Privacy Policy
AI SVG Icon Generator ("the Service") processes personal information in accordance with relevant laws. This Privacy Policy explains how we collect, use, and protect your personal information.
1. Purpose of Processing Personal Information
The Service processes personal information for the following purposes:
- AI icon generation service provision
- Rate limiting and abuse prevention
- Public gallery operation and management
- SVG tools (Viewer, Converter, Optimizer) provision
- Service improvement and analytics
- Content moderation
2. Items of Personal Information Processed
The Service collects the following personal information for the purposes outlined below.
| Category | Items Collected | Collection Method |
|---|---|---|
| Icon Generation | Icon name, description, type | User input |
| Rate Limiting | IP address (hashed) | Automatic collection |
| Gallery | Icon name, description, type, SVG code | User submission |
| Analytics | Page views, session data, device info | Automatic collection (Google Tag Manager) |
3. Processing and Retention Period
Personal information is retained and used for the following periods.
| Category | Retention Period | Basis |
|---|---|---|
| Rate limiting data | 1 minute (sliding window) | Legitimate interest (abuse prevention) |
| Gallery data | Up to 90 days | Service provision |
| Analytics data | Per Google's data retention policy | Legitimate interest (service improvement) |
| Icon generation input | Not stored after processing | Processing only |
4. Provision of Personal Information to Third Parties
The Service provides personal information to third parties as follows.
| Recipient | Purpose | Items Provided | Retention Period |
|---|---|---|---|
| OpenAI, Inc. | AI icon generation | Icon name, description, type | Per OpenAI's privacy policy |
| Google LLC | Analytics and service improvement | Anonymized usage data | Per Google's data retention policy |
5. Entrustment of Personal Information Processing
The Service entrusts the processing of personal information as follows.
| Trustee | Entrusted Tasks |
|---|---|
| OpenAI, Inc. | AI-powered SVG icon generation from text descriptions |
| Upstash, Inc. | Rate limiting data management and gallery data storage |
The Service manages and supervises entrusted parties to ensure that personal information is processed securely in accordance with relevant laws.
6. Cross-Border Transfer of Personal Information
The Service transfers personal information overseas as follows.
| Recipient | Country | Items Transferred | Purpose | Retention Period |
|---|---|---|---|---|
| OpenAI, Inc. | USA | Icon descriptions | AI icon generation | Per OpenAI's policy |
| Google LLC | USA | Anonymized usage data | Analytics | Per Google's policy |
| Upstash, Inc. | USA | IP address (hashed), gallery data | Rate limiting, storage | Per Upstash's policy |
The Service takes appropriate measures to protect personal information during cross-border transfers in accordance with applicable laws.
7. Destruction Procedures and Methods
- Destruction Procedures: When personal information becomes unnecessary, it is destroyed without delay. Rate limiting data is automatically deleted after the retention period expires. Gallery data is automatically purged after 90 days.
- Destruction Methods: Electronic files are permanently deleted using technical methods that prevent recovery. All data is stored electronically; there are no physical records to destroy.
8. Processing of Sensitive Information
The Service does not collect or process sensitive information such as biometric data, health information, political opinions, religious beliefs, or genetic data. If the processing of sensitive information becomes necessary in the future, separate explicit consent will be obtained from users.
9. Automated Decision-Making
The Service uses the following automated processing systems.
| Automated Processing | Description |
|---|---|
| AI Icon Generation | Generates SVG icons based on user-provided text descriptions using OpenAI's API. Results are for reference and creative use only. |
| Content Moderation | Filters potentially inappropriate or harmful content from AI-generated outputs. |
| Rate Limiting | Automatically restricts access frequency per IP address to prevent service abuse. |
These automated processes do not produce decisions that have legal or similarly significant effects on users. Users may contact us to inquire about automated processing results.
10. Rights and Obligations of Data Subjects
Users have the following rights regarding personal information:
- Request access to personal information being processed
- Request correction or deletion of personal information
- Request suspension of personal information processing
- Opt out of analytics tracking through browser settings or extensions
Since the Service does not require user accounts and collects minimal personal information, most interactions with the Service are anonymous. To exercise your rights, please contact us through the information provided in Section 13.
11. Measures to Ensure Security
The Service implements the following measures to ensure the security of personal information:
- Administrative measures: Minimization of personal information collected; implementation of internal data handling policies
- Technical measures: Encryption of data in transit (HTTPS/TLS); hashing of IP addresses for rate limiting; access control for data storage systems
- Physical measures: All data is stored in secured cloud infrastructure with appropriate access controls
12. Cookies and Automatic Collection Devices
The Service uses minimal cookies and browser storage:
- Theme Preference: Your light/dark mode selection is stored in localStorage.
- Google Tag Manager: May set cookies for analytics purposes.
The Service does not use cookies for tracking individual users or serving targeted advertisements. You can refuse cookies through your browser settings:
- Chrome: Settings → Privacy and Security → Cookies
- Safari: Preferences → Privacy
- Firefox: Settings → Privacy & Security
Blocking cookies may limit some analytics functionality but will not affect core service features.
13. Chief Privacy Officer
Privacy Officer
- Department: Privacy Protection
- Email: aisvgicongenerator.dev@gmail.com
For inquiries regarding personal information processing, please contact us through the above channels.
14. Remedies for Privacy Violations
If you believe your personal information rights have been violated, you may seek assistance from the following organizations:
- Personal Information Dispute Mediation Committee (www.kopico.go.kr / 1833-6972)
- Personal Information Infringement Report Center (www.privacy.kisa.or.kr / 118)
- Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr / 1301)
- National Police Agency Cyber Bureau (www.police.go.kr / 182)
15. Changes to this Privacy Policy
This Privacy Policy may be amended as necessary. When changes are made, they will be announced through the Service website. The amended Privacy Policy will take effect from the date of posting.
16. Effective Date
This Privacy Policy is effective as of January 1, 2025.