Decorb ("we," "us," or "our") operates the Decorb mobile application and web application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By accessing or using Decorb, you agree to this Privacy Policy. If you do not agree, please do not use the Service.
1. Information We Collect
1.1 Information You Provide
| Data Type | Description |
|---|---|
| Account Information | Name, email address, and profile details obtained through Google or Apple Sign-in |
| Space Photos | Images of rooms or spaces you upload for redesign |
| Reference Images | Inspiration photos, furniture images, or material samples you upload |
| Text Prompts | Descriptions and instructions you provide to guide AI generation |
| Payment Information | Billing details processed through our payment provider, Dodo Payments (we do not store full payment card numbers) |
| Support Communications | Messages, feedback, and correspondence you send to us |
1.2 Information Collected Automatically
| Data Type | Description |
|---|---|
| Device Information | Device type, operating system, unique device identifiers, and mobile network information |
| Usage Data | Features used, pages visited, generation history, session duration, and interaction patterns |
| Log Data | IP address, browser type, access times, and referring URLs |
| Location Data | Approximate location derived from IP address (we do not collect precise GPS location unless you enable photosphere capture) |
| Cookies & Similar Technologies | Session cookies, preference cookies, and analytics identifiers used to maintain your session and improve the Service |
1.3 Information from Third Parties
| Source | Data |
|---|---|
| Google / Apple Sign-in | Name, email address, and profile photo as authorized by you during authentication |
| Analytics Providers | Aggregated usage and performance data |
2. How We Use Your Information
| Purpose | Description |
|---|---|
| Provide the Service | Process your uploads, generate AI-powered interior design visualizations, and deliver results |
| Account Management | Create and maintain your account, manage subscriptions, and process payments |
| Service Improvement | Analyze usage patterns to improve features, performance, and user experience |
| Communication | Send service-related notifications, respond to support requests, and provide updates about your account |
| Security | Detect, prevent, and address fraud, abuse, and technical issues |
| Legal Compliance | Comply with applicable laws, regulations, and legal processes |
2.1 AI Processing
When you submit images and prompts for generation, your inputs are sent to our AI processing pipeline powered by Google Gemini. Your inputs are used solely to generate the requested output. We do not use your uploaded images or prompts to train AI models. Generated images are stored in your account for your access and are treated as your content.
3. How We Share Your Information
We do not sell your personal information. We share your information only in the following circumstances:
3.1 Service Providers
| Provider | Purpose |
|---|---|
| Google Cloud Platform | Infrastructure hosting, data storage, and AI processing (Gemini) |
| Firebase | Authentication, database, and file storage |
| Dodo Payments | Payment processing and subscription management (as Merchant of Record) |
| Analytics Providers | Usage analytics and performance monitoring |
3.2 Legal Requirements
We may disclose your information if required to do so by law, or if we believe in good faith that such action is necessary to comply with legal obligations, protect our rights or property, prevent fraud, or protect users' safety.
3.3 Business Transfers
If Decorb is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
3.4 With Your Consent
We may share your information for purposes not described in this Privacy Policy if we have obtained your explicit consent.
4. Data Retention
| Data Type | Retention Period |
|---|---|
| Account Information | Retained while your account is active; deleted upon account deletion request |
| Uploaded Images & Prompts | Retained while your account is active; deleted upon account or project/space deletion |
| Generated Images | Retained while your account is active; deleted upon account or project/space deletion |
| Payment Records | Retained as required by applicable tax and financial regulations |
| Usage & Log Data | Retained for up to 24 months for analytics and security purposes |
When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.
5. Data Security
We implement industry-standard security measures to protect your information:
- Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.2+
- Encryption at Rest: Stored data is encrypted using AES-256 encryption
- Access Controls: Strict role-based access controls for internal systems
- Infrastructure: Hosted on Google Cloud Platform with enterprise-grade security certifications
- Signed URLs: Uploaded and generated images are accessible only through time-limited signed URLs
While we take reasonable measures to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
6. Your Rights and Choices
6.1 Account Controls
You can:
- Access your personal information through your account settings
- Update your profile information at any time
- Delete your projects, spaces, and generated images
- Delete your account by contacting us, which will trigger deletion of your personal data
6.2 Communication Preferences
You can opt out of promotional communications by following the unsubscribe instructions in those messages. You cannot opt out of service-related communications (such as billing notifications and security alerts).
6.3 Cookie Controls
You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.
6.4 Data Portability
You can download your generated images and project data through the Service.
7. Regional Privacy Disclosures
7.1 European Economic Area and United Kingdom (GDPR)
If you are located in the EEA or UK:
- Legal Bases for Processing: We process your data based on: (a) your consent, (b) the necessity to perform our contract with you, (c) our legitimate interests, and (d) compliance with legal obligations.
- Data Controller: Decorb is the data controller for personal information collected through the Service.
- Your Rights: You have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to object to processing and withdraw consent at any time.
- International Transfers: Your data may be transferred to and processed in countries outside the EEA/UK. We ensure adequate safeguards through Standard Contractual Clauses or equivalent mechanisms.
- Complaints: You have the right to lodge a complaint with your local data protection authority.
7.2 California Residents (CCPA/CPRA)
If you are a California resident:
- Right to Know: You may request details about the categories and specific pieces of personal information we have collected.
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to Opt-Out of Sale: We do not sell personal information.
- Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise any of these rights, contact us at the address provided in Section 10.
7.3 Indian Residents
We comply with applicable Indian data protection laws, including the Digital Personal Data Protection Act, 2023 (DPDPA) as applicable. Indian users have the right to access, correct, and erase their personal data, and to nominate a representative to exercise these rights.
8. Children's Privacy
Decorb is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and in the app, updating the "Last Updated" date, and sending a notification through the Service for significant changes.
Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.
10. Contact Us
If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:
- Email: privacy@decorb.com
- Website: https://decorb.app/privacy
Document Status: v1.0 · Last Updated: March 2026