Privacy Policy

Effective date: 2026-04-26 · Last updated: 2026-04-26

Fixed Seed LLC ("Fixed Seed," "we," "us," or "our") operates www.fixedseed.com and a family of AI tools including outpaint.app (collectively, the "Services"). This Privacy Policy explains what we collect, why we collect it, and the limited ways we use it. We are an AI inference provider — our business is running models for you and handing the result back. We are not in the business of profiling you, training on your work, or reselling your data, and this policy is written to reflect that.

If you do not agree with this Privacy Policy, please do not use the Services.

1. Who we are and how to contact us

Fixed Seed LLC is the data controller for personal information processed through the Services.

• Location: West Hollywood, Los Angeles, California
• Privacy contact: support@fixedseed.com

2. Information we collect

We collect only what we need to run the Services.

Account information (via Auth0). When you sign in, our identity provider Auth0 returns to us your email address, a stable user ID, and (if you used a social provider) a display name and avatar URL. We do not collect or store your password.

Payment information (via Stripe). When you purchase credits, Stripe collects your card or payment-method information directly. We never see or store your full card number. Stripe returns to us a customer ID, the amount paid, the credit pack purchased, and the status of the transaction. Stripe's own privacy practices are governed by Stripe's Privacy Policy.

Content you submit.

• Input images — files you upload to be outpainted, edited, or otherwise processed.
• Prompts and parameters — the optional text and settings you attach to a job.
• Output images — the images our models produce for you.

Service metadata. Job IDs, timestamps, model parameters, credit balances and transactions, error logs, and the IP address and user agent of requests so we can debug, prevent abuse, and meet Stripe's fraud-prevention requirements.

Cookies and similar technologies. A session cookie used by our identity provider; a small set of first-party cookies for preferences (e.g., the last aspect ratio you selected). We do not use third-party advertising cookies and we do not run cross-site tracking.

3. How we use your information

We use the categories above only to:

• Authenticate you and let you access your gallery
• Run the AI inference job you requested and return the result to you
• Store your output images in your private gallery so you can view, download, or delete them
• Process payments and apply purchased credits to your balance
• Provide customer support and respond to your inquiries
• Detect, investigate, and prevent fraud, abuse, and security events
• Comply with legal obligations (tax, accounting, lawful requests)

What we do not do. We do not sell your personal information. We do not share it with advertisers. We do not use your input images, output images, or prompts to train AI models — ours or anyone else's.

4. Image data — retention and deletion

This is the most important commitment in this policy and we want to say it plainly.

Input images are short-lived. Once a job finishes, the input image is deleted from our processing storage. Inputs are never moved to your gallery and are not retained beyond what's needed to complete the job.

Output images live in your gallery until you delete them. We retain your generated outputs in cloud storage so you can return to them in the gallery view, compare against the original, or download them. We do not display them to anyone other than the signed-in account that produced them.

Deletion is permanent and user-driven. When you delete an image from the gallery:

1. The image record is removed from our database.
2. The image file is deleted from our primary cloud storage (currently Amazon S3) and from our content delivery cache.
3. The deletion event itself is logged (without the image data) for audit purposes.
4. The image is removed from encrypted backups within 30 days, the maximum lifetime of any individual backup snapshot. After that point the image cannot be recovered, including by us.

You may also request deletion of your entire account by emailing support@fixedseed.com. Account-level deletion removes all of your gallery contents and account metadata under the same timeline.

We may retain transaction records (date, amount, Stripe customer ID, last 4 of card via Stripe) for as long as required by tax and financial-reporting law, typically seven years. These records do not contain your image or prompt content.

5. Who we share information with

We share data only with vendors that help us run the Services, under contracts that restrict their use of the data to operating the Services on our behalf.

• Auth0 (Okta, Inc.) — authentication
• Stripe, Inc. — payment processing
• Amazon Web Services, Inc. — cloud storage (S3) and content delivery (CloudFront)
• Modal Labs, Inc. — AI model inference compute
• Railway Corporation — application hosting

We may also disclose information when required to do so by law, to respond to lawful requests from public authorities, or to protect the rights, property, or safety of Fixed Seed, our users, or others.

6. Your rights

Depending on where you live, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate personal data
• Delete your account and content (see Section 4)
• Object to or restrict processing
• Port your data in a machine-readable format
• Opt out of "sale" or "sharing" of personal information — we do not engage in either, but the right exists for California residents under the CPRA
• Withdraw consent where processing is based on consent

To exercise any of these rights, email support@fixedseed.com from the address on your account. We will respond within the time required by applicable law (typically 30 to 45 days).

You also have the right to lodge a complaint with your local data protection authority.

7. International transfers

We are based in the United States. If you access the Services from outside the United States, your information will be transferred to, stored, and processed in the United States and in the regions where our vendors operate. Where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.

8. Security

We use HTTPS for all traffic, encrypted storage for image files, scoped pre-signed URLs for upload and download, and access controls that restrict production data to a small number of personnel. No system is perfectly secure; if a breach affects your data we will notify you and, where required, regulators within the legally mandated timeframes.

9. Children

The Services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact support@fixedseed.com and we will delete it.

10. Changes to this policy

We may update this Privacy Policy. The "Last updated" date at the top will reflect the most recent version. Material changes will be announced via email or in-app notice at least 3 days before they take effect.

11. Contact

Questions, requests, or complaints:
support@fixedseed.com
Fixed Seed LLC — West Hollywood, Los Angeles, California