FCS Studio ("we," "us," or "our") operates the Own.it service (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard personal information of users in the European Economic Area (EEA), the United Kingdom, the United States, and other regions, in accordance with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA), and other applicable laws.
Quick summary: Your photos stay on your device. They are sent to our AI processing servers
only at the moment you request image generation, and are deleted immediately after processing. We never store your photos on our servers unless you explicitly choose to share them, and we never use your photos to train AI models, advertise, or market. We don't sell your personal information, and you have the right to access, correct, delete, or restrict the use of your data. Contact
[email protected] to exercise your rights.
How We Handle Your Photos (Key Points)
- On-device storage by default: Photos you upload or capture, and the generated results, are stored locally on your device. They are not uploaded to or retained on FCS Studio servers.
- Transient processing only: When you request image generation (e.g., virtual try-on or style analysis), the relevant photo is transmitted to our AI processing provider only for the duration needed to produce the result, and is deleted immediately afterward.
- You control sharing: Your photos leave your device for purposes other than image generation only if you choose to share or post them.
- No AI training: We do not use your photos to train, fine-tune, or improve AI models, and we contractually require our AI processing providers to do the same.
- No marketing use: We never use your photos for advertising or marketing.
1. Data Controller
The data controller responsible for your personal information is:
For users in the EEA or UK, you may also contact us at the email above regarding any matters related to GDPR compliance.
2. Information We Collect
2.1 Information you provide
- Photos and content (stored on your device): images you upload or capture, generated result images, and your in-app preferences are stored locally on your device. FCS Studio does not retain copies of these on its servers.
- Photos sent for image generation (transient): when you trigger an image generation request, the relevant photo and options are transmitted to our AI processing provider strictly for the time needed to produce the result, and deleted immediately after processing.
- Communications: email address and message content when you contact us for support or feedback.
2.2 Information collected automatically
- Device and log data: IP address, browser type and version, operating system, device identifiers, referring URLs, pages viewed, and timestamps.
- Cookies and similar technologies: see Section 9 for details.
- Analytics data: aggregated usage statistics through privacy-respecting analytics tools.
2.3 Information we do NOT collect
- We do not require account registration and do not collect names, phone numbers, government IDs, or payment information.
- We do not knowingly collect personal information from children under 16 (or under 13 in the United States). See Section 11.
3. How We Use Your Information
We use personal information for the following purposes:
| Purpose | Legal basis (GDPR) |
|---|
| Providing the Service and processing your inputs to generate results | Performance of a contract (Art. 6(1)(b)) |
| Responding to support requests and inquiries | Legitimate interests (Art. 6(1)(f)) |
| Maintaining security, preventing fraud and abuse | Legitimate interests (Art. 6(1)(f)) |
| Analyzing aggregated usage to improve the Service | Legitimate interests (Art. 6(1)(f)) |
| Complying with legal obligations | Legal obligation (Art. 6(1)(c)) |
| Optional analytics or marketing cookies | Consent (Art. 6(1)(a)) |
4. How We Share Information
We do not sell your personal information. We share information only with the following categories of recipients:
- Service providers (processors): hosting and CDN providers (e.g., Cloudflare, Inc.), AI model providers that process your photos only at the moment of an image generation request, and analytics providers. These parties act on our instructions under written data processing agreements and are contractually prohibited from using your photos to train AI models or for any purpose beyond delivering the requested result.
- Legal and safety: when required by law, regulation, court order, or to protect the rights, property, and safety of FCS Studio, our users, or the public.
- Business transfers: in connection with a merger, acquisition, or sale of assets, subject to standard confidentiality obligations.
"Sale" and "sharing" under U.S. law: We do not sell or share personal information as those terms are defined under the CCPA/CPRA, and we have not done so in the preceding 12 months. We do not process sensitive personal information for the purpose of inferring characteristics about consumers.
5. International Data Transfers
FCS Studio is based in the Republic of Korea, and our service providers may process your information in the United States, the European Union, and other countries. When we transfer personal information out of the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum. You may request a copy of these safeguards by contacting us.
6. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes set out in this Policy:
- Photos and generated images: stored only on your device. You can delete them at any time by removing them in-app or uninstalling the app. FCS Studio does not retain copies on its servers.
- Photos transmitted for image generation: deleted from our AI processing provider's systems immediately after the result is produced; not retained for any other purpose.
- Support communications: up to 12 months after the inquiry is resolved.
- Server and access logs: typically up to 90 days, unless a longer period is required for security or legal reasons.
- Aggregated and anonymized data: may be kept indefinitely as it no longer identifies you.
7. Your Rights (EEA, UK, and Other Regions)
If you are located in the EEA, UK, or Switzerland, you have the following rights under GDPR:
- Right of access: request confirmation of whether we process your personal data and obtain a copy.
- Right to rectification: ask us to correct inaccurate or incomplete data.
- Right to erasure ("right to be forgotten"): request deletion of your personal data.
- Right to restriction: ask us to restrict processing in certain circumstances.
- Right to data portability: receive your data in a structured, commonly used, machine-readable format.
- Right to object: object to processing based on legitimate interests.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
- Right to lodge a complaint: with your local supervisory authority. A list of EU authorities is available at edpb.europa.eu.
To exercise any of these rights, email [email protected]. We will respond within 30 days.
8. Your Rights (California and Other U.S. States)
If you are a California resident, the CCPA/CPRA grants you the following rights:
- Right to know: request the categories and specific pieces of personal information we have collected, the sources, the purposes, and the categories of third parties with whom we share it.
- Right to delete: request deletion of personal information we have collected from you, subject to certain exceptions.
- Right to correct: request correction of inaccurate personal information.
- Right to opt out of sale or sharing: we do not sell or share personal information, so no opt-out is necessary.
- Right to limit use of sensitive personal information: we do not use sensitive personal information beyond what is necessary to provide the Service.
- Right to non-discrimination: we will not discriminate against you for exercising any of your rights.
Residents of other U.S. states with comprehensive privacy laws (e.g., Virginia, Colorado, Connecticut, Utah, Texas, Oregon) have substantially similar rights and may exercise them by contacting us at the email above. You may use an authorized agent to submit a request on your behalf, subject to verification.
9. Cookies and Tracking Technologies
We use a limited number of cookies and similar technologies:
- Strictly necessary cookies: required for the Service to function (e.g., security, load balancing).
- Preference cookies: remember language and audio settings.
- Analytics cookies (optional): used only with your consent where legally required.
You can control cookies through your browser settings. We honor Global Privacy Control (GPC) signals as a valid opt-out request from California and other applicable U.S. residents.
10. Data Security
We implement appropriate technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include HTTPS/TLS encryption in transit, restricted access controls, and routine review of our security practices. However, no method of transmission over the Internet is 100% secure.
11. Children's Privacy
The Service is not directed to children under 16 (or under 13 in the United States, in accordance with the Children's Online Privacy Protection Act). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.
12. Automated Decision-Making
The Service uses AI models to generate suggestions and analyses based on the content you submit. These outputs are intended for entertainment and informational purposes and do not produce legal or similarly significant effects on you within the meaning of GDPR Article 22.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will revise the "Last updated" date at the top of this page and, where appropriate, provide additional notice through the Service. We encourage you to review this Policy periodically.
14. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
← Back to Home