Last updated on August 2025
Creator Studio – The Creator Alliance Pty Ltd
Suite 302, 13/15 Wentworth Ave, Sydney NSW 2000
Email: admin@creatoralliancegroup.com
Introduction
Creator Studio is committed to respecting your privacy and only retaining personal data for as long as necessary. This Data Retention Policy explains what types of data we collect through our age restricted AI content platform and how long each type of data is stored before deletion. We adhere to the Australian Privacy Principles, APPs, under the Privacy Act 1988, Cth, and other international privacy laws, like the EU GDPR and California CCPA, which require that personal information is not kept longer than needed for its purpose. By using Creator Studio, you acknowledge that your data will be handled as described in this Policy. Our goal is to be transparent about our data practices, so you can understand exactly what happens to your information over time.
Definitions
For clarity, here are key definitions related to this document.
· Personal Information has the meaning given in the Privacy Act 1988 Cth and comparable laws
· Data Retention Period means the time a type of data is kept before deletion
· Usage Logs means system records such as login events, device information and error logs
· Moderation Record means a log of prompts, outputs and actions taken for compliance and safety
· Verification Record means our internal confirmation that age verification occurred
· Backup means encrypted disaster recovery copies that are overwritten on a routine cycle
Types of Data We Collect and Retain
We collect several categories of data in order to provide and improve the Creator Studio service. Below, we describe each type of data and our retention period or policy for that data.
Account Information
Account Information includes data you provide when registering and maintaining your account, such as your name, email address, username, password stored in hashed form, and any profile details. We retain your account information for as long as your account is active on Creator Studio. This allows us to manage your login credentials, preferences, and any content or purchases associated with your account.
If you update your account details, for example change your email address, we may retain records of the prior information for a short period, for instance to verify the change or for security audits, but we will not keep outdated information longer than necessary.
Inactive Accounts: If your account becomes completely inactive, no logins or activity, for an extended period, we may reach out to confirm if you want to retain your account. Should we decide to purge inactive accounts to conserve resources, we will provide notice via your registered email and give an opportunity to keep the account active. Otherwise, inactive accounts and their data may be deleted or anonymised after a prolonged period of inactivity, typically at least two years, in line with data minimisation best practices.
Age Verification Data
Because Creator Studio is an age restricted, 18 plus, platform, we collect verification data during sign up to confirm you are an adult. This may include details like your date of birth and the fact that a government ID or biometric check was performed.
We do not store the actual images of your ID or biometric data on our servers beyond the immediate verification process. Those sensitive details are handled by our trusted third party verification provider and are not kept by us after verification is completed.
What we do retain is a record that you were verified, for example a flag in your profile indicating age verified status, along with the date of verification and a reference ID or token from the verification service. We retain this as long as necessary to prove that we complied with age verification laws and so that you do not need to verify again for continued access. In practice, this means we will keep the verification status for the life of your account.
If you delete your account, we will delete the verification status record as well, except if needed to fulfil a legal obligation. For example, if required by law to maintain proof that we verified users, to demonstrate compliance in an audit, we may retain a minimal record, such as a verification log entry with no sensitive personal details, for the required duration and then delete it.
Usage Logs and Activity Data
Like most online services, Creator Studio automatically logs certain usage data when you interact with the platform. This includes information such as login timestamps, IP addresses and device information, actions taken in the app, for example model selections or settings changes, and error logs when something goes wrong.
We use these logs for security, for example monitoring login locations to detect suspicious access, for troubleshooting and improving our service, and to compile analytics about how users engage with Creator Studio.
Retention Period: Routine usage logs, such as server logs of page or API requests or login records, are generally retained for a limited period, typically twelve months, then automatically deleted or anonymised. This timeframe allows us to investigate incidents, like hacking attempts or user support issues, that might only become apparent some time after they occur, without retaining data indefinitely.
Some metadata may be retained longer if aggregated or used for analytical purposes, but in those cases it will not be identifiable to you personally. For instance, we might keep statistics on the number of active users per month or overall content generation counts for internal analysis, but those statistics contain no personal details.
If a particular log or record is identified as necessary for an ongoing investigation, legal matter, or enforcement of our Terms, for example an abuse report or security incident, we may retain that specific data until the issue is resolved, even if it would normally be deleted sooner under our standard schedule.
User Generated Content, Prompts and Outputs
Creator Studio enables you to generate content, such as AI generated images or text, based on prompts you provide. We treat the prompts you input and the outputs you generate as your data, while also enforcing content guidelines.
Prompts: Text prompts or descriptions you enter are processed by our system to generate content. We do not publish your prompts for others to see. Prompt data may be temporarily logged by our system for the purpose of content moderation and service improvement, for example to detect prohibited content or to analyse and enhance our AI models. These prompt logs are generally short term, and we do not store prompts long term in a way that is tied to your identity. If a prompt violates our guidelines, for example a disallowed request, it may be flagged and retained along with your account ID as part of a moderation record, see Moderation Records below.
