Privacy Policy

1. Introduction

Welcome to GetMeme ("we," "our," or "us"). GetMeme is a brand operated by NovaRising Limited, a company registered in England and Wales under company number 16245996, with registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered meme generation service at getmeme.net (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

• Create an account (email address, name)
• Sign in via Google OAuth (email, name, profile picture)
• Make a purchase (billing information processed by Stripe)
• Contact us (email address, message content)
• Upload images for meme generation

2.2 Automatically Collected Information

When you access our Service, we automatically collect:

• Usage Data: IP address, browser type, device information, pages visited, time spent on pages
• Cookies and Tracking: Session cookies, authentication tokens, preference settings
• Analytics Data: We may use Google Analytics to understand how users interact with our Service
• Performance Data: Error logs, API response times, service performance metrics

2.3 Content You Create

• Text prompts for meme generation
• Images you upload
• Generated memes
• Meme sharing preferences

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Delivery

• To provide and maintain our AI meme generation Service
• To process your meme generation requests using Google's Gemini AI
• To manage your account and authentication
• To process payments and manage subscriptions via Stripe
• To store your generated memes in Cloudflare R2 storage

3.2 Communication

• To send you magic link authentication emails
• To send purchase confirmations and receipts
• To respond to your inquiries and support requests
• To send important service updates and security alerts

3.3 Improvement and Analytics

• To analyze usage patterns and improve our Service
• To develop new features and functionality
• To monitor and analyze trends, usage, and activities
• To detect, prevent, and address technical issues and fraud

3.4 Legal Compliance

• To comply with legal obligations and regulatory requirements
• To enforce our Terms of Service and other agreements
• To protect our rights, privacy, safety, or property

4. Third-Party Services and Data Sharing

We use the following third-party services to operate GetMeme:

4.1 Cloudflare

• Purpose: Hosting, CDN, DDoS protection, database (D1), storage (R2), KV storage
• Data Shared: All service data, user content, IP addresses
• Privacy Policy: cloudflare.com/privacypolicy

4.2 Google Services

• Google OAuth: For user authentication (email, name, profile picture)
• Google Gemini AI: For AI-powered meme generation (text prompts, uploaded images)
• Google Analytics (if enabled): For usage analytics and insights
• Privacy Policy: policies.google.com/privacy

4.3 Stripe

• Purpose: Payment processing, subscription management
• Data Shared: Email, payment information, purchase history
• Privacy Policy: stripe.com/privacy
• Note: We do not store credit card information; Stripe handles all payment data securely

4.4 Resend

• Purpose: Transactional email delivery (magic links for authentication, receipts)
• Data Shared: Email addresses, email content
• Privacy Policy: resend.com/legal/privacy-policy
• Note: We use Resend to send authentication emails and transactional notifications

4.5 OpenRouter

• Purpose: AI model routing and access to Google Gemini
• Data Shared: Meme generation prompts, uploaded images
• Privacy Policy: openrouter.ai/privacy

Important: We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We only share data with service providers necessary to operate our Service.

5. AI and Image Processing

5.1 Image Uploads

When you upload images to GetMeme:

• Images are processed by Google's Gemini AI to generate meme content
• Images may be temporarily stored in Cloudflare R2 for processing
• We analyze images to understand context, objects, people, and scenes
• Original uploaded images are not permanently stored unless you save the generated meme

5.2 AI-Generated Content

• Your prompts and images are sent to Google Gemini AI for processing
• AI-generated memes are stored in your account
• We may use anonymized generation data to improve our Service
• You retain ownership of your generated memes

5.3 Content Moderation

We reserve the right to review generated content for compliance with our Terms of Service. Content that violates our policies may be removed, and accounts may be suspended.

6. Data Storage and Security

6.1 Data Storage

• User Data: Stored in Cloudflare D1 (SQLite) databases
• Generated Memes: Stored in Cloudflare R2 object storage
• Sessions: Managed via Cloudflare KV storage
• Location: Data is stored in Cloudflare's global network, primarily in EU and US regions

6.2 Security Measures

We implement industry-standard security measures including:

• HTTPS/TLS encryption for all data transmission
• Encrypted storage of sensitive data
• Secure authentication via NextAuth.js
• Regular security audits and updates
• DDoS protection via Cloudflare
• Access controls and authentication for administrative functions

Note: While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

• Account Data: Retained while your account is active and for 90 days after deletion
• Generated Memes: Retained indefinitely unless you delete them
• Payment Records: Retained for 7 years for tax and accounting purposes
• Analytics Data: Anonymized and retained for up to 26 months
• Logs: Server logs retained for 90 days for security and debugging

8. Your Rights (GDPR & UK GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Request limitation of processing
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing of your data
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at [email protected]

9. Cookies and Tracking Technologies

9.1 Essential Cookies

• Authentication tokens (required for login)
• Session management
• Security and fraud prevention

9.2 Analytics Cookies (if enabled)

• Google Analytics for usage statistics
• Performance monitoring
• User behavior analysis

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States and European Union. These countries may have data protection laws different from your jurisdiction.

We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for data transfers
• Compliance with GDPR and UK GDPR requirements

11. Children's Privacy

Our Service is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification for material changes

Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

14. Data Protection Officer

For data protection inquiries, you can contact our Data Protection Officer at:

Email: [email protected]