Ronana

Privacy Policy

Last updated: June 11, 2026

This Privacy Policy explains how Ronana ("Ronana," "we," "us") collects, uses, and shares personal data about you when you use our service at ronana.ai.

Data we collect

  • Account data: email address, display name, hashed password or OAuth provider id, and account creation date.
  • Billing data: handled by our payment processor. We see only customer, invoice, plan, and billing metadata — never full card numbers.
  • Content you create: prompts, reference media, and generations.
  • Usage data: IP address, browser user-agent, session timestamps, and audit logs.
  • Cookies: authentication and cookie-consent cookies. See our Cookies Policy.

How we use your data

  • To provide the service, fulfill your generation requests, and deliver media.
  • To bill you and prevent payment fraud.
  • To enforce our Terms of Service and applicable law.
  • To communicate with you about your account.
  • To improve the service through aggregated, non-identifiable analysis.

We do not sell your personal data. We do not use your prompts or outputs to train our own models.

Service providers

We share data with a small number of service providers, strictly to operate the service. Each provider receives only the data needed for its task, and their use of that data is governed by their own privacy commitments and our agreements with them. Categories of providers we use:

  • Payment processing — billing, invoicing, and payment fraud detection.
  • Infrastructure and content delivery — hosting, durable media storage, bot defense, and DDoS protection.
  • AI model providers — when you run a generation, the prompt, any reference media you attach, and the request settings are sent to the third-party provider operating the model you selected, solely to produce your output.
  • Transactional email — account, receipt, and notification email delivery.
  • Error monitoring — crash and error diagnostics.

A current list of our providers is available on request at [email protected].

Data retention

  • Account, references, and generations: retained until you delete them or close your account.
  • Trash items: permanently deleted after 24 hours.
  • Audit log entries: retained for up to 365 days unless a longer period is required for security, fraud prevention, legal compliance, or dispute resolution.
  • Billing records: retained as required by tax law.

Your rights

Depending on your jurisdiction, you may have the right to access, export, correct, delete, or object to processing of your personal data, and to lodge a complaint with your local data protection authority. To exercise these rights, contact [email protected].

International transfers

We are based in the United States. Our service providers may process your data in the United States and other countries. Where EU/UK data is transferred outside the EEA, we rely on Standard Contractual Clauses or equivalent safeguards.

Security

We use industry-standard measures including encryption in transit, encrypted storage at rest, scoped credentials, rate limiting, bot defense, and audit logging. No system is perfectly secure.

Children

Ronana is not directed to children under 13, or the minimum age in your country if higher. We do not knowingly collect data from children.

Changes to this policy

We may update this policy. Material changes will be announced by email or in-app notice.

Contact

Questions or rights requests: [email protected].