Generated Outputs: The images, videos, or other media you generate are stored in your account, for example in your gallery or history, so that you can view or download them later. By default, your generated content remains available until you delete it or you delete your account. We do not impose an automatic expiration on content you create, except in two cases, one, if your subscription lapses or account is inactive for a very long time, we might remove stored content after notifying you, for example to free up storage space, especially for very old unaccessed files, and two, if any content is found to violate our Terms of Service, for example contraband content, we may remove it as part of enforcement.
We do not use your personal generated content, prompts or outputs, to train our AI models or for any external purposes without your permission. Any internal use of user generated data, such as reviewing outputs to improve an algorithm or to test the platform, is done in accordance with our Privacy Policy and usually on an anonymised basis. In general, unless a specific output or prompt is flagged for review, your creative content is only stored for your own use and is not actively analysed by us.
If you choose to delete a specific piece of generated content from your account, it will be permanently deleted from our active systems and no longer accessible. It may persist in our backups for a short period, see Data Deletion and Backup below, but will be overwritten in due course.
Purchase and Payment Records
When you subscribe or buy tokens, or make any payment through Creator Studio, we generate payment records. These include details like the date of purchase, what was bought, for example monthly subscription or a token package, the amount paid, and possibly limited payment method info, such as card type and the last four digits, though full payment details are handled by our payment processor and are not stored by us.
We retain purchase and transaction records for financial and legal compliance. This typically means we keep these records for at least seven years, as required under Australian tax law and accounting standards, and similar durations under other jurisdictions laws. Keeping these records is necessary for auditing, tax filings, and responding to any payment disputes.
Transaction records also help us provide customer support, for example confirming a purchase if you have an issue, and to enforce our terms, for example to verify that you have an active subscription or to investigate fraud.
Even if you delete your account, we may need to retain certain basic transaction records for the remainder of the required retention period. However, such data will no longer be linked to an active profile in our system, it will be stored securely and only used if needed for compliance, for example producing records for a financial audit.
Moderation and Compliance Records
To keep our platform safe and lawful, we maintain moderation records when necessary. If you or your content trigger a review, for example generating disallowed content or engaging in prohibited behaviour, we may document the event.
Moderation Logs: These can include the relevant prompt or output, a note of which rule was violated, actions taken, such as a warning or account suspension, and timestamps. We retain moderation logs for as long as needed to manage repeat offences and demonstrate enforcement of our Terms. If you were warned or temporarily suspended, we keep that record to escalate consequences for future violations if any. If your account was permanently banned, we retain the record for an extended period in order to prevent evasion and to maintain platform integrity.
Legal Compliance Data: If any content or user activity must be reported to law enforcement, for example evidence of criminal misuse, we will retain the relevant data as required by law. This may include preserving the content and user details involved, even after the account is terminated, to cooperate with investigations. We handle such data with strict confidentiality and security.
Dispute and Support Records: If you engage with our support team or if there is a dispute, such as a refund request or a claim about content ownership, we may keep those communications and related records as part of our administrative data. These records are kept as long as necessary to resolve the issue and for a period thereafter in case of follow up needs. For example, a support ticket about a technical issue might be retained for a year to help us track recurring problems or refer back if you contact us again about the same issue.
Data Deletion and Account Closure
We strongly believe in your right to delete your data when you choose. You have the option to delete individual pieces of content or your entire account.
Deleting Individual Content: As noted above, if you remove a generated image or other output from your account, it is immediately deleted from our active servers. The same goes for other deletable data like profile information, for instance you can edit or erase optional profile fields, and we will not retain the old data except as a short term backup.
Account Closure: If you decide to permanently delete your Creator Studio account, you can do so through the account settings or by contacting our support. Upon account deletion, we will initiate the removal of personal data associated with your account from our systems. This includes your profile info, saved outputs, prompts history, and any other personally identifying data tied to you.
We endeavour to complete such deletions promptly, generally within thirty days of confirmation of your request, barring any technical delays or legal constraints.
Retention of Necessary Records: Even after account deletion, we will retain certain information only if required by law or for legitimate business obligations. As mentioned, this could include keeping financial transaction records for the mandated period, retaining a log that an account was verified, without sensitive personal details, if needed for regulatory compliance, or keeping a record of a user who was banned for serious misconduct, to prevent evasion. Any retained data will not be used for any new purposes, it will be isolated and secured strictly for compliance, legal defence, or audit purposes, then erased once no longer legally required.
Backups: Like many services, we perform routine data backups to prevent data loss in case of system failures. When you delete data, individual content or your whole account, that data is removed from our live databases, but it might still exist in encrypted backup files for a limited time. We do not use backups to restore deleted personal data except in disaster recovery scenarios. Backup files are cycled and overwritten periodically, so any deleted user data will naturally expire from backups after a retention period, typically within thirty to sixty days. All our backups are securely stored and protected.
After deletion, if you contact us to confirm removal, we can verify whether your personal data has been expunged from active systems. We may not be able to reference specific deleted content, because it no longer exists in our accessible records, but we can confirm that the deletion process was completed for your account.
