Blyzt

Pricing

Privacy Policy

Last updated: 2025-10-25

This Privacy Policy is provided by Blyzt LLC, a limited liability company organized under the laws of Wyoming, United States. This policy applies to our AI-powered sports photo stylization service that transforms your athletic photos into artistic renditions using advanced machine learning models.

1) Introduction

This Privacy Policy explains how Blyzt ("we", "us", "our") collects, uses, and shares your personal information when you use our AI image generation service. By using the Service, you consent to the practices described here.

2) Definitions

    For the purposes of this Privacy Policy, the following terms have the meanings set forth below:

  1. "Service" means the Blyzt AI-powered sports photo stylization platform, including our website, mobile applications, and related services.
  2. "Personal Data" means any information relating to an identified or identifiable natural person, including but not limited to names, email addresses, IP addresses, and biometric data visible in uploaded photos.
  3. "Sports Photo Content" means any photographic or video content depicting athletic activities, sports equipment, or related imagery that you upload to our Service.
  4. "AI Processing" means the automated analysis, transformation, and stylization of your Sports Photo Content using machine learning algorithms and artificial intelligence models.
  5. "Generated Content" means the stylized images, artistic renditions, or other outputs created by our AI models based on your uploaded Sports Photo Content.
  6. "Third-Party AI Providers" means external artificial intelligence service providers including OpenAI, Google Gemini, and SeeDream that we use to process and enhance your content.
  7. "Account Gallery" means your personal storage space within the Service where your original photos and Generated Content are permanently stored for future access.

3) Information We Collect

    We collect information in several ways when you use our Service. The types of information we collect depend on how you interact with our AI-powered sports photo stylization platform:

    Information You Provide Directly:

  1. Account Registration Data: Email address, username, password (securely hashed using bcrypt with salt), display name, profile picture, account preferences, notification settings, and subscription tier selection.
  2. Sports Photo Content: Original athletic photos and videos you upload, including embedded metadata (EXIF data, camera settings, timestamps, GPS coordinates if present), file names, and any descriptions or tags you add. We analyze visible biometric features, athletic poses, sports equipment, uniforms, and environmental contexts for AI processing purposes.
  3. AI Processing Preferences: Style selections, quality settings, processing parameters, custom prompts, feedback ratings on generated content, and saved style presets.
  4. Payment Information: Billing address, payment method preferences, and transaction history. Credit card details are processed and stored securely by our PCI DSS compliant payment processor (Stripe) and are never stored on our servers.
  5. Communications: Support tickets, feedback submissions, survey responses, feature requests, bug reports, and any correspondence with our customer service team.

    6. Information We Collect Automatically:

  6. Device & Browser Information: IP address, browser type and version, operating system, device model, screen resolution, language settings, time zone, and unique device identifiers.
  7. Usage Analytics: Pages visited, features used, time spent on different sections, click patterns, scroll behavior, search queries, AI processing frequency, error encounters, and session duration.
  8. Performance Metrics: API response times, image processing speeds, upload/download speeds, error rates, system performance data, and service availability metrics.
  9. Security & Fraud Prevention: Login attempts, security events, suspicious activity patterns, rate limiting data, and fraud detection signals.

    10. Information from AI Processing:

  10. Generated Content: AI-stylized images and videos created from your uploads, processing logs, generation parameters used, quality scores, and processing timestamps.
  11. Content Analysis Data: Automated analysis results including detected sports types, athlete poses, equipment identification, scene composition, and technical quality assessments.
  12. AI Model Interactions: Requests sent to third-party AI providers (OpenAI, Google Gemini, SeeDream), response data, processing costs, and performance metrics.

    13. Information from Third Parties:

  13. Social Media Integration: If you connect social media accounts, we may receive profile information, friend lists, and content sharing permissions as authorized by you.
  14. Analytics Services: Aggregated usage statistics and performance data from third-party analytics providers to improve our Service.
  15. Marketing Partners: Referral information, campaign effectiveness data, and attribution metrics from advertising and marketing partners.

