Privacy Policy

This Privacy Policy explains how personal data is processed when you use bitbi.ai, including public browsing, account features, AI generation, saved assets, public galleries, credits, payments, contact forms, and administrative support features.

The controller is Stefan van Ark, Schwarzwaldstraße 20, 78647 Trossingen, Germany. Contact: [email protected]. Further legal information is available in the Imprint.

Effective date: 3 May 2026.

You can browse public pages and public galleries without creating an account. Technical request data such as IP address, user agent, referrer, requested URL, timestamps, headers, and error/security signals may be processed by Cloudflare, GitHub Pages, and the relevant Cloudflare Workers to deliver the site, protect it against abuse, enforce rate limits, and troubleshoot errors.

The legal basis is usually Art. 6(1)(f) GDPR: our legitimate interest in secure, reliable, and performant delivery of the service. Where communication is necessary to provide a feature you request, Art. 6(1)(b) GDPR may also apply.

The current public site is not intended to run active analytics or advertising trackers. If optional analytics or marketing scripts are enabled later, they should be controlled by the existing consent mechanism.

When you create or use an account, we process account and authentication data such as email address, password hash, email verification status, password-reset and email-verification token hashes, session records, login/security timestamps, profile identifiers, account roles, and security state such as admin MFA state where applicable.

Session cookies are used to keep you signed in. The main session cookie is HTTP-only and is not intended to be read by frontend JavaScript. Session and token records are stored in Cloudflare D1. Raw password-reset or verification tokens are sent by email where required and are stored server-side only as hashes.

This processing is necessary for account creation, login, account security, fraud prevention, and providing member-only features. Legal bases include Art. 6(1)(b), Art. 6(1)(f), and, where legal record-keeping is required, Art. 6(1)(c) GDPR.

Optional profile data may include display name, avatar, public profile metadata, favorites, and media publication choices. If you connect or verify a wallet, we process wallet address, chain/network information, verification nonce/challenge state, and signature-verification metadata needed for wallet features.

Organization and team features, where enabled, may process organization names, slugs, owner/member roles, invitations, billing seats, and related administrative metadata.

Profile display name and avatar may become visible to other users or the public when you publish content. Favorites and private account settings are not intended to make private media public by themselves.

When you use AI features, we process the inputs and settings needed to provide the requested generation. Depending on the feature, this may include prompts, negative prompts, style descriptions, lyrics, reference images or uploaded files, model choices, duration, quality, aspect ratio, seed, generation options, and generated outputs such as images, videos, audio/music, text, posters, and thumbnails.

AI requests are processed through Cloudflare Workers and may be sent to Cloudflare Workers AI, Cloudflare AI Gateway, Cloudflare Images, the separate AI Worker used by admin/internal flows, and model providers used by selected features, such as PixVerse, Vidu, MiniMax, Black Forest Labs/FLUX through Cloudflare Workers AI, and other configured model providers. The exact provider depends on the model and feature you choose.

Do not submit sensitive personal data, confidential information, or third-party personal data in prompts or uploads unless you have the necessary rights and understand that the data must be processed by infrastructure and model providers to generate the requested output. Provider-side retention and training/use terms depend on the applicable provider contracts and settings and are not fully visible from the public website code.

Member-generated and uploaded media may be saved to your account as private assets. This includes images, video, music/audio, text assets, thumbnails, posters, cover images, folders, filenames, sizes, MIME types, dimensions, generation metadata, publication state, and deletion state.

Asset metadata is stored mainly in Cloudflare D1. Media binaries and derivatives are stored in Cloudflare R2 or Cloudflare Images depending on the feature. Private saved assets are intended to be accessible only to the owning account and authorized administrative/support flows. Public delivery is only intended after you explicitly publish eligible content.

Deleting or unpublishing content affects visibility through the application, but storage cleanup can involve asynchronous lifecycle, derivative, or audit/archive processes. Deletion of backups, logs, derivatives, or archives may take additional time where those systems apply.

bitbi.ai includes public gallery areas for published member media, including Mempics, Memvids, and Memtracks. When you publish eligible media, the media itself and selected metadata such as title, preview image, media type, creation/publication time, and publisher display name or avatar/fallback identity may be visible to everyone, including logged-out visitors.

Unpublished/private media should not appear in public gallery endpoints. If you unpublish content, the public listing should stop showing it, subject to normal caching and technical propagation. Anyone who accessed public content while it was published may have viewed or cached it outside our control.