Compliance with Privacy Laws and User Rights
Creator Studio adheres to the Australian Privacy Principles and other global privacy regulations, meaning we follow core principles like data minimisation, purpose limitation, and security safeguards. One key principle is that we do not keep personal data longer than necessary. Our retention practices are designed to meet this requirement.
Your Rights: Depending on your jurisdiction, you have rights to control your personal data. These may include
· The right to access your data, you can request a copy of personal information we hold about you
· The right to correction, you can have us update or correct inaccurate information
· The right to deletion, also known as the right to be forgotten. As described, you can ask us to delete your personal data. We will honour such requests to the extent required by law and consistent with this policy. If we must retain certain data, for example for legal compliance, we will inform you
· The right to object or restrict processing of your data in certain cases
· The right to data portability, and other rights available under applicable law
We handle all such requests in accordance with applicable laws. To exercise any of these rights, you can contact us at our support email, admin@creatoralliancegroup.com, or through the app privacy settings if available. We may need to verify your identity for security before fulfilling certain requests.
Please note, if you request deletion of certain critical data, we might no longer be able to provide you with the service. For example, if you ask us to delete the record that proves you are age verified, we cannot lawfully allow you to use the 18 plus service anymore, and so your account would be closed as part of fulfilling your request. We will communicate with you about any such implications before completing the deletion.
International Transfers: If applicable, we store and process data in Australia and possibly other countries through cloud providers. However, regardless of where data is stored, our retention and deletion practices remain consistent with this policy and protective of your privacy. For users in regions like the EU, if personal data is transferred outside your region, we ensure adequate safeguards are in place. Retention periods do not change based on storage location.
FAQ, Data Retention and Deletion
Q: How long will you keep my personal information if I use Creator Studio regularly
A: We will keep your account data and usage data for as long as your account remains active. We do not set a specific expiration for active user data because we need it to provide the service to you continuously. If you continue to use Creator Studio, your profile, content, and logs will be maintained according to the schedules above, some data like login logs rotates every twelve months, while your stored creations stay until you remove them. We periodically review our data holdings, so if something is no longer needed, we will dispose of it even if you have an active account.
Q: What happens when I delete my account
A: When you delete your account, we delete or anonymise personal data associated with it. Your login info, profile, and any private content, prompts and saved outputs, will be removed from our live systems. Some data will be kept if required by law, for example records of purchases to comply with financial laws, or a note that a verified account existed for regulatory audits. However, this retained data is no longer linked to an active user profile and will not be used for any purpose other than legal compliance. After the necessary retention time passes, that data will be erased as well. Essentially, deleting your account triggers a cleanup of your personal data, with only minimal fragments kept temporarily if absolutely needed for legal reasons.
Q: Can I ask you to delete specific data without deleting my whole account
A: Yes. You have control over certain data directly, for example you can delete images you have generated, or clear fields in your profile. For data that is not self serve, you can send us a request. If you want us to delete specific information, like a particular prompt history or a support chat record, we will do so unless that data must be retained by us. Keep in mind, if the data is fundamental to providing the service or verifying you, like your age verification record, we might have to treat that as an account deletion request because we cannot operate your account without it. We will let you know and confirm how you want to proceed in such cases.
Q: Do you ever automatically delete my data
A: We might. For example, we might purge old server logs after twelve months automatically. We might also delete or anonymise some data if it is no longer needed, for instance if we collected a piece of information for a one time purpose and that purpose is complete, we remove it. Additionally, if accounts are completely inactive for a very long time, and we cannot reach the user, we might choose to delete those accounts and their data to reduce storage of obsolete information. We would attempt to notify before deleting an account for inactivity. Automatic clean ups are part of good data hygiene and compliance, and they help protect your privacy by ensuring we do not keep things indefinitely without reason.
Q: How can I be sure my data is really gone after deletion
A: We have processes in place to permanently erase or anonymise data upon deletion requests or account closures. Once we have confirmed your data is deleted from live systems, it may still reside in encrypted backup files for a short duration, but those backups cycle out. We do not use those backups for anything except disaster recovery, and they are protected. If you would like confirmation, you can contact us after deletion. We can confirm that your account was deleted and that any retained items are solely for legal compliance. We take deletion requests seriously, and our team logs and verifies data removals. In the unlikely event that something was missed, we will promptly address it if you bring it to our attention.
Q: Do you comply with GDPR data retention requirements and other laws
A: Yes. We have designed our data retention policy to meet the requirements of GDPR, which mandates that personal data not be stored longer than necessary for the purposes collected, and similar laws. We limit retention to what is needed for our service and legal obligations. We also enable users to exercise their rights, like deletion and access. Australian Privacy Principle 11 requires us to destroy or de identify personal information we no longer need. We regularly review the data we hold and ensure it is either still in use for a valid purpose or securely disposed of. If you are a user in the EU, UK, US, or anywhere else, know that we aim to uphold the spirit of these regulations by giving you control and by not retaining your data arbitrarily.
If you have any further questions about our data retention practices or privacy measures, please refer to our full Privacy Policy or contact us at admin@creatoralliancegroup.com. We value your trust and are happy to explain how we handle your data to keep you informed and confident in using Creator Studio.