4) How We Use Your Information

  1. AI-Powered Sports Photo Processing: Analyze uploaded sports photos to identify athletic activities, poses, equipment, and environmental contexts. Process images through multiple AI models (including OpenAI, Google Gemini, and SeeDream) to generate artistic stylizations while preserving athletic authenticity.
  2. Service Delivery and Account Management: Create and maintain your account, process credit purchases, track usage history, manage subscription services, and provide customer support.
  3. Quality Assurance and Model Training: Analyze generation results to improve AI model performance, enhance style accuracy for sports imagery, and develop new artistic styles specifically optimized for athletic photography.
  4. Communication and Notifications: Send service-related notices, feature updates, security alerts, billing notifications, promotional offers (with consent), and respond to support inquiries.
  5. Platform Optimization: Analyze usage patterns, identify popular sports and styles, optimize processing performance, fix technical issues, and enhance user experience based on behavioral data.
  6. Security and Fraud Prevention: Monitor for suspicious activity, prevent unauthorized access, detect and prevent abuse of AI generation capabilities, and protect against fraudulent transactions.
  7. Legal and Regulatory Compliance: Comply with applicable laws, respond to legal requests, enforce our terms of service, and maintain records as required by law.
  8. Research and Development: Develop new AI models for sports photo stylization, research emerging artistic styles, and improve our understanding of athletic imagery processing (always using anonymized or aggregated data).

5) How We Share Your Information

  1. AI Model Providers: Your sports photos and generation parameters are securely transmitted to our AI partners (OpenAI, Google Gemini, and SeeDream) for processing. These providers are bound by strict data processing agreements and are prohibited from using your content for their own model training without explicit consent. All transmissions use end-to-end encryption.
  2. Cloud Infrastructure Providers: We use secure cloud services (AWS, Google Cloud, Azure) for hosting, storage, and computing. These providers maintain SOC 2 Type II compliance and implement enterprise-grade security measures. Your data is encrypted at rest and in transit.
  3. Payment Processors: Billing information is processed by PCI DSS compliant payment provider (Stripe). We never store or have access to your full payment card details.
  4. Analytics and Performance Monitoring: We use privacy-focused analytics services to understand usage patterns and improve performance. Only aggregated, anonymized data is shared with these providers.
  5. Customer Support Tools: Support interactions may be processed through third-party customer service platforms with appropriate data protection agreements in place.
  6. Legal and Regulatory Requirements: We may disclose information when required by law, court order, subpoena, or governmental authority, or to protect our rights, property, or safety.
  7. Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction, subject to the same privacy protections.
  8. Explicit Consent: We may share information for other purposes only with your explicit, informed consent, which you may withdraw at any time.

6) Legal Basis for Processing

    Under applicable data protection laws (including GDPR, CCPA, and other privacy regulations), we process your personal information based on the following legal grounds:

  1. Contract Performance (GDPR Art. 6(1)(b)): Processing necessary to:
    • Provide AI-powered sports photo stylization services
    • Manage your account and subscription
    • Process payments and billing
    • Deliver generated content to your Account Gallery
    • Provide customer support and technical assistance
  2. Legitimate Interests (GDPR Art. 6(1)(f)): We have legitimate business interests in:
    • Improving AI model performance and accuracy
    • Ensuring platform security and preventing fraud
    • Analyzing usage patterns to enhance user experience
    • Developing new sports-specific AI capabilities
    • Maintaining system performance and reliability
    • Protecting intellectual property and preventing misuse

    We balance these interests against your privacy rights and only process data when our legitimate interests are not overridden by your fundamental rights.

  3. Consent (GDPR Art. 6(1)(a)): We obtain your explicit consent for:
    • Marketing communications and promotional emails
    • Optional analytics and performance tracking
    • Social media integration and content sharing
    • Beta feature testing and feedback collection
    • Non-essential cookies and tracking technologies

    You can withdraw consent at any time through your account settings or by contacting us.

  4. Legal Obligations (GDPR Art. 6(1)(c)): Processing required to comply with:
    • Tax and accounting regulations
    • Anti-money laundering and fraud prevention laws
    • Data protection and privacy law requirements
    • Court orders, subpoenas, and legal processes
    • Regulatory investigations and compliance audits
  5. Vital Interests (GDPR Art. 6(1)(d)): In rare circumstances, we may process data to protect someone's life or prevent serious harm, such as during security incidents or emergency situations.

