top of page

Privacy policy

Privacy Policy

Last Updated: 29 October 2025

This Privacy Policy explains how ArchiGPT.ai (“ArchiGPT,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal data when you visit our websites, create an account, or use our AI tools and related services (the “Services”). We are a company registered in England & Wales (Company No. 16031114). For privacy enquiries, contact hello@archigpt.ai

 

1) Who is responsible for your data?

For purposes of the UK GDPR and (where applicable) EU GDPR, the data controller is the company registered under Company No. 16031114 trading as ArchiGPT. Our contact for privacy matters is hello@archigpt.ai

2) What we collect

We collect the following categories of data, depending on how you interact with us:

Account & Identity Data – name, email, password (hashed), user ID, organization, plan tier.

Payment & Billing Data – transaction details, billing address, VAT/tax info. Payments are processed by third-party processors (e.g., Stripe); we do not store full card numbers.

Content & Files – prompts, text, images, seeds, parameters, and other materials you upload or generate when using the Services.

Usage & Technical Data – device and browser information, IP address, timestamps, log files, feature usage, error diagnostics, and approximate location inferred from IP.

Support & Comms – messages you send us (email, forms, chat), feedback, and metadata about those communications.

Marketing Preferences – your opt-in/opt-out choices for newsletters and product updates.

Cookies & Similar Tech – identifiers that help us run the site, remember settings, measure usage, and (where enabled) tailor marketing.

 

3) How we use your data (purposes & legal bases)

We process personal data for the purposes below, under the corresponding legal bases:

Provide the Services – create/manage accounts, authenticate users, deliver features, render outputs, and provide customer support. (Performance of a contract)

Operate, secure, and improve – monitor performance, fix bugs, prevent abuse, maintain availability, and enhance features (including quality, safety, and relevance of AI outputs). (Legitimate interests; in some cases, legal obligation)

Billing and tax compliance – process payments, handle invoices/receipts, prevent fraud, and meet tax/record-keeping duties. (Performance of a contract; legal obligation)

Communicate with you – service announcements, critical changes, security notifications. (Legitimate interests / legal obligation)

Marketing (optional) – send product updates, tips, and offers. (Consent or legitimate interests subject to PECR soft-opt-in; you may opt out at any time)

Research & analytics – aggregate and de-identify usage patterns to understand product performance and inform improvements. (Legitimate interests)

Model/Feature improvement. We may use aggregated, de-identified usage data and statistics to improve our Services. Where we rely on consent for any use of identifiable content beyond providing the Service, you may withdraw consent at any time.

 

4) Content visibility & discoverability

Some areas of the Service are designed for inspiration and discovery. Items produced or submitted within those flows may appear in those areas and on related pages that are easy to find and share. From time to time, the Service may create stand-alone project/detail pages for content along with descriptive elements (e.g., prompt fragments, tags, timestamps, or a display name/handle where applicable). Once surfaced broadly, copies or references may persist in places we do not control (for example, caches or archives).
Tip: avoid including confidential or personal information in materials you intend to keep private. Where a feature offers a private or unlisted mode, select it before submission.

 

5) Cookies

We use:

Essential cookies – required for sign-in, security, and core features.

Functional cookies – remember preferences.

Analytics cookies – help us understand usage and improve service quality.

Advertising cookies (if enabled) – measure or tailor outreach.

You can manage cookies in your browser, and (where required) via our consent tools. Blocking certain cookies may affect site functionality.

 

6) Sharing your data

We do not sell personal data. We share it only as described below:

Service providers / processors – e.g., cloud hosting, content delivery, storage, analytics, logging, customer support, email delivery, payment processing, and fraud prevention. These providers process data under contracts that require appropriate confidentiality and security.

Business operations – accountants, auditors, insurers, and legal advisers where necessary.

Compliance & safety – to comply with law, enforce terms, protect rights, security, and safety, or respond to lawful requests.

Corporate transactions – if we undergo a merger, acquisition, financing, or asset sale, your data may be transferred subject to this Policy or a successor policy that is no less protective.

 

7) International transfers

Your data may be processed outside the UK/EEA. Where we transfer personal data internationally, we rely on lawful transfer mechanisms—such as UK/EU Standard Contractual Clauses—and implement appropriate safeguards.

 

8) Retention

We keep personal data only as long as needed for the purposes above, including to comply with legal, accounting, or reporting duties. Typical periods include:

Account profile & subscription records: for the life of the account and up to 6 years thereafter (tax/contract records).

Payment/transaction data: up to 6 years (legal/tax).

Support tickets & communications: usually 24 months after closure.

Logs/diagnostics: typically 12 months.

Renders, uploads, and generations: by default kept for a limited window (e.g., 7 days) unless explicitly saved or published via product features designed for longer visibility.
Actual retention may vary based on legal duties, disputes, or product settings disclosed at the point of use.

 

9) Your rights

Subject to applicable law, you have the right to:

Access a copy of your personal data.

Rectify inaccurate or incomplete data.

Erase data in certain circumstances (“right to be forgotten”).

Restrict processing in certain cases.

Object to processing based on legitimate interests, and to opt out of marketing at any time.

Portability – receive your data in a commonly used format and transmit it to another controller, where technically feasible.

Withdraw consent where we rely on consent.

To exercise rights, email hello@archigpt.ai
. We may request information to verify your identity and will respond within the timeframe required by law.

If you are in the UK or EEA, you also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO).

 

10) Security

We implement technical and organizational measures appropriate to the risk (encryption in transit, access controls, monitoring, backups, least-privilege practices). No system is perfectly secure; you are responsible for maintaining the confidentiality of your credentials and for promptly notifying us of any suspected misuse.

 

11) Children

The Services are not intended for individuals under 16 (or the minimum age of digital consent in your country). We do not knowingly collect personal data from children under that age. If you believe a child has provided personal data, contact us to request deletion.

 

12) Marketing preferences

We send marketing communications only with your consent or as permitted by soft opt-in rules for existing customers. You can unsubscribe via the email footer or by contacting us. Service and transactional emails are required and not subject to marketing opt-out.

 

13) Automated decisions

We do not engage in solely automated decision-making that has legal or similarly significant effects on you. Our AI features produce outputs based on prompts and parameters; you remain responsible for reviewing and deciding how to use those outputs.

 

14) Third-party links

Our Services may link to third-party sites or services. Their privacy practices are governed by their own policies, which we do not control.

 

15) Changes to this Policy

We may update this Policy from time to time. The “Last Updated” date shows the latest version. Significant changes will be communicated through the Service or by email where appropriate. Your continued use of the Services after an update means you accept the revised Policy.

 

16) Contact

Questions or requests about this Policy or your data?
Email: hello@archigpt.ai

Company No.: 16031114 (Registered in England & Wales)

Thank you for using ArchiGPT. We are committed to protecting your privacy while delivering powerful AI tools for design professionals.

bottom of page