RoomStaging.net

Datenschutzrichtlinie

Effective Date: December 15, 2025

We make every effort to ensure the security and confidentiality of your personal data. We care about your privacy when you visit our website, register an account, and use our AI-powered virtual home staging services.

In this document, we would like to provide you with essential information about the processing of your personal data and images you upload. For clarity, we have organized this information in the form of questions and answers. All of this is to let you know why, on what basis and for how long we process your data, as well as who can access it and what rights you have.

1. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?

1.1. The controller of your personal data is Roman Deiniuk with registered office at Poland, 00-712 Warsaw, Dywizjonu AK Jelen 10.

1.2. If you have any questions or concerns, you can contact us electronically at: [email protected].

2. HOW DO WE ACCESS YOUR PERSONAL DATA?

2.1. Using the roomstaging.net Website, you may be asked to provide your personal data. Provision of data is voluntary, but in certain situations, it may be necessary. For instance, if you want to create an account, purchase a subscription plan, or use virtual staging services - providing contact and payment information will be required.

2.2. Some data is collected automatically through cookies during your visit to the Website (e.g., IP address, browser type, operating system type, etc.). This data is used to administer the Website and analyze traffic and user behavior.

2.3. When you upload images for processing by our AI Platform, we also collect file metadata and visual content to provide Services and improve our artificial intelligence algorithms.

3. FOR WHAT PURPOSE, ON WHAT LEGAL BASIS, AND FOR HOW LONG DO WE PROCESS YOUR DATA?

We process your personal data for the following purposes:

1. Conclusion and performance of the service contract:

  • legal basis: processing is necessary for contract performance (Article 6(1)(b) GDPR)
  • duration: until service termination or account deletion
  • scope: account registration and maintenance, order placement, virtual staging, furniture removal, and room renovation services

2. Image processing by AI:

  • legal basis: processing is necessary for contract performance (Article 6(1)(b) GDPR)
  • duration: as specified in Section 4.4 below
  • scope: images you upload are processed by our AI algorithms to generate virtualized images (staging, furniture removal, renovation)

3. Compliance with tax obligations:

  • legal basis: legal obligation (Article 6(1)(c) GDPR)
  • duration: until expiry of tax statute of limitations
  • scope: invoice issuance, accounting records maintenance

4. Payment processing:

  • legal basis: necessary for contract performance (Article 6(1)(b) GDPR)
  • duration: until transaction completion and legally required period
  • scope: payment data processed by Stripe for subscription management

5. Establishing, pursuing, and defending claims:

  • legal basis: our legitimate interests (Article 6(1)(f) GDPR)
  • duration: until expiry of statute of limitations for claims
  • scope: protecting our rights in court and other authority proceedings

6. Ensuring proper Website functionality:

  • legal basis: our legitimate interests (Article 6(1)(f) GDPR)
  • duration: until effective objection or purpose achievement
  • scope: analysis and statistics of Website usage (Google Analytics, Google Tag Manager, Facebook Pixel)

7. AI model improvement:

  • legal basis: our legitimate interests (Article 6(1)(f) GDPR) or your consent
  • duration: until effective objection or consent withdrawal
  • scope: use of uploaded images and generated outputs for training and improving AI algorithms

8. Marketing and communication:

  • legal basis: our legitimate interests (Article 6(1)(f) GDPR) or your consent
  • duration: until effective objection or consent withdrawal
  • scope: service promotion, newsletter, remarketing

4. HOW ARE IMAGES AND VISUAL CONTENT PROCESSED?

4.1. By uploading images to our Platform, you grant us a non-exclusive, non-transferable license to process these images for the purpose of providing Services.

4.2. You represent and warrant that you possess all necessary rights to uploaded images, including consents from individuals whose likeness may appear in them.

4.3. Uploaded images and generated outputs may be used for:

  • providing image transformation Services,
  • improving and training artificial intelligence models,
  • presentation in portfolio and marketing materials (unless you object),
  • analytical and statistical purposes.