    6. Special Categories of Data: If your uploaded sports photos contain biometric data (facial features, body measurements), we process this under GDPR Art. 9(2)(a) based on your explicit consent, which you provide when uploading content for AI processing.

7) Data Protection and Security Measures

  1. Encryption: All data is encrypted using AES-256 encryption at rest and TLS 1.3 for data in transit.
  2. Access Controls: Strict role-based access controls ensure only authorized personnel can access your data on a need-to-know basis.
  3. Data Minimization: We collect and process only the minimum data necessary for our sports photo stylization services.
  4. Regular Security Audits: We conduct regular security assessments and penetration testing to identify and address vulnerabilities.
  5. Incident Response: We maintain a comprehensive incident response plan and will notify affected users within 72 hours of discovering any data breach.
  6. Data Processing Agreements: All third-party processors are bound by strict data processing agreements that meet GDPR standards.

8) Data Retention

    We retain your personal information according to the following schedule:

  1. Account Data: Retained for the duration of your account plus 30 days after account deletion for security purposes.
  2. Sports Photos: Original uploaded photos are permanently stored in your account gallery for future reference and reprocessing.
  3. Generated Images: Stored indefinitely in your account unless you delete them or close your account.
  4. Usage Analytics: Aggregated, anonymized usage data may be retained indefinitely for service improvement purposes.
  5. Legal Requirements: Some data may be retained longer if required by law or for legitimate business purposes (e.g., fraud prevention).

    6. When we no longer need your information, we securely delete it using industry-standard data destruction methods.

9) Your Rights

    You have the following rights regarding your personal data:

  1. Right of Access: Request a copy of all personal data we hold about you, including sports photos, generated images, and account information.
  2. Right to Rectification: Correct any inaccurate or incomplete personal information in your account.
  3. Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data, including all uploaded photos and generated content, subject to legal retention requirements.
  4. Right to Data Portability: Receive your personal data in a structured, machine-readable format and transfer it to another service.
  5. Right to Object: Object to processing based on legitimate interests, including for marketing purposes or AI model improvement.
  6. Right to Restrict Processing: Request temporary suspension of data processing in certain circumstances.
  7. Right to Withdraw Consent: Withdraw consent for any processing based on consent, without affecting prior lawful processing.
  8. Right to Lodge a Complaint: File a complaint with your local data protection authority if you believe we have violated your privacy rights.

    9. To exercise these rights, contact us at hello@blyzt.art. We will respond within 30 days (or 72 hours for urgent security matters). Some requests may require identity verification to protect your privacy.

10) Cookies & Tracking Technologies

    We use cookies, web beacons, and similar tracking technologies to provide, secure, and improve our Service. Here's what we collect and why:

    Types of Cookies We Use:

  1. Strictly Necessary Cookies: Essential for the Service to function properly. These include session management, user authentication tokens, security features, and load balancing. These cookies cannot be disabled without affecting core functionality.
  2. Performance & Analytics Cookies: Help us understand how users interact with our Service, including page views, feature usage, error tracking, and performance metrics. We use this data to optimize the AI processing pipeline and user experience.
  3. Functional Cookies: Remember your preferences such as AI style selections, image quality settings, account dashboard layout, and language preferences. These enhance your personalized experience.
  4. Advertising & Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness. These may track your browsing behavior across different websites to provide targeted content.

    5. Other Tracking Technologies:

  5. Local Storage: Stores user preferences, temporary AI processing data, and cached content to improve performance and reduce server load.
  6. Web Beacons & Pixels: Small transparent images that help us track email engagement, measure advertising effectiveness, and analyze user behavior patterns.
  7. Device Fingerprinting: Collects device and browser characteristics for security purposes, fraud prevention, and to provide consistent user experience across sessions.

