Emote Pack AI

Turn one image into a custom Discord & Twitch emote pack — powered by midnight-cupid-1.

hello@emotepack.ai
Product
  • Home
  • Gallery
  • Pricing
  • Docs
Company
  • About
  • Changelog
  • Status
Legal
  • Terms of Service
  • Privacy Policy
  • Acceptable Use
  • Cookie Policy
  • Do Not Sell or Share My Personal Information
© 2026 Emote Pack AI. All rights reserved.Generated by midnight-cupid-1 · v0.4 beta
Emote Pack AI
HomeGalleryPricingDocs
Studio
Legal

Privacy Policy

What we collect, why we collect it, who we share it with, and how to exercise your rights.

Last updated: 2026-05-22

1. What we collect

Account information

When you sign up: email address, display name, and (if you sign in with Google) the basic profile information Google shares. Authentication is handled by Supabase Auth.

Subject images and generations

The image you upload is sent to our generation pipeline, where it's transformed into an emote pack. If you're signed in, we store the resulting original-resolution emote PNGs and a metadata row (pack name, emote names, timestamp) so you can re-download from your Packs page. We do not store the source subject image after generation completes.

Usage and payments

Token balance, plan tier, generation history, and referral status. If you subscribe or buy a token pack, our payments processor handles your card details — we never see them.

Cookies

See our Cookie Policy for the full list. In short: a session cookie for authentication and a theme cookie for dark/light preference. No advertising cookies.

2. How we use it

We use the data above only to run the service:

  • Running generations and delivering emote packs — you ask for a pack; we make it.
  • Maintaining your account, balance, and pack history.
  • Processing payments and detecting fraud — including preventing chargeback fraud.
  • Sending service emails (sign-in links, billing receipts, plan changes, pack-ready notifications). We don't send marketing email.
  • Error monitoring and aggregate analytics to keep the service working. PII is scrubbed before transmission.
  • Subject images — used in-memory to generate your pack and then discarded; never stored or used to train models. The Acceptable Use Policy requires you to have the depicted person's consent before uploading.

3. Who we share it with

We use a small number of subprocessors:

  • Supabase — auth, database, and file storage hosting.
  • OpenAI — our generation pipeline calls OpenAI as an upstream inference provider. Your subject image is sent to OpenAI solely to produce your emote pack and is handled under OpenAI's API data policy (not used to train their models).
  • Stripe — handles subscription billing and one-time token-pack purchases. Stripe receives your payment details directly; we never see your card information.
  • Resend — sends transactional email (sign-in links, pack-ready notifications, billing receipts). Resend receives your email address and the message contents.
  • Sentry — application error monitoring. Receives stack traces and request metadata with personally identifying fields (email, IP, session tokens, magic-link query strings) scrubbed before transmission.
  • Vercel — hosting, edge runtime, and analytics (aggregate page-view counts only, no individual tracking).
  • Google (only if you sign in with Google) — to verify your account.

We don't sell your data. We don't share it with third parties for advertising. We disclose data only when required by law or to protect rights and safety. See our Do Not Sell or Share page for the formal CCPA/CPRA statement.

Sub-processor changes. If we add a new sub-processor (or replace an existing one with a materially different vendor), we will post the change on this page with the effective date at least 30 days in advance and email registered users. If you object you may delete your account before the change takes effect.

Where data is processed. The service is operated from the United States and our sub-processors store and process data in the US. The service is offered to users in the United States and is not directed at, or available to, residents of the European Economic Area or the United Kingdom (see §8).

4. How long we keep it

  • Account data: for as long as your account exists. You can delete your account at any time from settings (or by emailing us).
  • Generated emote packs: kept until you delete them or close your account.
  • Source subject images: not retained — they live in memory during generation and are dropped immediately afterward.
  • Logs and billing records: retained for the time required by tax and accounting law (typically 7 years).

5. Your rights

You have the following rights over your personal information, including under the California Consumer Privacy Act (CCPA/CPRA) and similar US state laws:

  • Access / know / portability — download a JSON dump of everything we hold on your account from Settings → Your data. The same dump is available by email on request.
  • Correction — edit display name, email, password, theme, and avatar from the Profile and Settings pages.
  • Deletion — Profile → Danger zone has a Delete account button that removes the auth row, every pack, every emote file, every preset, and every feedback row. Some aggregated billing records may persist for tax compliance (typically 7 years) as required by law.
  • Opt out of "sale"/"sharing" — we don't sell or share your personal information; see our Do Not Sell or Share page.
  • Withdraw consent for likeness processing — delete the relevant packs (which removes the stored emote PNGs) or delete the account.
  • No retaliation — we won't deny service or charge you differently for exercising these rights.

For anything that can't be self-served from Settings, email hello@emotepack.ai. We respond within 45 days (CCPA/CPRA), or sooner where another applicable US state law requires.

6. Children

The service is not intended for users under 13 (United States, per COPPA). We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, email hello@emotepack.ai and we'll delete it.

7. AI-generated content disclosure

Output emote PNGs include machine-readable metadata identifying them as AI-generated (PNG tEXt chunks: Software = "Emote Pack AI", Comment includes an AI-generated disclosure and consent reminder), consistent with US state AI-disclosure laws (California, Texas, Minnesota, and others). The metadata travels with every PNG you download.

When the output depicts a real person, you remain responsible for ensuring you have that person's consent before publishing or distributing the generated images. See our Acceptable Use Policy for the specifics.

8. Regions we serve

Emote Pack AI is offered to users in the United States. We do not currently offer the service to, or direct it at, residents of the European Economic Area (EEA) or the United Kingdom, and access from those regions is blocked. As a result we don't process EEA/UK personal data and the GDPR / UK-GDPR do not apply to us at this time. If we expand into those regions in the future, we'll update this policy and put the required safeguards in place first.

9. Security

We use TLS in transit and at-rest encryption on stored data. Access controls, audit logs, and regular review keep human access to user data narrow. No system is perfectly secure; we'll notify you promptly if a breach affects your data.

10. Changes

We'll post material changes on this page with an updated date, and email registered users for changes that meaningfully affect your rights or how we use your data.

11. Contact

Questions about this policy? Email hello@emotepack.ai.