How Mew Design handles your data

• Email address, username, encrypted password, avatar, preferences, and language settings.
• Authentication information from supported sign-in providers such as Google or GitHub.

• Prompts, instructions, chat context, uploaded reference assets, generated designs, edits, exports, and public share settings.
• Creation metadata such as titles, descriptions, previews, timestamps, model/tool usage, and credit consumption.

• Plan, subscription, invoice, credit balance, usage, and transaction history.
• Payment details are handled by Stripe. We do not store full card numbers on our servers.

• IP address, browser, device, pages visited, referral source, feature usage, errors, diagnostics, and security logs.
• Cookie and analytics data where enabled or required for operation, measurement, security, or consent preferences.

• Messages you send to support, feedback, billing questions, dispute details, and other information you choose to provide when contacting us.
• Account, product, security, billing, and legal notices we send or receive in connection with the service.

Create accounts, authenticate users, generate and edit designs, store assets, route public pages, provide support, and keep work available across sessions.

Process subscriptions, invoices, refunds, credit usage, fraud checks, entitlement checks, and payment-related support.

Where privacy laws require a legal basis, we rely on performing our agreement with you, our legitimate interests in operating and protecting the service, your consent where required, and compliance with legal obligations.

Debug issues, measure product usage, prevent abuse, evaluate AI workflows, protect infrastructure, and improve reliability and user experience.

Send account, security, billing, support, product, or legal notices. Marketing messages are sent only where permitted and can be opted out of where required.

Prompts, uploaded assets, conversation context, and generated content may be sent to AI providers so they can return design output or edit results.

We use cloud infrastructure and storage providers such as Cloudflare R2 and legacy Tencent Cloud COS compatibility for files, previews, public assets, and delivery.

Stripe processes payment details, subscriptions, and invoices. OAuth providers process sign-in information when you choose those login methods.

Analytics, logging, and monitoring tools help us understand product performance, detect failures, prevent abuse, and improve the public website.

Vendors process information for hosting, AI generation, payments, analytics, storage, support, email, security, and similar operational functions.

If you publish, share, submit content to public galleries, or make a page indexable, the selected content and metadata may become publicly accessible and may be indexed by search engines.

We may disclose information if required by law, to protect rights and safety, prevent fraud or abuse, enforce terms, or respond to lawful requests.

Information may be transferred as part of a merger, acquisition, financing, reorganization, or sale of assets, subject to continued protection.

You may request a copy of personal information we hold about you and, where applicable, a portable copy of certain data.

You may ask us to correct inaccurate information or delete information, subject to legal, security, billing, and operational retention needs.

Where applicable, you may request restriction of processing or object to certain processing activities.

Where applicable, you may withdraw consent, manage cookies, opt out of marketing, or opt out of sale/share style advertising uses if introduced.

Where applicable, you may request limits on certain sensitive personal information uses and you have the right not to be discriminated against for exercising privacy rights.

We may need information to verify a request. Depending on your location, you may also have the right to appeal our response or complain to a privacy authority.