    8. Managing Your Cookie Preferences:

    You have several options to control cookies and tracking:

  8. Browser Settings: Most browsers allow you to block or delete cookies. Visit your browser's help section for specific instructions.
  9. Opt-Out Tools: Use industry opt-out tools like the Digital Advertising Alliance's opt-out page or the Network Advertising Initiative's opt-out tool.
  10. Account Settings: Manage analytics and marketing preferences through your account dashboard under "Privacy Settings."

    11. Important: Disabling certain cookies may limit functionality such as AI processing preferences, account synchronization, and personalized recommendations. Strictly necessary cookies cannot be disabled without affecting core Service operations.

11) International Data Transfers

    Your data may be transferred to and processed in countries outside your jurisdiction. We ensure such transfers comply with applicable data protection laws through:

  1. Adequacy Decisions: Transfers to countries deemed adequate by relevant authorities.
  2. Standard Contractual Clauses: EU-approved contractual safeguards for international transfers.
  3. Certification Programs: Participation in recognized privacy frameworks like Privacy Shield successors.

12) Children's Privacy

    Our service is not intended for children under 13 (or 16 in the EEA/UK). We do not knowingly collect personal information from children. Sports photos containing minors should only be uploaded by parents or legal guardians with appropriate consent. If you believe we have inadvertently collected information from a child, please contact us immediately for prompt deletion.

13) California Privacy Rights (CCPA)

    If you are a California resident, you have additional rights under the CCPA. Note: Our company is based in Wyoming and primarily serves users nationwide.

  1. Right to Know: Request details about personal information collected, used, disclosed, or sold in the past 12 months.
  2. Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions.
  3. Right to Opt-Out: We do not sell personal information to third parties for monetary consideration.
  4. Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
  5. Verification: We may require verification of your identity before processing CCPA requests to protect your privacy.

13) European Privacy Rights

    We are committed to complying with European data protection laws. If you are a resident of the European Union, United Kingdom, or other European countries, you have comprehensive rights and protections under applicable privacy laws.

    European Union Residents (General Data Protection Regulation - GDPR):

  1. Legal Basis for Processing: We process your personal data based on legitimate interests (Article 6(1)(f)) for AI photo processing, contract performance (Article 6(1)(b)) for service delivery, consent (Article 6(1)(a)) for marketing, and legal obligations (Article 6(1)(c)) for compliance requirements.
  2. AI Processing Compliance: Our AI systems comply with GDPR principles including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality. We ensure AI training data compliance and implement privacy-by-design principles.
  3. Data Subject Rights: You have the right to access, rectify, erase, restrict processing, data portability, object to processing, and withdraw consent. You also have rights regarding automated decision-making and profiling.
  4. Data Protection Impact Assessments: We conduct DPIAs for high-risk processing activities, particularly for AI systems processing biometric data or involving automated decision-making.
  5. International Transfers: Data transfers outside the EU are protected by adequacy decisions, Standard Contractual Clauses (SCCs), or other appropriate safeguards as required by Chapter V GDPR.
  6. Breach Notification: We will notify the relevant supervisory authority within 72 hours of becoming aware of a personal data breach and inform affected individuals when required.

    7. United Kingdom Residents (UK GDPR and Data Protection Act 2018):

  7. UK-Specific Compliance: We comply with UK GDPR and the Data Protection Act 2018, including specific provisions for AI systems and automated decision-making. The ICO's pro-innovation approach guides our AI development practices.
  8. Data Protection Impact Assessments: We conduct DPIAs for high-risk processing, particularly when using new technologies like AI for sports photo analysis and stylization.
  9. Automated Decision-Making: Our AI processing includes automated decision-making for photo analysis and style application. You have rights to obtain human intervention, express your point of view, and contest decisions.
  10. Data Subject Rights: You have comprehensive rights under UK GDPR including access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making.
  11. International Transfers: Transfers to third countries are protected by UK adequacy regulations, International Data Transfer Agreements (IDTAs), or other appropriate safeguards.

