European Data Protection

GDPR Compliance

Name: Jewelshot Studio
Rating: 4.8 (150 reviews)
Author: Jewelshot

Jewelshot is committed to protecting the privacy and rights of individuals in the European Union under the General Data Protection Regulation (GDPR).

🇪🇺

GDPR Compliant

EU Data Protection Standards

Your Rights Under GDPR

Right to Access

You can request a copy of all personal data we hold about you. We will provide this within 30 days.

Right to Rectification

You can correct any inaccurate or incomplete personal data through your account settings.

Right to Erasure

You can request deletion of your personal data. We will process this within 30 days.

Right to Restrict Processing

You can limit how we use your data while we address any concerns you may have.

Right to Data Portability

You can receive your data in a structured, machine-readable format.

Right to Object

You can object to processing of your data for marketing or profiling purposes.

Legal Basis for Processing

Contract Performance

Processing necessary to provide you with our services (image processing, gallery storage, etc.)

Account managementImage generationCustomer support

Legitimate Interests

Processing for our legitimate business interests, balanced against your rights

Service improvementSecurity monitoringAnalytics

Consent

Processing based on your explicit consent, which you can withdraw anytime

Marketing emailsProduct updatesSurveys

Legal Obligation

Processing required to comply with applicable laws

Tax recordsFraud preventionLegal requests

Data We Collect & Retention

Category	Examples	Retention
Identity Data	Name, email address, user ID	Until account deletion
Authentication Data	Hashed password, OAuth tokens	Until account deletion
Uploaded Content	Product images you upload	Until you delete or close account
Generated Content	AI-generated images	Until you delete or close account
Usage Data	Features used, session duration	90 days
Technical Data	IP address, browser type	90 days
Payment Data	Subscription status, invoice history	7 years (legal requirement)

International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA). When we transfer your data internationally, we ensure adequate protection through:

Standard Contractual Clauses

EU-approved data transfer agreements

Data Processing Agreements

Binding contracts with all processors

Adequacy Decisions

Using providers in approved countries

Technical Safeguards

Encryption and pseudonymization

Data Protection Contact

Contact Our DPO

For any GDPR-related inquiries or to exercise your data protection rights, please contact our Data Protection Officer:

dpo@jewelshot.ai

How to Exercise Your Rights

Submit a Request

Email our DPO at dpo@jewelshot.ai or use the self-service options in your account settings. Include your name and the specific right you wish to exercise.

Identity Verification

We may ask you to verify your identity to protect your data from unauthorized access. This typically involves confirming your email address.

Processing

We will respond to your request within 30 days. Complex requests may take up to 60 days, in which case we will notify you of the extension.

Right to Lodge a Complaint

If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with your local supervisory authority. We encourage you to contact us first so we can address your concerns directly.

A list of EU data protection authorities can be found at the European Data Protection Board website: edpb.europa.eu