Privacy Policy

GenBatcher — Batch AI Image Generation

Last updated: June 7, 2026

This service is operated by Rodrigo Salazar, sole proprietorship (Einzelunternehmen / Raison individuelle), Canton of Lucerne, Switzerland.

This privacy policy explains how GenBatcher ("we", "us", "our") collects, uses, and protects your personal data when you use our web application at genbatcher.com (the "Service"). We are committed to complying with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

GenBatcher is the data controller for the personal data processed through the Service. For any privacy-related inquiries, contact us at:

Email: contact@genbatcher.com

2. What Data We Collect

2.1 Account Data

When you create an account via our authentication provider (WorkOS), we collect and store:

Email address — provided during sign-up
Internal user identifier — generated by our system
Authentication identifier — your WorkOS user ID, used to verify your identity

2.2 Subscription and Credit Purchase Data

When you purchase a subscription or extra credits, payment processing is handled entirely by Stripe. We do not collect or store your payment card details, billing address, or other financial information. We store only:

Subscription status — whether your subscription is active, canceled, or past due
Plan identifier — which plan you are subscribed to
Billing period dates — the start and end of your current subscription period
Stripe subscription identifier — to synchronize your subscription state
Credit purchase records — purchase quantity, purchase status, and the related Stripe checkout session identifier for extra-credit transactions

Stripe processes your payment data as an independent data controller under its own privacy policy.

2.3 Content You Upload

When you use the Service, we store:

CSV files and prompts — the image generation requests you submit, stored as structured data in our database
Generated images — stored in object storage and retained according to your plan's retention period (30 to 180 days depending on your subscription tier)
Generation metadata — including the AI model used, generation parameters, timestamps, and provider response identifiers, stored for reproducibility and debugging

2.4 Usage Data

We track:

Images generated per billing period — to enforce your subscription limits and determine when extra credits are consumed
Batch creation and processing records — stored in an internal event log for operational monitoring

2.5 Hashed IP Addresses

We generally store a salted SHA-256 hash of your IP address for routine rate limiting and operational use. This hash is a pseudonymized identifier as recommended by GDPR guidance. It is used for:

Preview rate limiting — to enforce the limit of 5 free preview batches per IP address per month for anonymous users
Operational and audit purposes — the most recent hashed IP is stored on your user record for fraud investigation if needed. It is not used for automated access control decisions.

2.6 Security Event Logs (Plain IP Addresses)

For events with security or legal consequence, we store your plain IP address (not hashed) in a dedicated security log. This applies to:

Content policy enforcement — when a submitted prompt is blocked by our safety filters
Image generation refusals — when our AI provider rejects a prompt on safety grounds
Reference image uploads — every upload is logged as a record of what was submitted

Retention: 3 years. This is longer than our standard event log because these records may be required for law enforcement cooperation or legal proceedings.

Legal basis: Legitimate interest in preventing abuse and complying with applicable laws (GDPR Art. 6(1)(f)).

2.7 Preview Mode (Anonymous Users)

If you use the Service without an account (preview mode), we additionally collect:

Cloudflare Turnstile token — used for bot protection during preview submissions. We do not store this token; it is validated once and discarded.

2.8 Cookies and Local Storage

Authentication session cookie — a secure, HTTP-only cookie managed by WorkOS AuthKit to maintain your login session
Preview batch identifiers — stored in your browser's localStorage to allow you to claim preview batches after creating an account. This data never leaves your browser unless you explicitly claim a batch.

We do not use advertising cookies, tracking pixels, or third-party analytics.

3. How We Use Your Data

We process your personal data for the following purposes and legal bases:

Purpose	Data used	Legal basis (GDPR Art. 6)
Providing the Service (account management, image generation, delivery)	Account data, content, usage data	Performance of contract (Art. 6(1)(b))
Subscription management and entitlement enforcement	Account data, subscription data, usage data	Performance of contract (Art. 6(1)(b))
Fraud prevention and abuse detection (rate limiting, bot protection, audit of hashed IP addresses)	Hashed IP address, Turnstile tokens	Legitimate interest (Art. 6(1)(f))
Operational monitoring and debugging	Event logs, generation metadata	Legitimate interest (Art. 6(1)(f))
Communicating with you about your account or the Service	Email address	Performance of contract (Art. 6(1)(b))

We do not use your data for profiling, automated decision-making, or marketing purposes.

