Privacy Policy
This policy explains what PBRIZE collects, why we collect it, and how you can control your data when using the PBR material generation service.
Last updated: June 6, 2026
1. Who we are
PBRIZE is the controller of personal data processed through this website and application. You can contact us about privacy at [email protected].
PBRIZE helps creators turn reference images and models into PBR texture maps. That means the service processes account data, uploaded assets, generation settings, generated outputs, and billing events needed to run the product.
2. Data we collect
- Account data: email address, display name, password-authentication records, email-verification status, OAuth identifiers if you sign in with Google, and subscription status.
- User content: images, textures, masks, 3D models, prompts, material settings, generated maps, thumbnails, collections, and project metadata you create or upload.
- Billing data: subscription, checkout, refund, invoice, customer, and payment-state information handled through Polar. PBRIZE does not store full payment-card numbers.
- Affiliate data: referral identifiers, affiliate-link parameters, and affiliate cookie consent state when the affiliate program is enabled. When you accept the affiliate cookie and create an account, we also share your email, display name, and an internal account identifier with our affiliate provider (Affonso) as a signup lead. Separately, if you open the in-app referral dashboard at /refer and confirm joining the affiliate program, we share your email and display name with our affiliate provider (Affonso) to create an affiliate account for you.
- Technical data: IP address, device and browser information, language preference, logs, error details, security events, and cookie or local-storage values needed to keep the app working.
- Support and email data: messages you send us, email-delivery status, and account notifications such as verification, password reset, purchase, refund, and generation emails.
3. How we use data
- To provide the service: create accounts, authenticate users, generate PBR maps, store projects, export assets, and keep user settings in sync. The legal basis is performance of a contract.
- To process payments and subscriptions: create checkouts, manage subscription state, handle refunds, and keep required financial records. The legal bases are contract and legal obligation.
- To improve reliability and security: diagnose failures, prevent abuse, investigate suspicious activity, and maintain logs. The legal basis is legitimate interests.
- To send service emails: verify email addresses, reset passwords, confirm purchases, report refunds, and notify users about generation or subscription events. The legal basis is contract or legitimate interests.
- To run affiliate attribution: if you accept the affiliate cookie, we share a signup lead (email, display name, and an internal account identifier) with our affiliate provider (Affonso) and credit the affiliate who referred you if you later subscribe. The legal basis is consent.
5. User content and AI processing
We process uploaded images, masks, prompts, models, and generated maps to provide texture generation, editing, preview, export, and versioning features.
Do not upload sensitive personal data, confidential third-party material, or content you do not have permission to use. PBRIZE is built for material and texture workflows, not for processing personal or sensitive records.
6. Service providers
We use service providers for hosting, database and file storage, authentication, AI generation, payment processing, affiliate tracking, email delivery, and operational monitoring.
Known providers in the current architecture include Convex for backend data, Cloudflare R2 or compatible object storage for assets, Google/Gemini and fal.ai/RunPod-style providers for generation workflows, Polar for subscriptions and payments, Affonso for affiliate attribution, Resend for email delivery, and Google for OAuth when enabled.
These providers process data only as needed to provide their services to PBRIZE. Some providers may process data outside your country. Where required, we rely on appropriate safeguards such as adequacy decisions, standard contractual clauses, or provider data-processing terms.
7. Retention
We keep account data while your account is active. We keep generated assets, uploaded assets, and project metadata until you delete them, delete your account, or retention is otherwise required for operational reasons.
We keep billing and tax records for the period required by law. We keep logs and security records only as long as reasonably needed for security, debugging, fraud prevention, and legal compliance.
8. Security
We use technical and organizational measures designed to protect personal data, including authenticated access, scoped service credentials, provider-side storage controls, and limited internal access.
No internet service is perfectly secure. If you believe your account or data has been exposed, contact us promptly at [email protected].
9. Your rights
Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to processing of your personal data. Where processing is based on consent, you may withdraw consent at any time.
If you are in the European Economic Area, the United Kingdom, or a similar privacy-rights jurisdiction, you may also lodge a complaint with your local data protection authority.
10. Children
PBRIZE is not directed to children. Do not use the service if you are not old enough to create an account or enter into a digital-services agreement in your country without the consent of a parent or guardian.
11. Changes
We may update this policy as PBRIZE changes. If a change is material, we will take reasonable steps to notify users, for example by updating this page, sending an email, or showing an in-app notice.
12. Contact
For privacy questions or requests, contact [email protected]. For account and billing support, use the support contact available in the application or contact [email protected].