mynth

legal

Privacy Policy

What we collect, how we use it, and the privacy promise behind your prompts and generated images.

Last updated: June 15, 2026

1. Introduction

This Privacy Policy explains how Mynth ("Mynth", "we", "us"), the operator of mynth.io and its API, SDKs, and dashboard (the "Service"), collects, uses, and shares information. It should be read together with our Terms of Service.

We try to collect as little as we need to run the Service well. Most importantly, we treat the creative work you do on Mynth as yours and private — see Your prompts & images.

2. Information we collect

Account information

When you sign up, we (through our authentication provider) collect your email address and basic profile details, and the authentication identifiers needed to keep you signed in.

Billing information

When you add credits, our payment provider (Stripe) processes your payment. We receive limited billing metadata such as the amount, status, and a customer/transaction reference. We do not receive or store your full card number.

Usage and technical data

We collect operational data needed to run and secure the Service: API requests, which models and features you use, credit consumption, timestamps, request/response metadata, IP address, and device/browser information. We use this for billing, rate limiting, debugging, security, and improving the Service.

Content you submit

To perform a generation we process your Inputs (prompts, parameters, reference files) and the Outputs (generated images). How we handle these is described in Your prompts & images.

Communications

If you email us or reach us on Discord, we keep that correspondence so we can support you.

3. How we use information

  • To provide, operate, and maintain the Service and process your generations.
  • To handle billing, credits, and payments.
  • To secure the Service — preventing fraud, abuse, and violations of our Terms.
  • To debug, monitor, and improve reliability and performance.
  • To respond to your support requests and send essential service notices.
  • To comply with legal obligations and protect people from serious harm.

4. Your prompts & generated images

Your generated images are never used to train AI models, and they are never analyzed or reviewed by Mynth for any commercial or profiling purpose. We want your generations to stay private, and we do not impose content surveillance from our side.

We process your Inputs and Outputs only to deliver the Service to you — for example, to run the generation, return the result, store it if you keep it, deliver it to your chosen destinations, and show your own history back to you. We do not sell your content, and we do not use it to train our own or anyone else's models.

Note that the third-party model providers who actually generate the images may apply their own privacy and content policies, which can include their own retention, filtering, or restrictions. That part is outside our control — see Model providers. Our own posture is to keep things private and unrestricted on our side.

The one exception: child safety

The single exception to the above is the protection of children. As described in our Terms of Service, we have zero tolerance for child sexual abuse material. Where we become aware of suspected child sexual exploitation, we may preserve and disclose relevant data, report it to the appropriate authorities and recognized hotlines, and cooperate with any investigation. This overrides the general privacy expectation set out above.

5. Magic Prompts & automatic size selection

Features like Magic Prompts (prompt enhancement) and automatic size selection use large language models. We route these requests through OpenRouter, and we deliberately use models and providers that do not retain or train on the prompts we send.

Mynth itself does not read, mine, or otherwise use the text of your prompts for any purpose beyond producing the result you asked for. As with image generation, this text is processed to serve your request — not to profile you or train models.

6. Third-party model providers

Image generation is carried out by third-party model providers (for example, the providers behind the models listed in our catalog). To fulfill your request, your relevant Inputs are sent to the provider that hosts the model you selected, and the Output is returned to us and to you.

Each provider operates under its own privacy and content policies, which may differ from ours and may include their own logging, retention, or content filtering. We encourage you to review the policies of providers whose models you rely on.

7. Service providers we rely on

We use a small set of trusted vendors to run the Service. They process data on our behalf for the purposes described above:

  • Authentication — for sign-in and account management.
  • Cloud hosting & backend — for running the application, database, and image storage/delivery (including a CDN).
  • Stripe — for payment processing.
  • OpenRouter — for the language-model features described above.
  • Image model providers — for generating images, as described in section 6.
  • Product analytics — for understanding usage and improving the Service.

8. Cookies & analytics

We use strictly necessary cookies to keep you signed in and to operate the Service. We also use privacy-conscious product analytics to understand how the Service is used so we can improve it. You can control cookies through your browser settings; disabling necessary cookies may break sign-in.

9. Data retention

We keep personal data for as long as needed to provide the Service and for legitimate business and legal purposes — for example, account data while your account is open, and billing records for as long as the law requires. Stored generations are kept while you choose to keep them; you can delete them, and you should keep your own copies. During the alpha, data may be cleared at any time and may be removed after the alpha ends.

10. How we share & disclose information

We do not sell your personal data. We share it only:

  • with the service providers listed above, to operate the Service;
  • when required by law, or to comply with legal process, or to protect the rights, safety, and security of users, the public, or Mynth — including the child-safety disclosures described in section 4;
  • in connection with a business transfer (such as a merger or acquisition), subject to this Policy.

11. Security

We take reasonable technical and organizational measures to protect your information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Protect your account and API keys, and let us know promptly if you suspect a problem.

12. International data transfers

We and our service providers may process data in countries other than where you live, including outside the European Economic Area. Where we transfer personal data internationally, we rely on appropriate safeguards (such as standard contractual clauses) where required by law.

13. Your rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal data, to object to or restrict certain processing, and to withdraw consent. If you are in the EEA, you may also lodge a complaint with your local data protection authority.

To exercise any of these rights, email mynth@mynth.io. We may need to verify your identity before acting on a request.

14. Children

The Service is not intended for anyone under 18, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will take appropriate steps.

15. Changes to this policy

We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, for material changes, take reasonable steps to notify you. Continuing to use the Service after changes take effect means you accept the updated Policy.

16. Contact

Questions or requests about your privacy? Email us at mynth@mynth.io. See also our Terms of Service.