4. Data Sharing and Sub-Processors

We share your data only with the following third-party services, which are necessary to operate the Service:

Sub-processor	Purpose	Data shared	Location
Cloudflare (Workers, D1, R2, Queues, Pages)	Infrastructure — hosting, database, object storage, queue processing	All service data (encrypted at rest and in transit)	Global (edge network)
WorkOS	Authentication — sign-up, login, session management	Email address, authentication identifiers	United States
Stripe	Payment processing — subscription billing	Internal user ID (as Stripe customer ID); Stripe handles payment details independently	United States
Google (Gemini API)	AI image generation	Prompts and generation parameters (no account data)	United States

We do not sell your data to third parties. We do not share your data with any parties beyond those listed above.

For transfers of personal data outside the European Economic Area (EEA), we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions as applicable to each sub-processor.

5. Data Retention

Data type	Retention period
Account data	Retained while your account is active; deleted upon account deletion request
Subscription data	Retained while your account is active; deleted upon account deletion request
Generated images	Automatically deleted after your plan's retention period (Starter: 30 days, Pro: 90 days, Business: 180 days)
Prompts and generation metadata	Retained while your account is active; deleted upon account deletion request
Event logs	Retained for up to 12 months for operational purposes, then deleted
Hashed IP addresses (preview usage)	Retained for up to 6 months, then deleted

6. Your Rights Under GDPR

As a data subject, you have the following rights:

Right of access (Art. 15) — Request a copy of all personal data we hold about you.
Right to rectification (Art. 16) — Request correction of inaccurate personal data.
Right to erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten").
Right to restriction of processing (Art. 18) — Request that we limit how we use your data.
Right to data portability (Art. 20) — Receive your data in a structured, machine-readable format. The Service supports CSV export of your batch data.
Right to object (Art. 21) — Object to processing based on legitimate interest.
Right to withdraw consent — Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at contact@genbatcher.com. We will respond within 30 days.

If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

All data is transmitted over HTTPS (TLS encryption enforced by Cloudflare)
Authentication tokens (JWTs) are validated cryptographically and never exposed to client-side JavaScript
Database queries use parameterized statements to prevent injection attacks
IP addresses are pseudonymized using salted SHA-256 hashing before storage
Secrets and API keys are stored securely using Cloudflare Workers secrets management
Access to data is restricted by user ownership checks on every request
Bot protection via Cloudflare Turnstile on anonymous endpoints

8. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at contact@genbatcher.com and we will delete it promptly.

9. Changes to This Policy

We may update this privacy policy from time to time. If we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, where appropriate, by email. We encourage you to review this policy periodically.

10. Contact

For any questions about this privacy policy or your personal data, contact:

Email: contact@genbatcher.com

Privacy Policy

GenBatcher — Batch AI Image Generation

Last updated: June 7, 2026

This service is operated by Rodrigo Salazar, sole proprietorship (Einzelunternehmen / Raison individuelle), Canton of Lucerne, Switzerland.

1. Data Controller

GenBatcher is the data controller for the personal data processed through the Service. For any privacy-related inquiries, contact us at:

Email: contact@genbatcher.com

2. What Data We Collect

2.1 Account Data

When you create an account via our authentication provider (WorkOS), we collect and store:

Email address — provided during sign-up
Internal user identifier — generated by our system
Authentication identifier — your WorkOS user ID, used to verify your identity

2.2 Subscription and Credit Purchase Data

Subscription status — whether your subscription is active, canceled, or past due
Plan identifier — which plan you are subscribed to
Billing period dates — the start and end of your current subscription period
Stripe subscription identifier — to synchronize your subscription state
Credit purchase records — purchase quantity, purchase status, and the related Stripe checkout session identifier for extra-credit transactions

Stripe processes your payment data as an independent data controller under its own privacy policy.

2.3 Content You Upload

When you use the Service, we store:

CSV files and prompts — the image generation requests you submit, stored as structured data in our database
Generated images — stored in object storage and retained according to your plan's retention period (30 to 180 days depending on your subscription tier)
Generation metadata — including the AI model used, generation parameters, timestamps, and provider response identifiers, stored for reproducibility and debugging

2.4 Usage Data

We track:

Images generated per billing period — to enforce your subscription limits and determine when extra credits are consumed
Batch creation and processing records — stored in an internal event log for operational monitoring

2.5 Hashed IP Addresses

We generally store a salted SHA-256 hash of your IP address for routine rate limiting and operational use. This hash is a pseudonymized identifier as recommended by GDPR guidance. It is used for:

Preview rate limiting — to enforce the limit of 5 free preview batches per IP address per month for anonymous users
Operational and audit purposes — the most recent hashed IP is stored on your user record for fraud investigation if needed. It is not used for automated access control decisions.

