Privacy Policy

SSHome LLC operates Runfra.

Runfra is an image generation API and platform built and operated by SSHome LLC. References to “Runfra,” “we,” “us,” or “our” in this policy mean SSHome LLC. If you have questions about this policy, reach us at privacy@runfra.com.

We collect what’s needed to run the service — nothing more.

We do not build advertising profiles or collect information beyond what is necessary to provide Runfra.

• Email address — used to create and authenticate your account.
• Authentication tokens — short-lived session credentials managed by Supabase Auth.

• Prompts you submit — stored as part of your job record.
• Generated images — stored in Supabase Storage for 30 days after job creation, then automatically deleted.
• Job metadata — model name, batch size, quality settings, timestamps, accepted/rejected image counts, and per-image quality scores.
• Job status and outcome — whether a job succeeded, failed, was cancelled, or triggered a safety filter.

• Credit purchase records — package, amount, and timestamp. Processed by Stripe.
• Credit balance and consumption history — how many credits were used per job.
• Payment details — handled entirely by Stripe. We never see or store card numbers.

• API request logs — endpoint, response time, and status codes. Used for reliability monitoring.
• Worker and inference telemetry — GPU timing, retry counts, and quality scores per image.
• Error reports — stack traces and failure reasons used to diagnose bugs.

Only to operate, protect, and improve the service.

We use data only as needed to provide the service, prevent fraud and abuse, comply with legal obligations, and improve system performance, reliability, and quality. We do not use your data for advertising, profiling, or any purpose unrelated to operating Runfra.

• Provide the service — process your image generation requests, store results, and return them to you.
• Operate billing and credits — track purchases, apply credits to jobs, and issue automatic refunds for failed jobs.
• Prevent fraud and abuse — detect misuse of the API, enforce rate limits, and block prohibited content.
• Improve system performance, reliability, and output quality — analyze quality scores, retry patterns, and infrastructure failures to make the platform better.
• Comply with legal obligations — respond to lawful requests from authorities and maintain records required by law.
• Send transactional notifications — file expiry reminders, billing receipts, and service-critical alerts.

We will not use your prompts, generated images, or job data to train third-party AI models, and we do not sell data derived from your content to outside parties.

A small set of trusted vendors.

Each vendor receives only the data necessary for its specific function:

• Supabase — database, authentication, and file storage. Stores account data, job records, and generated images.
• Stripe — payment processing. Handles all billing and credit purchases. We do not store card numbers.
• Resend — transactional email delivery. Used for retention reminders and service notifications.
• Railway — cloud infrastructure hosting the API and worker services.

We do not share your data with data brokers, advertising networks, or any party whose purpose is unrelated to delivering the Runfra service.

Generated files expire. Job records persist.

Generated image files are stored for 30 days after a job is created. After that, files are automatically removed from storage. You will receive a reminder notification before your files expire so you have time to download anything you want to keep.

Job metadata — your prompt, status, credit consumption, quality scores, and accepted/rejected counts — is retained as part of your account history and is never exposed to other users.

Account data is retained as long as your account is active. If you request account deletion, we will remove your personal data within a reasonable time, subject to any legal retention requirements.

We filter for prohibited content automatically.

Runfra applies automated safety filtering to generated images before they are delivered. Jobs that produce content matching prohibited categories are failed and credits are refunded automatically. Prompts that repeatedly trigger safety filters may result in account suspension.

Safety classifications are used internally to enforce our acceptable use policy. They are not shared with third parties except as required by law.

We take reasonable steps to protect your data.

Data in transit is encrypted via TLS. Data at rest is stored in Supabase, which encrypts data at the storage layer. Access to production systems is restricted to authorized personnel and protected by API key authentication.

No system is completely secure. If you believe you have found a security vulnerability, please report it to security@runfra.com.

You can access, correct, or delete your data.

You have the right to access the personal data we hold about you, request corrections, and request deletion of your account and associated data. To exercise any of these rights, contact us at privacy@runfra.com. We will respond within 30 days.

You can download your generated images at any time from your dashboard before the 30-day retention window closes.

We’ll notify you of material changes.

If we make material changes to this policy, we will update the date at the top of this page and, where appropriate, notify you by email. Continued use of Runfra after a policy update constitutes acceptance of the revised terms.