Privacy Policy

At Rasmi, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our AI-powered professional headshot generation service. By using Rasmi, you agree to the collection and use of information in accordance with this policy. We are committed to protecting your data and ensuring transparency in how we handle your information.

We collect the following types of information: Personal Information: • Email address (required for account creation and delivery) • Phone number (optional, for WhatsApp notifications) • Name (as provided during registration) Photographic Data: • Photos you upload to our service • Metadata associated with uploaded photos (file type, size, upload date) Usage Data: • Browser type and version • Device information • IP address • Pages visited and features used • Time and date of visits • Selected package and style preferences Payment Information: • Payment details are processed by secure third-party payment processors • We do not store full credit card information on our servers • We retain transaction records for accounting purposes

We use your information for the following purposes: Service Delivery: • Process your photos using our AI technology • Generate professional headshots according to your preferences • Deliver completed images to your email address • Send notifications about order status and completion Communication: • Respond to your inquiries and support requests • Send service updates and important announcements • Provide customer support • Send optional WhatsApp notifications (if phone number provided) Service Improvement: • Analyze usage patterns to improve our AI algorithms • Enhance user experience and service quality • Develop new features and styles • Conduct research and analysis Marketing (with consent): • Send promotional offers and updates about new features • Share company news and announcements • You can opt out of marketing communications at any time Legal Compliance: • Comply with legal obligations and regulations • Prevent fraud and abuse • Protect our rights and property • Resolve disputes

We implement industry-standard security measures to protect your data: Storage: • Your photos are stored on secure cloud servers with encryption • Generated images are retained for 90 days after delivery • Original uploaded photos are retained for 30 days for reprocessing requests • Personal information is stored in encrypted databases Security Measures: • 256-bit SSL encryption for data transmission • Encrypted storage for photos and personal information • Regular security audits and updates • Access controls limiting who can view your data • Secure backup systems • Firewall protection and intrusion detection Data Location: • Data is primarily stored on servers located in secure data centers • We use reputable cloud service providers with strong security practices While we implement robust security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but continuously work to protect your data.

We do not sell your personal information to third parties. We may share your data only in the following circumstances: Service Providers: • AI processing partners (for photo enhancement) • Email service providers (for delivery) • Payment processors (for transaction processing) • Cloud storage providers (for secure data storage) • WhatsApp Business API (if you opt in for notifications) All third-party service providers are bound by confidentiality agreements and are only authorized to use your data for specified purposes. Legal Requirements: • When required by law, regulation, or legal process • To protect our rights, property, or safety • To prevent fraud or security threats • In connection with legal proceedings Business Transfers: • In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner • You will be notified of any such change Anonymous Portfolio Use: • We may use generated images (without identifying information) in our portfolio and marketing materials • Your personal information and original photos are never shared publicly

You have the following rights regarding your personal information: Access and Portability: • Request a copy of all personal data we hold about you • Receive your data in a structured, machine-readable format • Transfer your data to another service provider Correction: • Update or correct inaccurate personal information • Modify your email address or phone number Deletion: • Request deletion of your personal data and uploaded photos • Note: Some information may be retained for legal or accounting purposes • Deletion requests are processed within 30 days Restriction: • Request that we limit how we use your data • Opt out of marketing communications • Disable certain data processing activities Objection: • Object to processing of your data for certain purposes • Withdraw consent for optional data uses To exercise any of these rights, please contact us at privacy@rasmi.com. We will respond to your request within 30 days.

We retain your information for the following periods: Original Photos: • Stored for 30 days after initial processing • Available for reprocessing requests during this period • Automatically deleted after 30 days unless you request earlier deletion Generated Images: • Stored for 90 days after delivery • Accessible for re-download during this period • You can request deletion at any time Personal Information: • Retained while you have an active account • Kept for up to 1 year after last service use for customer support • Deleted upon your request or after retention period expires Transaction Records: • Retained for 7 years for accounting and legal compliance • Contains payment information but not full card details Marketing Data: • Retained until you opt out or request deletion • Automatically removed if you unsubscribe from communications

We take the security of your data seriously and implement multiple layers of protection: Technical Security: • End-to-end encryption for photo uploads • Encrypted storage for all sensitive data • Regular security updates and patches • Automated threat detection and response • Secure API connections • DDoS protection Organizational Security: • Limited employee access to personal data • Background checks for staff with data access • Regular security training for employees • Strict data handling policies and procedures • Incident response plan • Regular security audits Physical Security: • Secure data center facilities • 24/7 monitoring and surveillance • Restricted physical access to servers If a data breach occurs, we will notify affected users within 72 hours and take immediate action to secure the data and prevent further unauthorized access.

We use cookies and similar tracking technologies to enhance your experience: Types of Cookies: • Essential Cookies: Required for the website to function properly • Preference Cookies: Remember your settings and preferences • Analytics Cookies: Help us understand how you use our service • Marketing Cookies: Used to show relevant advertisements (with consent) What We Track: • Pages visited and features used • Time spent on our website • Click patterns and navigation flow • Device and browser information • Session information Managing Cookies: • You can control cookies through your browser settings • Disabling certain cookies may limit functionality • We respect 'Do Not Track' browser settings where applicable Third-Party Cookies: • Google Analytics (for usage statistics) • Payment processor cookies (for transaction processing) • Social media plugins (if you interact with them) For more information about cookies and how to manage them, please refer to your browser's help section.

Our service integrates with the following third-party providers: AI Processing: • We use advanced AI models for photo enhancement • Photos are processed on secure cloud infrastructure • Third-party AI providers are GDPR compliant Email Services: • Transactional emails are sent via reliable email service providers • Your email address is only used for service-related communications • You can opt out of marketing emails at any time Payment Processing: • Payments are processed through secure, PCI-DSS compliant gateways • We do not store full payment card details • Transaction records are encrypted and secure Cloud Storage: • Photos and data are stored on enterprise-grade cloud infrastructure • Providers meet international security and privacy standards Analytics: • Google Analytics for usage statistics (anonymized data) • Helps us understand user behavior and improve service These third parties have their own privacy policies, and we encourage you to review them. We only work with providers that maintain high privacy and security standards.

Rasmi is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. For photos of minors: • Parental consent is required before uploading photos of minors • The person uploading must have parental authority • We reserve the right to refuse service for photos of minors • Violation of this policy may result in account termination If we discover that we have collected information from a child under 18 without proper parental consent, we will delete that information immediately.

We may update this Privacy Policy from time to time to reflect: • Changes in our practices • Legal or regulatory requirements • New features or services • User feedback and industry standards Notification of Changes: • We will notify you of significant changes via email • Updated policy will be posted on our website • 'Last Updated' date will be modified • Continued use of service indicates acceptance of changes Material Changes: • For significant changes affecting your rights, we will seek your explicit consent • You will have the option to accept new terms or discontinue service • Previous versions of the policy will be archived for reference We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: Email: privacy@rasmi.com Support: support@rasmi.com Website: www.rasmi.com Data Protection Officer: For specific privacy concerns or to exercise your data rights, you can contact our Data Protection Officer at: dpo@rasmi.com Response Time: We aim to respond to all privacy-related inquiries within 24 hours during business days. Complex requests may take up to 30 days to process. Complaints: If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.