2.6 Security Event Logs (Plain IP Addresses)

For events with security or legal consequence, we store your plain IP address (not hashed) in a dedicated security log. This applies to:

Content policy enforcement — when a submitted prompt is blocked by our safety filters
Image generation refusals — when our AI provider rejects a prompt on safety grounds
Reference image uploads — every upload is logged as a record of what was submitted

Retention: 3 years. This is longer than our standard event log because these records may be required for law enforcement cooperation or legal proceedings.

Legal basis: Legitimate interest in preventing abuse and complying with applicable laws (GDPR Art. 6(1)(f)).

2.7 Preview Mode (Anonymous Users)

If you use the Service without an account (preview mode), we additionally collect:

Cloudflare Turnstile token — used for bot protection during preview submissions. We do not store this token; it is validated once and discarded.

2.8 Cookies and Local Storage

Authentication session cookie — a secure, HTTP-only cookie managed by WorkOS AuthKit to maintain your login session
Preview batch identifiers — stored in your browser's localStorage to allow you to claim preview batches after creating an account. This data never leaves your browser unless you explicitly claim a batch.

We do not use advertising cookies, tracking pixels, or third-party analytics.

3. How We Use Your Data

We process your personal data for the following purposes and legal bases:

Purpose	Data used	Legal basis (GDPR Art. 6)
Providing the Service (account management, image generation, delivery)	Account data, content, usage data	Performance of contract (Art. 6(1)(b))
Subscription management and entitlement enforcement	Account data, subscription data, usage data	Performance of contract (Art. 6(1)(b))
Fraud prevention and abuse detection (rate limiting, bot protection, audit of hashed IP addresses)	Hashed IP address, Turnstile tokens	Legitimate interest (Art. 6(1)(f))
Operational monitoring and debugging	Event logs, generation metadata	Legitimate interest (Art. 6(1)(f))
Communicating with you about your account or the Service	Email address	Performance of contract (Art. 6(1)(b))

We do not use your data for profiling, automated decision-making, or marketing purposes.

4. Data Sharing and Sub-Processors

We share your data only with the following third-party services, which are necessary to operate the Service:

Sub-processor	Purpose	Data shared	Location
Cloudflare (Workers, D1, R2, Queues, Pages)	Infrastructure — hosting, database, object storage, queue processing	All service data (encrypted at rest and in transit)	Global (edge network)
WorkOS	Authentication — sign-up, login, session management	Email address, authentication identifiers	United States
Stripe	Payment processing — subscription billing	Internal user ID (as Stripe customer ID); Stripe handles payment details independently	United States
Google (Gemini API)	AI image generation	Prompts and generation parameters (no account data)	United States

We do not sell your data to third parties. We do not share your data with any parties beyond those listed above.

5. Data Retention

Data type	Retention period
Account data	Retained while your account is active; deleted upon account deletion request
Subscription data	Retained while your account is active; deleted upon account deletion request
Generated images	Automatically deleted after your plan's retention period (Starter: 30 days, Pro: 90 days, Business: 180 days)
Prompts and generation metadata	Retained while your account is active; deleted upon account deletion request
Event logs	Retained for up to 12 months for operational purposes, then deleted
Hashed IP addresses (preview usage)	Retained for up to 6 months, then deleted

6. Your Rights Under GDPR

As a data subject, you have the following rights:

Right of access (Art. 15) — Request a copy of all personal data we hold about you.
Right to rectification (Art. 16) — Request correction of inaccurate personal data.
Right to erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten").
Right to restriction of processing (Art. 18) — Request that we limit how we use your data.
Right to data portability (Art. 20) — Receive your data in a structured, machine-readable format. The Service supports CSV export of your batch data.
Right to object (Art. 21) — Object to processing based on legitimate interest.
Right to withdraw consent — Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at contact@genbatcher.com. We will respond within 30 days.

If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

All data is transmitted over HTTPS (TLS encryption enforced by Cloudflare)
Authentication tokens (JWTs) are validated cryptographically and never exposed to client-side JavaScript
Database queries use parameterized statements to prevent injection attacks
IP addresses are pseudonymized using salted SHA-256 hashing before storage
Secrets and API keys are stored securely using Cloudflare Workers secrets management
Access to data is restricted by user ownership checks on every request
Bot protection via Cloudflare Turnstile on anonymous endpoints

8. Children's Privacy

9. Changes to This Policy

10. Contact

For any questions about this privacy policy or your personal data, contact:

Email: contact@genbatcher.com