← Back to Home

Legal

Privacy Policy

How Aslax collects, stores, and routes personal data, including AI request data.

Last updated: May 2, 2026

1. Who We Are

Aslax, LLC operates Aslax and acts as the controller for personal data processed through the public website, account system, billing flows, and product features described on this page.

For privacy or data-rights requests, contact aslan@aslax.eu.

Aslax has not appointed a Data Protection Officer or GDPR Article 27 EU representative as of the last-updated date. Because Aslax is a U.S. company using an EU-facing domain and EUR pricing, Article 27 applicability requires legal review before full EU-targeted launch or expanded EU marketing. If a representative is required or appointed, this page must be updated with the representative details before that processing begins.

2. Data We Collect

We collect the categories of data needed to provide the service, secure accounts, run billing, and respond to support or legal issues.

  • Account data: name, email address, login identifiers, authentication events, account settings
  • Compliance data: email-verification status, consent status for high-risk features, fraud or abuse review signals, and moderation-related records
  • Consent records: user ID, timestamp, policy version, consent text version, feature, asset or generation identifiers, IP address where appropriate, and related audit metadata
  • Billing data: plan, subscription status, invoices, payment metadata, anti-fraud results, limited tax and checkout information
  • AI request data: prompts, uploaded files, generation settings, reference media, generated outputs, and related project history
  • Community data: posts, comments, reactions, moderation status, and related activity
  • Support and communications: emails, support tickets, complaints, and related attachments or references
  • Usage and technical data: IP address, browser, operating system, device identifiers, logs, diagnostics, security events, and abuse-prevention signals

3. How We Use Data

We use personal data to create and manage accounts, fulfill AI and software requests, deliver files and outputs, process billing, prevent abuse, maintain product reliability, answer support requests, and meet legal obligations.

Aslax sells access to its own software service. Aslax does not operate a marketplace, does not facilitate peer-to-peer payments, and does not process payments on behalf of third-party sellers.

If you use features involving faces, voices, likenesses, or other sensitive media, you are responsible for having the permissions, notices, and consents required by applicable law.

We may use verification state, consent acceptance, device or network risk signals, and moderation outcomes to gate sensitive features, investigate abuse, and document policy decisions.

Community posts are private until approved. Approved posts may be visible to other users and visitors.

4. Legal Bases for Processing

Depending on the context, we process personal data because it is necessary to provide the service you request, comply with legal obligations, protect legitimate business and security interests, or because you gave consent where consent is required.

  • Contract: account creation, sign-in, generation requests, file delivery, subscriptions, billing administration, and support tied to the service
  • Legitimate interests: service security, abuse prevention, fraud review, logging, troubleshooting, product reliability, and defending legal claims
  • Legal obligations: tax, accounting, sanctions, law-enforcement response, and recordkeeping duties
  • Consent: optional analytics and any other processing we clearly present as consent-based

5. AI Processing, Model Providers, and Training

When you use AI features, we may send prompts, uploaded files, generation settings, and related technical metadata to selected model or infrastructure vendors to fulfill your request.

Depending on provider and plan, those vendors may retain and use content to operate, secure, or improve their services, including model improvement or safety analysis.

Aslax may use limited content metadata to monitor quality, prevent abuse, and comply with legal obligations.

If you require providers that do not train on your content, contact support@aslax.eu before submitting sensitive materials. Availability of opt-out or enterprise terms varies by provider.

Authorized personnel may access limited account or content data when needed for support, security review, abuse prevention, billing disputes, moderation, or legal compliance.

6. Cookies and Optional Analytics

We use essential cookies and local storage for authentication, security, language, and product settings.

Optional analytics run only if the visitor accepts optional analytics through the available consent controls.

See the Cookie Notice for more detail about storage categories, consent controls, and how to change your choice later.

7. Face, Voice, Likeness, and Consent Records

Some AI media features may process faces, voices, likenesses, or reference media to fulfill a user request. These features are intended only for content the user owns or is explicitly authorized to process.

We may store consent attestations and moderation records to document that the user confirmed permission, to enforce the Acceptable Use Policy, and to respond to abuse, takedown, payment-provider, or legal inquiries.

