Last Updated: January 13, 2026

1. Introduction and Overview

AIREA Studio, Inc. (“AIREA Studio,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, share, and protect your information when you use the AIREA Studio platform and related services (the “Service”).

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please discontinue use immediately.

2. Definitions and Roles

• Company (Data Controller / Business): AIREA Solutions, Inc. determines the purposes and means of processing Personal Data under GDPR and acts as the “Business” under CCPA/CPRA.
• Personal Data: Information that identifies or relates to an identifiable individual (e.g., name, email, billing details).
• Proprietary Content: Materials you upload or create within the platform (e.g., brand guides, prompts, campaigns). You retain full ownership of this content.
• Prompt Data: Real-time inputs you enter into AIREA Studio (e.g., questions, commands, or creative instructions) used to generate campaign content. Prompts are processed in-session and not stored or retained after your session ends.
• Usage Data: Automatically collected technical and engagement data (e.g., IP address, browser type, session duration, feature usage).
• Model Data: Aggregated, anonymized, and system-generated data used internally to improve AIREA’s proprietary AI models. This data is never used to train external, public, or third-party AI systems.
• Service Provider / Sub-Processor: Vendors who process data on our behalf under strict confidentiality and data protection agreements.

3. Data We Collect

We collect data only as necessary to operate, secure, and improve our Service:

• Personal Data: Account, billing, and contact details you provide when creating or maintaining your account.
• Proprietary Content: Inputs (e.g., brand materials, campaign briefs) and outputs (e.g., generated copy, campaign content). You retain ownership of all Proprietary Content.
• Prompt Data: Prompts you enter are processed in real time to generate responses and are not stored, saved, or associated with your account after your session ends.
• Usage Data: Device information, session activity, feature usage, and performance metrics used for analytics and troubleshooting.
  
  

We do not collect biometric, health-related, or other sensitive category data. Limited analytics tools (e.g., Google Analytics) may be used in anonymized or aggregated form.

.

4. How We Use Your Data

We use collected data only for legitimate purposes related to operating and improving the platform:

• Service Delivery: Operate, maintain, and secure the platform.
• Personalization: Tailor recommendations and generated content based on your brand preferences.
• Service Improvement: Analyze aggregated data to enhance features, performance, and reliability.
• Compliance & Legal: Satisfy contractual, legal, or regulatory requirements and prevent fraud or abuse.
• Communication: Send account updates, support messages, and—if you consent—marketing communications (opt-out available at any time).
  
  

AI Transparency and Model Use

• No External Training: Your Proprietary Content will never be used to train or fine-tune external or public AI models.
• Internal Model Improvement: Aggregated, anonymized data may be used internally to enhance AIREA’s algorithms, prompts, and platform performance.
• Optional Model Training (Future): If opt-in fine-tuning is introduced, we will obtain explicit consent before processing.
  
  

5. Data Ownership and Export

• You retain full ownership of all content uploaded to or created within AIREA Studio.
• AIREA retains ownership of system-generated and derived data, including analytics, performance benchmarks, AI model improvements, and campaign response data.
• Upon request or account closure, AIREA will provide a copy of customer-owned content and personal account data in a standard format.
• Aggregated analytics, response metrics, and model-generated insights are considered AIREA’s proprietary data and are not subject to export or deletion request
• Because AIREA does not store prompts, these cannot be exported or recovered after a session ends.

6. Sharing and Disclosure of Your Data

We do not sell or share data for advertising purposes. We only share information with trusted third parties as necessary to operate the Service:

• Cloud & Hosting Providers (e.g., AWS)
• Payment Processors (e.g., Stripe)
• AI Sub-Processors (e.g., secure LLM providers bound by strict non-training agreements)
• Analytics and Communication Services
  
  

All vendors are carefully vetted, bound by data-protection agreements, and process data solely under AIREA’s instruction.

7. Security and Data Retention

We use industry-standard safeguards to protect your data, including:

• Encryption in transit (TLS) and at rest (AES-256)
• Role-based access control and opt-in multi-factor authentication
• Logging, continuous monitoring, and SOC 2-aligned security audits
• Regular vulnerability assessments and incident reviews
  
  

Data is retained only as long as needed for service operation or legal compliance. Upon verified deletion requests or account closure, customer content is securely deleted within 30–90 days. Aggregated and anonymized system data may be retained for internal performance and compliance purposes.

Because prompts are processed in real time and never stored, they are not retained after a session ends.

8. Breach Notification and Incident Response

In the unlikely event of a data breach, AIREA will promptly assess and contain the incident, notify affected users and regulatory authorities as required by law, and provide guidance on mitigation steps (e.g., password resets). Internal reviews will follow to strengthen platform safeguards.

9. Your Data Protection Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data.
• Correction: Request correction of inaccurate information.
• Deletion: Request deletion of personal data (excluding data retained for legal or operational compliance).
• Portability: Request export of your personal or proprietary content.
• Restriction / Objection: Object to certain processing activities.
• Opt-Out: Withdraw consent for marketing communications.
  
  

Requests must be submitted in writing to info@aireastudio.ai.
We respond within 30 days, and may extend up to 90 days for complex or multiple requests, with notice provided as required by GDPR and CCPA/CPRA.

10. Cross-Border Data Transfers

Your information may be processed in the United States or other jurisdictions where AIREA operates or engages service providers. We use Standard Contractual Clauses (SCCs) and equivalent safeguards to ensure consistent data protection standards worldwide.

11. Children and Minors

The Service is not intended for individuals under 16 years of age. We do not knowingly collect or store data from minors. If you believe a minor has submitted information, contact us at info@aireastudio.ai for prompt deletion.

12. Changes to this Privacy Policy

We may update this policy from time to time. For material changes, we will notify users via email or in-platform notice.
The “Last Updated” date at the top of this document reflects the latest version. Continued use of the Service after notification constitutes acceptance of the revised policy.

13. Contact Us

For questions, requests, or privacy inquiries, please contact:

AIREA Solutions, Inc.
1570 8th Ave, San Francisco, CA 94122
Email: info@aireastudio.ai
Attention: Chief Technical Officer