iHeadshot logoiHeadshot
My OrdersGet Started

Privacy Policy

Last updated: March 2026

Introduction

iHeadshot ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process your information, including personal data, in connection with our website at iheadshot.co (the "Website") and our AI-powered professional headshot generation service (the "Service").

Please read this Privacy Policy carefully. By accessing or using iHeadshot, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

1. Information We Collect

1.1 Information You Provide to Us

Upload Photos: When you use our Service, you voluntarily upload a photograph (typically a selfie) to our servers. This photo is used exclusively to generate your professional headshots using our AI technology.

Email Address: We collect your email address when you make a purchase or request services. This is used for order confirmations, delivery of your generated headshots, and customer support purposes.

Payment Information: Payment information (such as credit card details) is collected and processed by Stripe, our third-party payment processor. We do not store your full credit card information on our servers. We only receive order confirmation details.

Order Information: We collect information related to your purchase, including order ID, package selected, transaction timestamp, and processing status.

1.2 Information Automatically Collected

Usage Data: We automatically collect certain information about how you interact with our Website and Service, including IP address, browser type, device information, pages visited, time spent, and referring URL.

Cookies and Tracking: We use cookies and similar tracking technologies to enhance your experience and analyze usage patterns. This includes both session-based and persistent cookies.

Analytics: We use Vercel Analytics to understand how users interact with our Website and to improve our services.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To process your order, generate your professional headshots, and deliver them to you via email.
  • Communication: To send you order confirmations, delivery notifications, customer support responses, and updates about our Service.
  • Payment Processing: To process payments and prevent fraudulent transactions.
  • Improvement: To analyze usage patterns, improve our Website and Service, and develop new features.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Customer Support: To respond to your inquiries and provide technical assistance.
  • Analytics: To understand user behavior and optimize our platform's performance.

3. Data Storage and Retention

Photo Storage: When you upload a photo for processing, it is securely stored in Supabase storage. Your uploaded photo and the AI-generated headshots are retained for 30 days from the date of upload. After 30 days, all photos are automatically and permanently deleted from our servers.

Email and Order Data: We retain your email address and order information for customer service, refund processing, and legal compliance purposes. You can request deletion of this data by contacting us at support@iheadshot.co, except where required by law.

Download Window: You have full access to download your generated headshots during the 30-day retention period. We recommend downloading your photos promptly to ensure you have permanent copies.

4. Third-Party Services

Our Service relies on third-party providers that may access your information:

4.1 Stripe

We use Stripe for payment processing. Stripe handles your payment card information in compliance with PCI Data Security Standards. Your full credit card details are not stored on our servers. For more information, see Stripe's Privacy Policy at stripe.com/privacy.

4.2 Supabase

We use Supabase for secure storage of your uploaded photos and generated headshots. Supabase employs industry-standard security measures and encryption. Your photos are stored only for the 30-day retention period as described above.

4.3 Google Gemini AI

Your uploaded photo is processed by Google Gemini AI to generate professional headshots. Google Gemini's use of your data is governed by Google's Privacy Policy. The photo is used solely for generating your headshots and is not retained by Google beyond the processing period.

4.4 Resend

We use Resend to send order confirmation and headshot delivery emails. Your email address is shared with Resend for the purpose of sending these communications.

4.5 Vercel Analytics

We use Vercel Analytics to analyze Website usage patterns and performance. This service collects anonymized usage data.

We do not sell, rent, or share your personal information with third parties except as necessary to provide our Service or as required by law.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure storage in Supabase with encryption at rest
  • Access controls and authentication mechanisms
  • Regular security assessments

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. You use our Service at your own risk.

6. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Remember your preferences
  • Understand how you use our Website
  • Provide analytics and improve our services
  • Enable secure authentication

You can control cookie settings through your browser. However, disabling cookies may affect the functionality of our Website.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

7.1 Access

You have the right to request access to the personal information we hold about you.

7.2 Deletion

You have the right to request deletion of your personal information, subject to certain legal exceptions.

7.3 Correction

You have the right to request correction of inaccurate personal information.

To exercise any of these rights, please contact us at support@iheadshot.co with your request and verification information.

8. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will promptly delete such information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of significant changes by updating the "Last updated" date and, where appropriate, by email or other notice.

10. Contact Us

If you have questions about this Privacy Policy, our privacy practices, or wish to exercise your rights, please contact us at:

iHeadshot

Email: support@iheadshot.co

Website: iheadshot.co

We will respond to your request within 30 days or as required by applicable law.