Skip to policy
StencilMaker.
Legal Privacy

Privacy
Policy.

We respect your privacy and collect only what we need to run the App.

Last updated
June 9, 2026
Version
2026.06.09
Status
Counsel-approved
01

What we collect

Account data
Email, display name, and avatar from your chosen sign-in provider — Apple, Google, Meta / Instagram, or an email magic-link.
Uploads
Photos you submit for stencil generation. On the Free tier these are processed and not retained beyond generation. Premium uploads are persisted to your cloud gallery.
Usage telemetry
Crash reports via Sentry and product analytics via PostHog. Identifiers are pseudonymous where technically feasible.
Device identifiers
A hashed device fingerprint, used solely to deter multi-account abuse.
Website analytics
This marketing website uses Cloudflare Web Analytics, which is cookieless — no tracking cookies are set, so no cookie-consent banner is shown.
02

AI & third-party generative processing

Disclosure & consent

When you upload a reference image and select a style to generate a stencil, your image is transmitted to xAI (Grok), our primary third-party generative AI provider, and may be sent to Google Gemini via Vercel AI Gateway as a fallback. These providers are located in the United States.

By uploading an image and initiating generation you explicitly consent to this limited sharing and processing solely for the purpose of creating the black-line stencil. The image is not retained by these AI providers after the request completes, is never used to train models, and is never shared with any other party.

This disclosure and consent mechanism satisfies App Store Review Guideline 5.1.2(i) and Google Play AI-Generated Content policy requirements for apps that use generative AI.

03

What we don’t do

  • No data sales

    We do not sell personal data.

  • No model training

    We do not train AI models on your uploads.

  • No ad tracking

    We do not run ad tracking or build advertising profiles.

04

Third-party processors

We share data with a small set of vetted processors strictly to operate the App. Every processor below operates in the United States.

  • Supabase

    Authentication, storage, database

    United States

  • xAI

    Primary stencil generation

    United States

  • Vercel AI Gateway / Google Gemini

    Fallback stencil generation

    United States

  • Sentry

    Crash reporting

    United States

  • PostHog

    Product analytics

    United States

  • Customer.io

    Transactional and lifecycle messaging

    United States

  • RevenueCat

    Subscription lifecycle

    United States

  • Coinbase

    USDC payments via Coinbase Developer Platform / Coinbase Business

    United States

  • Cloudflare

    Hosting, CDN, cookieless web analytics, and bot protection (Turnstile)

    United States

  • Resend

    Transactional email for lead and application notifications

    United States

05

Your rights

You can delete your account at any time from Settings.

To request a copy of your data, email privacy@thestencilmaker.com — we respond within 30 days.

A delete cascades across everything tied to your account:

  • uploads
  • generations
  • device records
  • payment event records
  • linked OAuth identities
06

Data retention

Free-tier stencils
Purged 24 hours after generation.
24 hours
Premium stencils
Retained until you choose to delete them.
Until deleted
Account metadata
Retained for the lifetime of your account.
Account lifetime
Billing records
Retained by our payment processors under their own legal obligations; our internal copies are deleted with your account.
Processor-held
07

Contact

Questions about your data?

Reach our privacy team directly. We answer every request.

privacy@thestencilmaker.com