Member features use account credits. We process credit balances, reservations, deductions, refunds/reversals where applicable, quota/rate-limit events, generation attempts, transaction records, ledger entries, purchase records, and billing-related account metadata to provide paid features and prevent abuse or double charging.

Payments are handled by Stripe. We store Stripe checkout/session/customer/payment identifiers, product/pack metadata, transaction status, webhook processing metadata, and related accounting records. Based on the current implementation, full card numbers or complete payment credentials are handled by Stripe and are not stored by bitbi.ai.

Stripe processes payment data under its own privacy and security terms. We process payment metadata for contract performance, fraud prevention, accounting, and legal record-keeping under Art. 6(1)(b), Art. 6(1)(f), and Art. 6(1)(c) GDPR.

If you contact us through the contact form, we process the name, email address, subject, message, and technical anti-spam/rate-limit signals needed to receive and answer the request. The contact Worker validates the request and sends the message through Resend.

Contact messages are processed to respond to your request and to protect the form from abuse. Depending on the content, legal bases may include Art. 6(1)(b), Art. 6(1)(f), and Art. 6(1)(c) GDPR. Messages may be retained in mailboxes or support records as needed for follow-up, evidence, or legal obligations.

We use necessary cookies and browser storage to provide account login, security, consent settings, navigation continuity, media playback continuity, wallet/organization preferences, and admin/user-interface state. Examples found in the code include session cookies, cookie-consent settings, audio-player state, active organization selection, wallet connection state, pending homepage category/scroll restoration state, and admin AI Lab UI state.

These technologies access or store information on your device. Necessary storage is used under § 25(2) TDDDG and Art. 6(1)(b) or Art. 6(1)(f) GDPR. Optional analytics or marketing storage, if enabled, should require consent under § 25(1) TDDDG and Art. 6(1)(a) GDPR and can be managed through Cookie Settings.

You can delete cookies and local storage through your browser. Doing so may sign you out, reset preferences, clear saved playback state, or disrupt member features.

The service uses Cloudflare for Pages, Workers, D1, R2, Queues, Durable Objects, Images, Workers AI, and AI Gateway; GitHub for source hosting/static deployment; Stripe for payments; Resend for email delivery; and AI/model providers as required by selected generation features.

These providers may process data in the EU, the United States, or other locations depending on their infrastructure and product configuration. Where data is transferred outside the EEA, transfers should rely on appropriate safeguards such as data-processing agreements, standard contractual clauses, adequacy decisions, or other mechanisms offered by the provider. We do not state that all processing is limited to the EU.

Relevant provider information includes the Cloudflare Privacy Policy, GitHub Privacy Statement, Stripe Privacy Policy, and Resend Privacy Policy.

Administrative tools and backend systems may process account records, media metadata, generation logs, transaction records, rate-limit events, audit logs, activity summaries, and error/security events. Access is intended for authorized administration, support, abuse prevention, billing support, security investigation, and operational maintenance.

Security controls visible in the code include authentication checks, admin-only route guards, CSRF/same-origin protections for sensitive routes, session hashing, rate limiting, ownership checks for private media, signed/internal service calls for worker-to-worker flows, and size/type validation for media handling.

We retain personal data for as long as needed to provide the account and requested features, maintain security, handle billing/accounting obligations, resolve disputes, comply with law, and operate lifecycle/export processes. Some tokens and sessions have defined expiry periods; some activity/audit data is archived or expired through scheduled lifecycle processes.

User data export and lifecycle/deletion tooling exists, including archive expiry and controlled cleanup execution. However, some newer billing, organization, and media-related records may require additional review before a specific complete hard-deletion timeline can be promised. Requests for access, export, correction, or deletion can be sent to [email protected].

Depending on the feature, processing may be based on contract performance or pre-contractual steps (Art. 6(1)(b) GDPR), legitimate interests such as security and service operation (Art. 6(1)(f) GDPR), legal obligations such as accounting or compliance duties (Art. 6(1)(c) GDPR), or consent where optional storage or communications require it (Art. 6(1)(a) GDPR).

You may have rights of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21), and withdrawal of consent (Art. 7(3) GDPR). You also have the right to lodge a complaint with a supervisory authority. The competent authority for the controller's location is the Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI BW), baden-wuerttemberg.datenschutz.de.

AI generation features automatically create media or text in response to your inputs. These features are not intended to make automated decisions with legal or similarly significant effects within the meaning of Art. 22 GDPR. Credit checks, rate limits, fraud controls, and admin safety checks are rule-based operational controls for service use.

We may update this Privacy Policy when the service, providers, data flows, or legal requirements change. The current version is available on this page.

Last updated: 3 May 2026