Privacy Policy
Last modified: 01 March 2025
Thank you for your interest in Yiyo Studio ("Yiyo Studio", "we", "our" or "us"). Yiyo Studio provides AI-powered media generation services. Some features rely on third-party artificial intelligence models that operate independently under their own terms and technical limitations. This Privacy Policy explains how we collect, use, store, and share information that identifies you or can reasonably be linked to you ("personal data") in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable German and EU data-protection laws. This policy applies to our website https://yiyo.studio (the "Site") and all related services (the "Service").
1. Data Controller
The data controller responsible for processing your personal data is: Yiyo Studio Email: privacy@yiyo.studio (Additional legal details such as address may be added once the company entity is finalized.)
2. Personal Data We Collect
2.1 Personal Data You Provide Directly We collect personal data that you voluntarily provide when using the Service, including: (a) Contact Information • First name • Last name • Email address 2.2 User-Uploaded Media Certain features allow you to upload images or other visual materials to generate AI-based images or short videos (up to 8 seconds). • Uploaded media is stored securely for a maximum of two (2) weeks, after which it is automatically deleted. • Uploaded content is used solely to provide the requested Service. • Uploaded media is not used to train proprietary AI models. • Responsibility for the legality of uploaded content (including intellectual property and personal rights) remains with the user.
3. Purposes and Legal Bases for Processing
We process personal data only where permitted under Article 6 GDPR. Account creation and authentication — Performance of a contract Access to and operation of the Service — Performance of a contract Customer support and communications — Legitimate interests Responding to inquiries and complaints — Legitimate interests Marketing communications — Consent Compliance with legal obligations — Legal obligation
4. Marketing Communications
We will send marketing communications only if you have given explicit consent. You may withdraw your consent at any time by using the unsubscribe link or contacting us. Withdrawal of consent does not affect the lawfulness of processing before withdrawal.
5. Data Retention
We retain personal data only for as long as necessary: • Account data: for the duration of the user account and as required by law. • Uploaded media: automatically deleted after two (2) weeks. • Marketing data: until consent is withdrawn.
6. Data Sharing and Processors
We do not sell personal data. We may share personal data with trusted processors strictly necessary to operate the Service, such as: • Hosting and infrastructure providers • Authentication and database services • Payment processors (where applicable) • AI service providers for content generation All processors are bound by data-processing agreements (Art. 28 GDPR).
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, including: • EU Standard Contractual Clauses (SCCs) • Adequacy decisions by the European Commission • Equivalent lawful transfer mechanisms
8. Your Rights Under GDPR
You have the following rights under Articles 15–22 GDPR: • Right of access • Right to rectification • Right to erasure ("right to be forgotten") • Right to restriction of processing • Right to data portability • Right to object to processing • Right to withdraw consent at any time To exercise your rights, contact us at privacy@yiyo.studio
9. Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State of your habitual residence or place of work. In Germany, this includes your local Datenschutzbehörde.
10. Security Measures
We implement appropriate technical and organizational measures to protect personal data, including: • Encryption in transit and at rest • Access control and authentication • Secure hosting infrastructure However, no system is completely secure, and we cannot guarantee absolute security.
11. Children's Data
The Service is not intended for children under 16 years of age, and we do not knowingly collect personal data from minors.
12. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on the Site, with the "Last modified" date updated accordingly.
13. Contact
For privacy-related questions or requests: privacy@yiyo.studio
13. Contact
privacy@yiyo.studio