We do not permit biometric identification, face recognition, sensitive trait inference, or automated categorization of people through the service.

If Illinois or similar biometric privacy laws apply, we require written consent before processing biometric identifiers or voice/face data and we may request evidence of consent.

We do not sell biometric identifiers and do not use them for advertising.

8. Payments, Billing, and Fraud Checks

Payments are processed by the active checkout and billing providers. We receive payment status, invoice and receipt data, billing metadata, limited anti-fraud results, and other information needed to complete transactions and manage subscriptions.

We do not receive full card numbers. Card collection and payment authorization are handled by the payment provider.

We may review transaction, device, and account signals to detect fraud, chargeback abuse, sanctions issues, restricted-business activity, and other policy or compliance risks.

9. Recipients and Service Provider Categories

The service relies on third-party recipients that process personal data on our behalf or as independent service providers to deliver hosting, storage, billing, communications, analytics, and AI request execution.

We keep an internal record of the providers used for these functions. Where applicable, we may provide more specific recipient information in response to valid privacy requests.

  • Hosting, infrastructure, database, storage, and email-delivery providers that support account operations, files, and service availability
  • Authentication and identity providers that handle sign-in, email verification, and fraud checks
  • Payment processors and billing providers used for checkout, subscriptions, invoices, receipts, tax handling, and payment-risk checks
  • AI model, cloud, and media-processing providers used to execute prompts, uploads, generation requests, transformations, and output delivery
  • Analytics and measurement providers, but only where optional analytics have been accepted
  • Professional advisers, auditors, authorities, acquirers, or counterparties where disclosure is needed for legal, security, transaction, or compliance purposes

10. International Transfers

Some recipients process data in the United States or other countries outside your own. Depending on the recipient and destination, transfers may rely on an adequacy decision, contractual safeguards such as Standard Contractual Clauses, or another lawful transfer mechanism.

You can contact us if you need more information about the transfer safeguards relevant to your data.

11. Data Retention

We keep account, billing, support, security, and project data for as long as needed to provide the service, maintain records, investigate abuse or disputes, and meet legal obligations.

The table below shows our typical retention approach. Where a longer period is required for a dispute, legal hold, payment review, or security incident, we may retain the relevant record for longer.

Approved community posts may remain visible to other users until removed or moderated; you can request removal through support or moderation.

Moderation, complaints, fraud-review, and consent-verification records may be retained for longer where needed to enforce our policies, respond to disputes, or satisfy legal, payment-provider, or security requirements.

You can request deletion of account content or generated media through support, account controls where available, /report-abuse, or /takedown when the request involves rights, safety, or non-consensual media concerns.

Data categoryTypical retentionCriteria / trigger
Account dataWhile the account is active plus a short cleanup windowService delivery, security, and account recovery
Prompts / uploadsUntil you delete them or the account is removedDelivery of AI features and user-managed retention
OutputsUntil deleted or removed under the service settingsCustomer access, downloads, and moderation review
BillingAt least the legal accounting periodTax, invoicing, chargebacks, and payment disputes
LogsShort operational window, then aggregated or deletedSecurity, abuse detection, debugging, and incident review
Consent recordsFor the life of the policy plus any legal holdProof of consent for optional analytics or sensitive media features
Moderation recordsLonger where needed for safety or legal defenseAbuse review, takedowns, and enforcement history
Support ticketsUntil resolved plus a reasonable archive windowCustomer support, complaints, and follow-up
BackupsRotating backup cycles onlyDisaster recovery and restoration testing

12. Your Rights

Depending on your location, you may have rights to request access, correction, deletion, restriction, objection, export, or withdrawal of consent for processing that relies on consent.

To exercise applicable rights, contact aslan@aslax.eu. You may also have the right to complain to your local supervisory authority.

13. Security

We use administrative, technical, and organizational measures designed to protect accounts, billing flows, and stored data. These measures include access controls, encrypted transport, service monitoring, and provider security features appropriate to the service.

Children and Age Restrictions

The service is not intended for anyone under 18 years of age. Users under 18 may not create an account, purchase credits, subscribe, upload content, or use the service.