4.4. Image storage:

  • Input images and generated outputs are stored on our secure servers for the period necessary to provide Services.
  • You may request deletion of your images at any time, with the understanding that we may retain copies necessary for legal purposes or AI improvement (in anonymized form).

4.5. Watermarks: Images generated under the free trial plan contain a watermark. Upon purchasing a paid plan, the watermark is removed.

5. WHO MAY BE THE RECIPIENT OF YOUR PERSONAL DATA?

5.1. Personal data may be transferred to the following recipients:

  • IT and hosting service providers (data storage, Website hosting)
  • Stripe - payment processor (transaction processing)
  • Google LLC - analytics provider (Google Analytics, Google Tag Manager)
  • Meta Platforms Ireland Limited - remarketing and analytics (Facebook Pixel)
  • AI and machine learning service providers (image processing)
  • Legal advisors and consultants (in case of legal proceedings)
  • State authorities (when required by law)

5.2. All data recipients are obligated to maintain confidentiality and process data only in accordance with our instructions and applicable regulations.

6. DO WE TRANSFER PERSONAL DATA TO THIRD COUNTRIES?

6.1. Some of our service providers may process data outside the European Economic Area (EEA), including in the United States.

6.2. Data transfers are conducted based on appropriate legal mechanisms:

  • European Commission adequacy decisions,
  • Standard Contractual Clauses approved by the European Commission,
  • Privacy Shield certification (where applicable),
  • Other legally permitted mechanisms.

7. DO WE USE COOKIES AND SIMILAR TECHNOLOGIES?

7.1. The Website uses cookies and similar technologies for the following purposes:

  • Essential cookies - enabling basic Website functions (login, cart)
  • Analytics cookies - Google Analytics, traffic and user behavior measurement
  • Marketing cookies - Facebook Pixel, remarketing, ad personalization
  • Functional cookies - remembering user preferences

7.2. You can manage cookie settings in your browser. However, please note that disabling cookies may limit Website functionality.

7.3. Detailed information about cookies can be found in our Cookie Policy available at: https://roomstaging.net/legal/cookies.

8. WHAT ARE YOUR RIGHTS?

8.1. Under GDPR, you have the following rights:

  • Right of access - you can obtain information about what data we process
  • Right to rectification - you can correct inaccurate data
  • Right to erasure ("right to be forgotten") - in certain cases
  • Right to restriction of processing - you can request suspension of processing
  • Right to data portability - you can receive data in a transferable format
  • Right to object - to processing based on legitimate interests
  • Right to withdraw consent - at any time, when processing is based on consent

8.2. To exercise your rights, contact us at: [email protected]. We will respond to your request within 30 days.

8.3. You also have the right to lodge a complaint with a supervisory authority (in Poland: President of the Personal Data Protection Office).

9. HOW LONG DO WE RETAIN DATA?

9.1. We process personal data as long as necessary to achieve the purposes specified in Section 3 above.

9.2. After Service termination, data may be retained for the period required by law or until claims statute of limitations expires.

9.3. Data used solely for analytical purposes and AI improvement may be retained in anonymized form indefinitely.

10. DATA SECURITY

10.1. We implement appropriate technical and organizational measures ensuring security of processed personal data, including:

  • SSL/TLS connection encryption
  • Regular backups
  • Data access control
  • Security monitoring systems
  • Incident response procedures

10.2. Despite implementing appropriate safeguards, no method of data transmission over the Internet is 100% secure.

11. CHILDREN'S DATA

11.1. Our Services are not intended for individuals under 18 years of age.

11.2. If we learn that we have obtained personal data from someone under 18, we will promptly delete that data.

12. CHANGES TO PRIVACY POLICY

12.1. We reserve the right to make changes to this Privacy Policy.

12.2. We will notify you of material changes with 14 days' notice via email and a notice on the Website.

12.3. The current version of the Privacy Policy is always available at: https://roomstaging.net/legal/privacy.

13. CONTACT

13.1. For questions regarding personal data processing, contact us:

Email: [email protected]