Privacy Policy

3DRise ("we", "us", or "our"), operated by [YOUR NAME], registered as an Israeli sole proprietor (עוסק מורשה), business number [BUSINESS NUMBER], is committed to protecting your privacy. This Privacy Policy explains what personal data we collect, how we use it, and your rights under the Israeli Privacy Protection Law (1981), and, where applicable, the EU General Data Protection Regulation (GDPR).

We collect only the data necessary to operate the Service:

• Account information: Name, email address, and password (stored as a secure hash) when you register.
• Usage data: Information about how you use the platform (pages visited, features used, session duration) to improve the Service. This data is collected in aggregate and not linked to your identity beyond what is needed to provide the Service.
• Payment data: Transactions are processed by Paddle. We do not receive or store your credit card number or full payment details. We receive transaction confirmation records (order ID, amount, date) from Paddle to manage your subscription.
• Uploaded content: 3D assets, scenes, and files you upload to cloud storage are stored on our servers to provide the Service.
• AI inputs: Text prompts and other inputs you provide to AI features are transmitted to third-party AI providers (see Section 5) solely to generate the requested output. We do not retain your AI prompts beyond the immediate session.

We use collected data only to:

• Provide, maintain, and improve the Service.
• Process your purchases and manage your subscription.
• Send transactional emails (account confirmation, purchase receipts, password resets).
• Respond to support requests.
• Comply with legal obligations.

We do not sell your personal data to third parties. We do not use your data for advertising or behavioral profiling.

For users in the EU/EEA, we process personal data on the following legal bases:

• Contract performance: Processing necessary to provide the Service you signed up for.
• Legitimate interests: Improving and securing the Service.
• Legal obligation: Compliance with applicable laws.

We share limited data with the following trusted third-party processors solely to operate the Service. Each processor operates under its own privacy policy:

• Paddle — Payment processing and subscription management (Merchant of Record). Paddle processes billing information under their own privacy policy.
• OpenAI — AI text and image generation features. Your prompts may be sent to OpenAI's API for processing.
• Anthropic — AI assistant features. Your prompts may be sent to Anthropic's Claude API.
• Stability AI / Replicate — 3D and image generation AI features. Inputs may be processed by these providers.
• Cloud infrastructure providers — Servers and storage for hosting the platform and your files.

We do not share your data with any other third parties without your explicit consent, except where required by law.

We use only essential, functional cookies necessary to operate the Service (e.g., session authentication tokens). We do not use advertising cookies, tracking pixels, or third-party analytics cookies. You may disable cookies in your browser settings, but this may affect Service functionality.

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, unless we are required by law to retain it for a longer period (e.g., financial records required under Israeli tax law for 7 years).

We implement industry-standard technical and organizational measures to protect your data against unauthorized access, loss, or disclosure, including encrypted connections (HTTPS), hashed passwords, and access controls. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

Under Israeli law and, where applicable, GDPR, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data ("right to be forgotten"), subject to legal obligations.
• Portability: Request your data in a structured, machine-readable format (GDPR users).
• Objection: Object to processing based on legitimate interests (GDPR users).
• Withdrawal of consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at [CONTACT EMAIL]. We will respond within 30 days.

Our third-party AI providers (OpenAI, Anthropic, Stability AI) are based in the United States. When you use AI features, your inputs are transferred to and processed in the US. These transfers are conducted under the providers' standard contractual clauses or other applicable safeguards. By using AI features, you acknowledge this transfer.

We do not knowingly collect personal data from children in a manner that violates applicable law. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at [CONTACT EMAIL] and we will take steps to delete that data.

We may update this Privacy Policy periodically. We will notify you of material changes by posting a notice on the platform or by email. The date of the latest update is shown at the top of this page.