and backend hosting |
| Cloudflare (R2 storage & network) | Image storage, content delivery, and security |
| Google (Gemini), via Portkey | AI image generation / rendering and gateway routing |
| RevenueCat | Purchase and subscription event management (mobile) |
| Paddle | Payment processing as Merchant of Record (web) |
| Content-safety provider(s) | Automated moderation and CSAM detection of uploads |
We do not sell your personal information.
6. Data retention
We retain account and usage data for as long as your account is active and as needed for legal, security, and operational purposes. Uploaded images and previews are retained to provide the Service and may be deleted on request, subject to legal-retention requirements. Rejected or quarantined content is deleted on a short cycle, except where law requires preservation of evidence of illegal material.
7. Your rights
Depending on your location (including under GDPR and CCPA/CPRA), you may have rights to access, correct, delete, or port your data, to object to or restrict certain processing, and to opt out of "sale" or "sharing" of personal information (we do not sell personal information). To exercise these rights, contact privacy@pewpreview.com. For payment data, you may also need to contact Paddle as an independent controller.
8. Children
The Service is not directed to, and may not be used by, anyone under 18. We do not knowingly collect data from children. If we learn we have collected such data, we will delete it.
9. International transfers
We and our providers may process data in the United States and other countries. Where required, we rely on appropriate safeguards for international transfers.
10. Security
We use technical and organizational measures—including access controls, encryption in transit, and restricted credentials—to protect your data. No method of transmission or storage is completely secure.
11. Changes
We may update this Policy from time to time. Material changes will be posted here with an updated date.
12. Contact
Privacy questions: privacy@pewpreview.com.