Privacy Policy
Last updated: February 10, 2026
1. Introduction
Illumined Analytics ("we", "us", or "our") operates Crest Forge. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.
2. Information We Collect
Information You Provide
- Family name and description: Used solely to generate your crest image
- Payment information: Processed securely by Stripe. We do not store credit card numbers or bank details on our servers
- Email address: Collected by Stripe during checkout for transaction receipts
Information Collected Automatically
- IP address: Used for rate limiting to prevent abuse. Stored temporarily and automatically deleted after 24 hours
- Browser localStorage: Used to track session generation counts and restore your last generated crest. This data stays on your device and is not transmitted to us
3. How We Use Your Information
We use the information we collect to:
- Generate your personalized coat of arms image
- Process payments and deliver your high-resolution download
- Enforce rate limits and prevent abuse of the Service
- Verify CAPTCHA challenges to protect against automated misuse
We do not use your information for marketing, advertising, or profiling purposes.
4. Third-Party Services
We use the following third-party services to operate Crest Forge:
- Google Gemini: AI image generation. Your family name and description are sent to Google's API to generate your crest. Subject to Google's Privacy Policy
- Stripe: Payment processing. Your payment and email are handled by Stripe. Subject to Stripe's Privacy Policy
- Cloudinary: Image storage and delivery. Generated crest images are stored on Cloudinary's servers. Subject to Cloudinary's Privacy Policy
- Cloudflare Turnstile: CAPTCHA verification to prevent automated abuse. Subject to Cloudflare's Privacy Policy
- Netlify: Website hosting and serverless functions. Subject to Netlify's Privacy Policy
5. Data Retention
- Generated images: Stored on Cloudinary indefinitely to support download access
- IP rate limit data: Automatically deleted after 24 hours
- Payment records: Retained by Stripe per their data retention policies
- Input text (family name, description): Not stored after image generation is complete
6. Cookies
Crest Forge does not use tracking cookies. We use browser localStorage for client-side session management only. Cloudflare Turnstile may set cookies necessary for CAPTCHA functionality.
7. Data Security
We take reasonable measures to protect your information, including encrypted connections (HTTPS), secure third-party payment processing, and server-side rate limiting. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.
8. Children's Privacy
The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.
9. Your Rights
Depending on your jurisdiction, you may have the right to:
- Request access to your personal data
- Request deletion of your personal data
- Request correction of inaccurate data
- Object to processing of your data
To exercise any of these rights, contact us at stephen@illumined.io.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes take effect upon posting to this page. We encourage you to review this policy periodically.
11. Contact
If you have questions about this Privacy Policy, contact us at stephen@illumined.io.