Privacy Policy

Effective date: April 28, 2026

CrayonCraft ("Service"), available at crayoncraft.app, is operated by CrayonCraft ("we", "us", "our"). We are committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

1. Our Privacy-First Approach

CrayonCraft is designed to minimize the data we hold about you. The free basic style processes images entirely in your browser — those photos never leave your device. When you process photos through our premium pipeline while signed in, both the source photo and the resulting coloring page are stored in your account library so you can access them across devices and reuse them in coloring books — see "Library Storage" below for details on how to delete them. A separate narrow case applies when you place an order for a printed book — see "Print Orders" below.

2. Information We Collect

We collect minimal information necessary to provide the Service:

Account Information: If you create an account, authentication is handled by Clerk, a third-party authentication provider. Clerk may collect your email address, name, and authentication credentials. Please refer to Clerk's Privacy Policy for details on their data handling.

Payment Information: If you make a purchase, payment processing is handled by Lemon Squeezy. We do not directly collect or store your payment card details. Please refer to Lemon Squeezy's Privacy Policy for details.

We do not collect:

Your photos or images (during standard client-side processing)
Location data
Device fingerprints

3. Local Data Storage (IndexedDB)

CrayonCraft stores your coloring book projects, pages, and associated image data in your browser's IndexedDB. This data:

Is stored entirely on your device, in your browser.
Is not synced to any external server.
Is not accessible to us or any third party.
Can be deleted at any time by you through your browser settings or by clearing site data.
May be lost if you clear your browser data, switch browsers, or use private/incognito mode.

4. Server-Side Premium Processing

If you opt in to premium processing features, your images will be sent to third-party AI services (such as Replicate) for enhanced processing. When using premium features:

Your images are transmitted to third-party AI service providers for processing.
Images are processed and returned to you; we do not permanently store them on our servers.
Third-party AI providers may have their own data retention policies. We select providers who do not retain input images beyond the processing session, but we encourage you to review their privacy policies.
You will always be clearly informed before any server-side processing occurs.

4a. Print Orders

When you place an order for a printed coloring book, we generate a print-ready PDF from your book and upload it to a secure storage location so our print-on-demand partner (Lulu) can fetch it during production. These PDFs are retained for up to 30 days after the order is placed, after which they are automatically deleted. The 30-day window matches Lulu's defect-claim period and lets you re-download the book or request a reprint if the shipment arrives damaged or misprinted. We do not use these PDFs for any other purpose and do not retain them beyond the 30-day window.

4b. Library Storage

When you process photos through our premium pipeline while signed in, we store the resulting coloring page and the source photo on Vercel Blob (a public-CDN-style object store backed by AWS) so you can access them across devices and reuse them in coloring books. These images live under URLs scoped to your account ID. Photos remain stored until you delete them via the in-app library or request account deletion. Free/basic processing happens entirely on your device — those images never leave your browser.

Uploaded blobs are served from Vercel's public CDN. The URLs include a random suffix so they are not enumerable, but anyone who possesses a URL can fetch the image. Treat these URLs as you would unlisted links: don't share them broadly. Deleting a page from the library removes both the database record and the underlying blob.

5. Cookies

CrayonCraft uses cookies for two purposes:

Authentication via Clerk — necessary for maintaining your signed-in session.
Analytics via Google Analytics 4 — only set if you grant consent through the cookie banner shown on first visit.

We do not use advertising or marketing cookies, third-party advertising trackers, or build user profiles for ad targeting.

6. Tracking and Analytics

We use Google Analytics 4 to collect aggregated page-view data so we can understand how the Service is used and improve it. Analytics is consent-gated: by default, Google Consent Mode v2 is configured to deny analytics storage, and the GA4 tag will not set cookies or send identifying signals until you click "Accept" on the consent banner. If you click "Decline" (or never interact with the banner), GA4 collects no measurement data from your visit. You can revisit your choice at any time by clearing the cc_analytics_consent entry in your browser's local storage; the banner will reappear on your next visit. We do not use advertising or marketing cookies, we do not build user profiles, and we do not share any data with advertising networks. For details on how Google handles Analytics data, see Google's partner privacy policy.