    12. Germany Residents (Federal Data Protection Act - BDSG):

  12. AI Processing Guidelines: We follow the joint guidance issued by German Data Protection Authorities (May 2024) for GDPR-compliant AI deployment, ensuring proper legal basis assessment and AI training compliance.
  13. Employment Context: If you use our service in an employment context, we comply with Section 26 BDSG regarding employee data protection, considering the subordination relationship when examining consent validity.
  14. Legal Basis Assessment: We conduct thorough legal basis assessments following Baden-Württemberg DPA guidance for AI applications, ensuring compliance with GDPR, BDSG, and state data protection laws.
  15. Data Subject Rights: You have all rights under GDPR plus additional protections under German law, including specific provisions for automated decision-making and AI processing.

    16. France Residents (Data Protection Act and CNIL Regulations):

  16. CNIL AI Recommendations: We follow CNIL's recommendations on AI development (January 2024) and finalized guidance on AI systems, ensuring GDPR applicability to AI models, security requirements, and proper conditions for training data annotation.
  17. AI Model Compliance: Our AI models trained on personal data comply with GDPR requirements as clarified by EDPB Opinion (December 2024) and CNIL's latest recommendations on AI system development.
  18. Educational Use: If you use our service in educational contexts, we follow CNIL's FAQs for educators and data controllers, providing guidance on AI usage in educational missions and compliance requirements.
  19. Explainability Research: We participate in AI model explainability (xAI) research initiatives to enhance transparency and accountability in our AI processing systems.
  20. Data Subject Rights: You have comprehensive rights under GDPR and French data protection law, including specific protections for AI processing and automated decision-making.

    21. Exercising Your Rights: To exercise any of these rights, please contact us using the information in the "Contact Us" section. We will respond to your request within the timeframes required by applicable law (typically 30 days for GDPR requests). We may require verification of your identity to protect your privacy.

14) Asia-Pacific Privacy Rights

    We are committed to complying with privacy laws across the Asia-Pacific region. If you are a resident of the following jurisdictions, you have additional rights and protections under local privacy laws.

    Hong Kong Residents (Personal Data (Privacy) Ordinance - PDPO):

  1. Data Protection Principles: We adhere to Hong Kong's six data protection principles, including purpose limitation, data accuracy, and security safeguards.
  2. AI Processing Compliance: Our AI systems follow the Model Personal Data Protection Framework published by Hong Kong's Privacy Commissioner for Personal Data (PCPD).
  3. Data Access Rights: You may request access to your personal data and correction of any inaccuracies in accordance with PDPO requirements.
  4. Cross-Border Transfer: International transfers of your data are conducted with appropriate safeguards as required under PDPO.

    5. Japan Residents (Act on Protection of Personal Information - APPI):

  5. Consent Requirements: We obtain appropriate consent for collecting and processing sensitive personal information as defined under APPI.
  6. Purpose Notification: We clearly specify the purpose of data collection and use in accordance with APPI requirements.
  7. Data Subject Rights: You have rights to disclosure, correction, deletion, and suspension of processing under APPI.
  8. Third-Party Transfers: Transfers to third parties are conducted with proper consent or legal basis as required by APPI.
  9. Overseas Transfers: International data transfers comply with APPI's adequacy and safeguard requirements.

    10. South Korea Residents (Personal Information Protection Act - PIPA):

  10. AI Data Processing: We provide opt-out functionality for AI training and development as recommended by Korea's Personal Information Protection Commission (PIPC).
  11. Sensitive Information: Processing of sensitive personal information (including biometric data from photos) is conducted with explicit consent and appropriate safeguards.
  12. Cross-Border Transfers: International transfers are conducted with proper legal basis and user notification as required under PIPA.
  13. Data Subject Rights: You have comprehensive rights including access, correction, deletion, and processing suspension under PIPA.
  14. Local Representative: For qualifying services, we maintain appropriate representation in South Korea as required by PIPA.
  15. Breach Notification: We comply with PIPA's data breach notification requirements to both authorities and affected individuals.

    16. Exercising Your Rights: To exercise any of these regional privacy rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within the timeframes required by applicable local laws.

16) Changes to This Policy

    We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated through email notification or prominent notice on our service at least 30 days before taking effect. Your continued use after changes indicates acceptance of the updated policy.

17) Contact Us

If you have any questions about these Terms, please contact us at  hello@blyzt.art