Privacy Policy

RizzUp is operated by Codo Digital Ltd (company number 12307247), 128 City Road, London, EC1V 2NX. For the purposes of UK data protection law, Codo Digital Ltd is the controller of the personal data described in this policy.

1. What we collect

Depending on how you use RizzUp, we may collect:

• photos you upload to the app flow;
• technical image metadata such as filename, size, type, width, and height;
• generated previews and final rendered images;
• checkout and saved-credit data, including your selected style, plan, and credits purchased;
• the email address associated with your Stripe checkout, where used to restore saved credits;
• sign-in token records used to send and validate saved-credit recovery links;
• basic request and device data such as user agent, request identifiers, CSRF tokens, and same-origin security data.

2. How we use your data

We use personal data to:

• upload, analyse, and process your photos;
• generate watermarked previews and full downloadable images;
• take payment and allocate photo credits;
• restore access to existing saved credits by email link;
• operate security controls, prevent fraud, and debug service failures;
• maintain logs and processing records so uploads, previews, and finished images work properly.

3. Lawful bases

We process your data where necessary to perform our contract with you, where necessary for our legitimate interests in running and securing the service, and where necessary to comply with legal obligations.

4. Payments and third parties

Payments are handled by Stripe. When you use Stripe Checkout, Stripe collects and processes payment information directly under its own privacy terms. We receive limited payment-related data back, such as purchase status, credits purchased, and customer email details needed to restore saved credits.

RizzUp also uses service providers to host the site, store processing records, send recovery emails, and process generated assets. This may include Netlify-hosted services and Postmark for saved-credit recovery email delivery.

5. Uploads and generated images

Uploaded photos and generated outputs are processed so the app can analyse quality, prepare previews, generate final images, and provide downloads. Some of that processing happens in the background, so results may not appear instantly.

Storage locations and retention periods may change as the service improves. You should not upload highly sensitive images unless you are comfortable with them being processed for this purpose.

6. Cookies and security controls

RizzUp currently uses a CSRF cookie and related request validation data to help protect the app flow against cross-site request forgery and unauthorised requests. These controls are used for security and service integrity rather than advertising.

7. Data retention

We keep personal data for as long as reasonably necessary to operate the workflow, restore purchased credits, resolve disputes, prevent abuse, and meet legal or accounting obligations. We may delete uploads, generated assets, queue records, or recovery records earlier where they are no longer needed.

8. International transfers

Some of our service providers may process data outside the UK. Where that happens, we aim to use appropriate safeguards required by applicable law.

9. Your rights

Subject to applicable law, you may have rights to request access, correction, erasure, restriction, objection, or portability in relation to your personal data. You may also have the right to complain to the Information Commissioner's Office in the UK.

10. Contact

To make a privacy request or ask a question about this policy, contact RizzUp via Codo Digital Ltd at 128 City Road, London, EC1V 2NX.

11. Changes to this policy

We may update this Privacy Policy from time to time. The latest version published on this page will apply.