Skip to content

Privacy Policy

DRAFT — This policy will be finalised before paid subscriptions go live.

Last updated: March 2026

Plain language: We collect only what we need to run the service. We don't sell your data. We don't use your content to train AI models. Your projects are private by default.
Who We Are

Inkborne is owned and operated in Australia. This policy is governed by the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

For privacy questions: privacy@inkborne.com

Data We Collect

Account data: Email address, hashed password, and display name. If you subscribe, Stripe handles your payment details — we never see or store your card number.

Content you create: Stories, characters, locations, objects, panel descriptions, images, and layout data. This is your creative work and we store it so you can access it.

Usage data: API call counts, credit consumption, and generation task logs. We use this to monitor costs, debug issues, and improve the service.

What we don't collect: We don't use third-party analytics or tracking cookies. No Facebook pixels, no Google Analytics. We use essential cookies only (authentication and session management).

How We Use Your Data
  • To provide the service (store your projects, run generation tasks, manage billing)
  • To send account-related emails (password resets, billing receipts, invitation notifications)
  • To monitor and improve service reliability
  • To enforce our Terms of Service

We do not use your content for marketing. We do not share your data with third parties except as described below.

AI Processing & Third Parties

When you use AI generation features, your prompts and content are sent to third-party AI providers for processing:

  • Anthropic (Claude) — Story writing, character descriptions, analysis
  • Google (Gemini) — Image generation, image editing

These providers process your data under their own terms and privacy policies. We send only the minimum context needed for each generation task. Some of these providers are based outside Australia (United States).

Stripe handles all payment processing. Your billing data is governed by Stripe's Privacy Policy.

We do not sell or share your data with advertisers, data brokers, or any party not directly involved in providing the service.

Where Your Data Is Stored

Your data is stored on servers in Australia and the United States (via cloud infrastructure providers). By using Inkborne, you consent to this transfer where necessary to provide the service.

We take reasonable steps to ensure overseas recipients handle your data in accordance with the Australian Privacy Principles.

Data Retention

Your content is retained as long as your account is active. If you delete a project, its content (text, images, layout data) is permanently removed within 30 days.

If you delete your account, all your data (projects, images, billing history) is permanently deleted within 30 days. Anonymised usage statistics (credit consumption totals, no personal data) may be retained for service planning.

We maintain daily backups for disaster recovery. Backup copies are overwritten on a rolling 30-day cycle, so deleted data does not persist in backups beyond that window.

Your Rights

Under the Australian Privacy Act, you have the right to:

  • Access your personal information — your projects, settings, and billing are visible in the app
  • Correct your data — edit your profile, projects, and content at any time
  • Delete your data — delete individual projects or your entire account
  • Complain — if you're unsatisfied with how we handle your data, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise any of these rights, contact us at privacy@inkborne.com. We aim to respond within 14 days.

International Users Under Review

We are working on formalising compliance with international privacy regulations ahead of full launch:

  • GDPR (EU/UK): We intend to provide EU/UK-specific rights including data portability, right to restrict processing, and right to erasure. These will be detailed before we actively market to EU/UK users.
  • CCPA (California): We do not sell personal information. Further California-specific disclosures will be added as needed.

In the meantime, we'll honour reasonable data requests from any jurisdiction. Contact us and we'll do our best.

Cookies

We use essential cookies only:

  • Session cookie — keeps you logged in
  • CSRF token — protects form submissions from cross-site attacks

No third-party cookies. No tracking.

Security

We take reasonable steps to protect your data: encrypted connections (HTTPS), hashed passwords, access-controlled infrastructure, and regular backups.

If we become aware of a data breach that affects your personal information, we will notify affected users and the OAIC as required under the Notifiable Data Breaches scheme.

Contact

For privacy questions, data requests, or concerns:

privacy@inkborne.com