7. Third-Party Services (Sub-processors)

The Service relies on the following third-party providers ("sub-processors"). Each has their own privacy policy governing their handling of your data:

Vercel — Web hosting, serverless functions, and Vercel Blob storage (which stores your library photos and processed pages on AWS S3 infrastructure).
Clerk — Authentication and account management (email, name, session tokens).
Turso — Database (libSQL) for our consumer telemetry, library page/book records, credit ledger, and generation logs.
Upstash — Redis-based rate limiting and abuse-protection counters.
Replicate — Premium image processing (Qwen-Image-Edit-2511 model). Photos are sent only when you trigger a premium generation and are not retained by Replicate beyond the processing session.
Google Cloud Vision — Automated SafeSearch screening of images submitted for premium processing (no human review).
Google Analytics 4 — Aggregate analytics (consent-gated; see Section 6).
Lemon Squeezy — Web payment processing for credit packs and printed-book orders.
RevenueCat — In-app-purchase processing for the iOS and Android apps (when active).
Lulu xPress — Print-on-demand partner for physical coloring books. When you place a print order, your book content and shipping information are shared with Lulu for production and fulfillment.
Resend — Transactional email (purchase receipts, account notifications, internal alerts).
Twilio — SMS delivery for the SMS-to-coloring-page feature (when active).
Nominatim / OpenStreetMap — Reverse-geocoding lookups so EXIF GPS metadata in your photos can be turned into human-readable location captions in books. Only the GPS coordinates are sent — no image data.

7a. Content Moderation

Images submitted for premium server-side processing are automatically screened using Google Cloud Vision SafeSearch to detect potentially inappropriate content (such as adult or violent material). This screening is fully automated — no human reviews your images. Images that are flagged are rejected and not processed. We do not store flagged images, but we may retain metadata (timestamp, user ID, flag reason) as required by law.

7b. Branding on Generated Content

CrayonCraft branding (logos, URLs, watermarks) may appear on coloring pages and PDFs generated by the Service. This branding indicates only that CrayonCraft tools were used to create the content. It does not mean CrayonCraft has reviewed, approved, or endorsed the content. All content is created by users on their own devices (for the free tier) or processed briefly on third-party servers (for the premium tier) without human review by CrayonCraft.

8. Children's Privacy (COPPA)

CrayonCraft is designed for parents and adults who create coloring pages for children. The Service is not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13. Parents and guardians use the Service on behalf of their children.

If you believe a child under 13 has provided personal information to us, please contact us so we can take appropriate action.

9. Data Retention

Different categories of data have different retention windows:

Local data (IndexedDB): Persists until you clear it through the app, clear your browser data, or uninstall your browser.
Library photos and pages (Vercel Blob): Retained until you delete them in-app or request account deletion (see Section 10a).
Library records (Turso database): Same lifecycle as the blobs above.
Generation logs, rejection logs, refund logs, abuse counters: Pruned automatically after 90 days (configurable; see RETENTION_DAYS).
Print-ready PDFs: Retained for up to 30 days after the order is placed, then automatically deleted (see Section 4a).
Account data: Retained by Clerk as long as your account is active. Deleted within 7 days of an account-deletion request (see Section 10a).
Payment records: Retained by Lemon Squeezy / RevenueCat in accordance with their policies and applicable financial regulations. Our internal credit-ledger and purchase rows are retained for accounting reconciliation and tax compliance.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you.
Request correction or deletion of your personal data.
Object to or restrict certain processing of your data.
Request data portability.
Withdraw consent where processing is based on consent.

To exercise these rights, please contact us using the information below.

10a. Data Deletion

You can request full deletion of your account and all associated data in two ways:

In-app: Settings → Delete account. (For developer / API use, this is a POST to /api/account?op=delete with body { "confirm": "DELETE_MY_ACCOUNT" } from a signed-in browser session.)
By email: Contact us via the support page and select "Privacy / Data Request".

Deletion cascades to: your Clerk identity (sign-in record, email, name), our Turso database (consumer user record, library pages and books, generation logs, rejection logs, refund records, abuse counters, credit ledger, purchase records), and our Vercel Blob storage (your photos, processed pages, and thumbnails). Deletion typically completes within 7 days. Some records may be retained where required by law (for example, tax-relevant payment records held by our payment providers).

11. Our Trust Commitments

CrayonCraft is built on these privacy commitments:

No Ads: CrayonCraft does not display advertisements, does not integrate with any ad network, and does not sell or share your data with advertisers.
SafeSearch Protected: Every image submitted for premium processing is automatically screened by Google Cloud Vision SafeSearch before it is processed. This protects our community by blocking inappropriate content without any human review of your images.
Account-Scoped Image Storage: Your premium photos and processed pages are stored in your account library on our infrastructure (Vercel Blob, AWS-backed) and are accessible only via URLs scoped to your account ID. Free / basic processing happens entirely in your browser and never reaches our servers. You can delete any library item at any time, or wipe all of it via account deletion (see Section 10a). Print-ready PDFs are kept for at most 30 days (see Section 4a).
Right to Walk Away: You can request full account deletion at any time. We will delete your data within 7 days.

12. Data Security

We take reasonable measures to protect your information. Our privacy-first architecture — where photos are processed locally on your device — is itself a security measure, as your images are never exposed to network transmission during standard use. Account authentication is handled by Clerk using industry-standard security practices.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this page periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through our support page. Select "Privacy / Data Request" as the type and we will respond within 1-2 business days.