← SHA3D.STUDIO  ·  Shanley AI · ShaTechPack

Privacy Policy

Shanley AI · SHA3D.STUDIO · ShaTechPack.studio — Last updated: June 2026
The short version: your designs are processed transiently and never stored on our servers, never used to train AI models, and never sold.

This policy describes how Djamu LLC, doing business as Shanley AI ("we," "us"), collects, uses, and protects information when you use SHA3D.STUDIO, ShaTechPack.studio, or our done-for-you services (together, the "Services"). We are based in Brooklyn, New York, USA.

Questions: hello@shanley.ai

1. Information We Collect

Account information. Name, email address, and password (stored hashed by our authentication provider) when you create an account.

Payment information. Payments are processed by Stripe. We never see or store your card details — they live only with Stripe. We retain credit-ledger and transaction records (amount, date, credits granted) for accounting and fraud prevention.

Your designs and uploads. Sketches, images, reference photos, measurements, and design details you upload or submit for done-for-you work ("Client Content"). App uploads are processed transiently and are not stored on our servers (see Section 5).

Generated outputs. The sketches, mockups, and tech packs the Services produce for you — delivered to your browser, not stored by us (see Section 5).

Usage data. Credit balance and transactions, per-generation metadata (task type, AI provider and model, token counts, estimated cost — never the images themselves), feature usage, device and browser type, and IP address (used for rate limiting and abuse prevention).

Communications. Emails and messages you send us.

We do not knowingly collect information from anyone under 18; the Services are not directed to minors.

2. How We Use Information

We do not sell your personal information, and we do not use your designs to train our own AI models or to create products competing with yours.

3. AI Processing and Third-Party Providers

Generating outputs requires sending your prompts and Client Content to third-party AI model providers (currently Google and/or OpenAI) for processing. We use these providers under their business/API terms, which by their policies do not use API-submitted content to train their models. Which provider processes a given generation may vary.

Other processors we use:

ProviderPurpose
StripePayment processing
Google / OpenAIAI generation (API)
VercelHosting and serverless functions
SupabaseAuthentication and database (accounts, credits, usage metadata)

Each processor receives only what it needs to perform its function. We do not use any third-party analytics or advertising services.

4. Confidentiality of Your Designs

Your unreleased designs are treated as confidential per our Terms of Service. Access is limited to what is necessary to provide the Services. Done-for-you work appears in our portfolio only after your product is publicly released, and you may opt out at hello@shanley.ai.

5. Data Retention

6. Security

We use industry-standard measures: encryption in transit (TLS), encrypted storage, hashed passwords, row-level access controls in our database, and signature-verified payment webhooks. No system is perfectly secure; if a breach affects your personal information, we will notify you as required by law.

7. Your Rights

Depending on where you live (including California under CCPA/CPRA and the EU/UK under GDPR), you may have the right to: access the personal information we hold about you, correct it, delete it, receive a portable copy, object to or restrict certain processing, and opt out of marketing. We do not sell or share personal information for cross-context behavioral advertising, so there is nothing to opt out of on that front.

To exercise any right, email hello@shanley.ai. We will verify your identity and respond within the time required by applicable law (generally 30–45 days). We will not discriminate against you for exercising your rights.

EU/UK users: our legal bases are contract performance (providing the Services), legitimate interests (security, improvement, fraud prevention), consent (marketing), and legal obligation (tax records). Your data is processed in the United States; we rely on our processors' standard contractual clauses and equivalent safeguards for international transfers.

8. Cookies

We use only essential authentication state (your login session, stored by our authentication provider) and security cookies. We use no analytics or advertising cookies.

9. Changes to This Policy

We may update this policy. Material changes will be announced by email or in-app notice before they take effect. Continued use after the effective date constitutes acceptance.

10. Contact

Djamu LLC d/b/a Shanley AI
Brooklyn, New York, USA
hello@shanley.ai