We do not knowingly collect personal information from children in a manner prohibited by applicable law. If you are a parent or guardian and believe that a child has provided personal information to Aslax without required consent, contact us at aslan@aslax.eu or support@aslax.eu.

If we learn that we have collected personal information from a child without required parental or guardian consent where required by law, we will take steps required by applicable law. Those steps may include deleting the information, disabling the account, restricting access, or preserving limited records where necessary for safety, security, fraud prevention, legal compliance, or dispute handling.

Do Not Submit Sensitive Information

Do not submit confidential information, government identifiers, health information, financial account credentials, trade secrets, unlicensed proprietary material, or biometric information unless the specific feature clearly permits it and you have all required rights, consents, and legal authority.

Aslax is not designed for medical, legal, financial, employment, housing, insurance, migration, or other high-risk decisions.

Account and Content Deletion

Users may request account closure or deletion of account content by contacting support. Deleted content may not be immediately removed from backups, logs, fraud-prevention records, billing records, legal archives, or security systems.

We may retain limited records where reasonably necessary for legal compliance, tax or accounting obligations, dispute resolution, fraud prevention, chargeback handling, safety enforcement, abuse investigations, or security purposes.

Third-Party Login and Connected Accounts

If you sign in or connect Aslax using a third-party service such as Google, we may receive account information made available by that provider, such as your name, email address, profile image, account identifier, and authentication status.

Our use of information received from third-party authentication providers is limited to account access, security, authentication, support, and service operation, unless otherwise disclosed.

API, Automation, and Technical Limits

Aslax may apply limits to API calls, job concurrency, file size, processing time, credit usage, storage, rate limits, and other technical usage. We may modify limits to protect service reliability, prevent abuse, manage model-provider capacity, or comply with security and payment-provider requirements.

Users may not scrape, overload, bypass limits, reverse engineer, resell access, or use automation to abuse the service.

Service Interruptions and Provider Availability

Aslax may rely on third-party infrastructure, model providers, hosting providers, billing providers, and network services. We are not responsible for delays, interruptions, failed generations, degraded quality, or unavailability caused by events outside our reasonable control.

Examples include internet outages, model-provider downtime, cyberattacks, maintenance, sanctions or payment-provider restrictions, legal requirements, or infrastructure failures.

14. Policy Updates

We may update this policy for legal, technical, product, or operational reasons. Material changes will be reflected here with an updated effective date.

15. Contact

Aslax, LLC

Website: https://aslax.eu

Address: 1111B S Governors Ave, Suite 52762, Dover, DE 19904, United States

Phone: (302) 546-5151

Support: support@aslax.eu

Privacy / legal: aslan@aslax.eu

Model + Beta Notices

Some features rely on third-party AI providers and additional policies.

  • Third-party providers may apply their own terms and safety policies in addition to ours.
  • Some requests may be routed through Replicate, fal.ai, Google Vertex AI / Gemini, Kling, Seedance, or similar providers depending on the selected model, feature, request type, availability, and performance.
  • ASLAX is an independent product and custom software interface. It is not affiliated with, sponsored by, or endorsed by these providers or model creators. Model and provider names identify available integrations only.
  • If users connect their own API keys, they are responsible for billing, rate limits, and compliance tied to those keys.
  • Image and Video Beta features are governed by our Beta Terms.

AI Processing and Third-Party Model Providers

ASLAX provides AI-powered generation and editing features for images, video, audio, text, and related media. Some requests may be processed using third-party AI infrastructure or model providers, such as Replicate, fal.ai, Google Vertex AI / Gemini, Kling, Seedance, or similar providers, depending on the selected model, feature, request type, availability, and performance.

ASLAX is an independent product and custom software interface. ASLAX is not affiliated with, sponsored by, or endorsed by these providers or model creators. Model and provider names are used only to identify available integrations.

When users use these features, ASLAX may send the data necessary to process the request to these providers. This may include prompts, uploaded files, reference images, generation settings, and resulting outputs.

ASLAX does not send full payment card details to AI model providers. Payments are processed separately by the payment provider, such as Stripe or another payment processor.

Available models and providers may change over time. ASLAX may add, remove, or replace providers to improve quality, speed, reliability, availability, safety, or security.