Privacy Policy

Aetera (the "service") is operated under a private holding registered in Austria. The data controller for the purposes of GDPR is Aetera Ltd. Reach us via the contact form.

We collect only what is necessary to operate the service:

• Account: email address, hashed password (or OAuth identifier), account creation date.
• Billing: Stripe customer identifier and subscription state. We do not store card numbers.
• Restoration metadata: timestamps, mode, processing time, success/failure status.
• Uploaded images: present only for the duration of processing and the 48-hour download window.
• Anonymous analytics: aggregated page views and feature usage. No personally identifying information.

Account and billing data are used to authenticate you and operate your subscription. Restoration metadata is used to render the History view and to investigate failures. Uploaded images are used only to produce the restoration you requested.

No data is shared with advertisers, brokers, or downstream marketers — full stop.

Authentication and metadata live in Supabase (EU region, Frankfurt). Uploaded images live in Cloudflare R2 (encrypted at rest). GPU processing happens on RunPod. Stripe handles billing. Each of these processors operates under its own DPA with us and the GDPR-required safeguards.

You can. We can — a small operational team, only when necessary to investigate a specific issue you have raised, and never to view image content unless you've explicitly granted access (e.g. for a support ticket where you attach an image).

No other party has access to your uploaded photographs.

Uploaded images: 48 hours from upload, then deleted by R2 lifecycle rules. No backups, no archives.

Restoration metadata: until you delete your account.

Account record: deleted within 30 days of account closure, sooner on request, subject to legal-hold requirements for tax records.

You have the right to access, correct, port, restrict, or delete your data. Email us and we'll respond within 30 days.

We do not engage in profiling or automated decision-making that produces legal effects. Marketing emails (if you opt in) include a one-click unsubscribe.

We use a single essential cookie for authentication and an anonymous analytics cookie for aggregate page-view counts. No third-party tracking, no advertising pixels.

You can disable analytics at any time from your account or by blocking the cookie in your browser; the service will continue to work normally.

Personal data is processed in the EU. Where a sub-processor (Stripe, RunPod) operates outside the EU, transfers are governed by the European Commission's Standard Contractual Clauses.

Aetera is not intended for users under 16. If we learn we have collected data from a minor without parental consent, we will delete it promptly.

We will publish material changes with at least 14 days' notice and email any user who has opted in to product updates. Continued use after the effective date constitutes acceptance.

For privacy-specific questions, send a message via the contact form with "DPO" in the subject. We will route the message accordingly.