Privacy Policy

XP9 ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our Chrome extension and AI product visualization service.

XP9 provides an AI-powered tool that allows users to visualize themselves with any product from Amazon product pages through advanced AI technology - from clothing and accessories to everyday items.

We collect only the minimal information necessary to provide our AI product visualization service:

Profile Images

• What: User-uploaded photos of themselves
• Purpose: Required for AI processing to create personalized product visualization images
• Storage: Permanently stored on our secure servers for safety, security, and repeat use

Product Images

• What: Amazon product images selected by users for AI processing
• Purpose: Combined with profile images for AI product visualization generation
• Storage: Permanently stored on our secure servers for safety, security, and audit purposes

Generated Images

• What: AI-generated product visualization images created by combining profile and product images
• Purpose: Delivered to users and maintained for service quality and safety
• Storage: Permanently stored on our secure servers for safety, security, and user access

Email Addresses (Optional)

• What: Email addresses provided during subscription or account recovery
• Purpose: Subscription management, billing, and account recovery
• Collection: Only when users choose to subscribe or use account recovery

Usage Data

• What: Number of AI generations created, usage patterns
• Purpose: Managing free/paid usage limits and service improvements
• Data: Anonymous usage statistics, not linked to personal identity

Technical Information

• IP Addresses: For rate limiting and preventing service abuse
• Device Identifiers: Anonymous UUID for linking user data
• Recovery Codes: Temporary 6-digit codes for account recovery (expire in 10 minutes)

Payment Information

• What: Billing information for subscription services
• Processing: Handled securely by Stripe (our payment processor)
• Storage: We do not store credit card numbers or payment details

We use your information solely for providing and improving our AI product visualization service:

• AI Processing: Combining your profile images with specific product images (only when you click XP9 button) to create personalized product visualizations
• Account Management: Managing your subscription, usage limits, and account recovery
• Service Security: Preventing abuse and ensuring fair usage through rate limiting based on usage patterns, not browsing history
• Customer Support: Responding to your questions and resolving technical issues
• Service Improvement: Analyzing usage patterns (number of generations, not web activity) to enhance our AI technology

Data Collection Trigger: Image data is only collected when you actively click the XP9 button on a product. No passive monitoring or automatic data collection occurs while browsing.

We do not sell, rent, or share your personal information with third parties for marketing purposes. Limited sharing occurs only for:

• Payment Processing: Stripe processes subscription payments securely (required for billing)
• AI Processing: Images are processed on our secure servers using our AI technology
• Legal Requirements: We may disclose information if required by law or to protect our rights

We implement industry-standard security measures to protect your information:

• Encryption: All data transmission uses HTTPS encryption
• Secure Storage: Images and data are stored on secure servers with access controls
• Limited Access: Only authorized personnel can access user data for support purposes
• Regular Updates: We regularly update our security practices and systems

We retain certain data permanently for important safety and security reasons:

• Image Storage: Profile images, input product images, and generated AI images are permanently stored on our secure servers
• Safety Purposes: Permanent storage helps us prevent misuse, detect inappropriate content, and maintain service quality
• Security Purposes: Retained images help us investigate potential abuse, fraud, or violations of our terms of service
• Service Continuity: Stored profile images enable seamless repeat usage without re-uploading
• Legal Compliance: Image retention may be required for legal investigations or compliance with applicable laws

While images are stored permanently for these important reasons, you can still update your profile image at any time, and we maintain strict security controls over all stored data.

You have the following rights regarding your data:

• Update Profile Images: Replace your profile image anytime through the extension (previous images remain stored for security purposes)
• Account Recovery: Recover access to your subscription using email verification
• Account Disconnection: Uninstalling the extension will disconnect your local browser data but stored images remain on our servers for safety and security
• Subscription Management: Cancel or modify your subscription through our billing portal
• Data Inquiries: Contact us for information about your stored data or for assistance with your account
• Legal Requests: We will respond to valid legal requests for data deletion where legally permitted and not conflicting with safety/security requirements

Important: Due to safety, security, and legal compliance requirements, we maintain permanent storage of generated content and associated images. This policy helps protect all users and maintain service integrity.

Our Chrome extension requests specific permissions for legitimate purposes:

• Amazon Domains: To detect and interact with product images on Amazon pages when you click the XP9 button
• XP9.com: To communicate with our AI processing servers
• Storage: To store your anonymous user ID and account recovery state locally
• Tabs: To open subscription pages and manage your account in new tabs

Important: Even though our extension runs on Amazon product pages, we do not collect browsing history, page URLs, or web activity. We only collect the specific product image when you actively click the XP9 button to request AI processing. No automatic data collection occurs.

XP9 is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will delete it immediately.

We may update this Privacy Policy periodically. When we make changes, we will update the "Last updated" date at the top of this policy. We encourage you to review this policy regularly to stay informed about how we protect your information.