Privacy Policy

1. Introduction

This Privacy Policy describes how Ephoreal Technologies (OPC) Pvt. Ltd. ("we," "our," or "us") collects, uses, and protects your information when you use our platform available at https://mirano.app (the "Service" or "App").

Mirano enables users to create infographics, one-page presentations, and similar designs based on their input.

We respect your privacy and are committed to protecting your personal data in compliance with applicable laws, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, GDPR (EU), and other international standards.

2. Information We Collect

We collect only the information necessary to operate and improve the Service.

a. Information you provide directly

• Account information: name, email address, and password when you register through Supabase.
• User content: infographics, presentations, or any design you create or upload within the app.
• Communication data: messages, feedback, or support requests.

b. Information received from Google Sign-In

When you choose to sign in with your Google account, we receive the following data from Google:

• Name and email address associated with your Google account.
• Profile picture URL (if available on your Google account).

This data is used solely to create and manage your Mirano account. We do not access your Google contacts, Gmail, Google Drive, or any other Google service data beyond what is listed above.

c. Automatically collected information

• Analytics and usage data: pages visited, features used, device/browser type, and time spent, collected via Google Analytics.
• Cookies and similar technologies: used to remember preferences and improve functionality. You can manage cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. Note that disabling cookies may affect some features of the Service. For Google Analytics specifically, you may opt out by installing the Google Analytics Opt-out Browser Add-on.
• Security data: IP address, device information, and access logs for fraud detection and system protection.

3. How We Use Your Information

We use your information to:

• Provide, maintain, and improve our Service.
• Process transactions through Razorpay (we do not store card details).
• Authenticate and manage user accounts through Supabase.
• Deliver personalized features and recommendations using Gemini Flash 2.5 (our AI model).
• Send transactional, service-related, or marketing emails (you may unsubscribe at any time).
• Ensure the security, stability, and performance of the App.
• Comply with legal and regulatory requirements.

4. Data Storage and Retention

• Your data is stored securely on servers hosted by Hetzner (Germany/EU).
• Data you create is only stored if you choose to save it.
• Saved data is retained until you delete it or request deletion.
• Backups are encrypted and maintained for disaster recovery only.

5. Sharing of Information

We do not sell, rent, or trade your personal data.

We share data only with trusted service providers who help operate our business:

• Razorpay – receives your email and transaction details for payment processing. We do not store card or bank details.
• Supabase – receives your name, email, and profile picture for authentication and database management.
• Google (Sign-In) – provides your name, email, and profile picture URL when you authenticate via Google. We do not request access to any other Google services or data.
• Hetzner – hosts your saved designs and account data on EU-based servers.
• Google Analytics – receives anonymized usage data (pages visited, device type, session duration). No personally identifiable information is shared.
• Cloudflare – processes IP addresses and request metadata for DNS resolution and DDoS protection.

Each of these partners is bound by data protection and confidentiality obligations.

6. Legal Basis for Processing (GDPR)

For users in the EU/EEA, we rely on the following bases:

• Performance of a contract: to provide you the Service.
• Legitimate interests: to improve features, secure systems, and understand usage patterns.
• Consent: for analytics cookies and marketing communications.
• Legal obligation: to comply with accounting, tax, and KYC requirements.

7. User Rights

Depending on your location, you have the right to:

• Access, update, or delete your data.
• Withdraw consent to data processing.
• Request a copy (data portability).
• Object to certain uses of your data.

To exercise any of these rights, contact us at support@mirano.app. We will respond to all verified requests within 30 days. In cases where additional time is needed, we will notify you of the reason and extension period.

8. International Data Transfers

Your information may be processed outside your country (for example, in Germany or India).

We ensure adequate data protection safeguards through secure, encrypted transfers and GDPR-compliant service providers.

9. Security Measures

We take reasonable organizational and technical steps to protect your data:

• All communication uses HTTPS encryption.
• DNS and DDoS protection via Cloudflare.
• Strict internal access control.
• Periodic security reviews.

While we implement best practices, no online system is fully immune to risks. Users are responsible for maintaining account security (e.g., strong passwords).

10. Children's Privacy

Our App is suitable for all ages but not specifically directed at children.

We do not knowingly collect data from individuals under 16. If you believe a child has provided data, contact us for deletion.

11. Marketing Communications

We may occasionally send you product updates, new features, or promotional messages.

You can unsubscribe anytime via the "unsubscribe" link or by contacting privacy@ephoreal.com.

12. Google API Services – Limited Use Disclosure

Mirano's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We only use Google user data (name, email, profile picture) to provide and improve user-facing features within Mirano, such as account creation, login, and profile display.
• We do not transfer Google user data to third parties except as necessary to provide the Service (e.g., Supabase for authentication), with your explicit consent, or as required by law.
• We do not use Google user data for serving advertisements, retargeting, or interest-based advertising.
• We do not sell Google user data to data brokers, information resellers, or any other third party.
• We do not allow humans to read your Google user data unless it is aggregated and anonymized for internal operations, necessary to comply with applicable law, or required for security purposes such as investigating abuse.

13. Changes to This Privacy Policy

We may update this policy from time to time.

When we do, the updated version will be posted at https://mirano.app/privacy with a revised "Last Updated" date.

14. Contact Us

For questions or privacy-related concerns, reach us at: