Privacy Policy

Effective Date: February 25, 2026  ·  Last Updated: April 17, 2026

This Privacy Policy describes how ComfyAI Cloud (“we”, “us”, “our”) collects, uses, discloses, and safeguards your information when you use https://comfyaicloud.com (the “Website”) and the Visual Deconstruction Chrome Extension (the “Extension”, together the “Service”). We respect your privacy and never sell your personal data.

1. Information We Collect

Account information. When you sign in with Google OAuth, we receive only your name, email address, and profile picture. We never access your Gmail, Google Drive, contacts, calendar, or any other Google data.

User content. Text prompts you submit, images you upload for analysis, and images you generate.

Payment information. Processed exclusively by PayPal — we store only your transaction ID, credit amount, and payment date. We never see, store, or transmit card or bank details.

Chrome Extension data. Image URLs from the active browser tab — only at your explicit request when you click “Scan Page Images”. Your authentication token and preferences are stored locally on your device via chrome.storage.local. The Extension does not read, track, or transmit anything outside of that explicit action.

Technical data. IP address, browser type, device type, and aggregated usage logs for security and fraud prevention.

2. How We Use Your Information

  • To authenticate your identity and provide access to the Service.
  • To process your image-generation and prompt-extraction requests.
  • To manage your credit balance and process PayPal payments.
  • To detect, prevent, and investigate fraud, abuse, or security incidents.
  • To respond to support requests.
  • To analyze anonymized, aggregated usage patterns to improve the Service.
  • To comply with applicable law.

We do not use your identifiable prompts, images, or personal data to train AI models without your explicit opt-in consent.

3. Chrome Extension Data Practices

The Visual Deconstruction Chrome Extension complies with the Chrome Web Store User Data Policy, including the Limited Use requirements.

  • activeTab — used only when you click “Scan Page Images” to read image URLs from the tab you’re viewing.
  • scripting — used only to inject the scan script into the tab you’re viewing, triggered by your click.
  • storage — used to keep your sign-in state, preferences, and credit balance locally on your device.
  • identity — used only for Google OAuth sign-in via chrome.identity.launchWebAuthFlow. Scopes are limited to openid, email, and profile.

The Extension does not continuously monitor your browsing, collect your browsing history, read page content without your action, or transmit any data without your direct request. All local data is cleared on sign-out or uninstall.

Google API Services User Data Policy — Limited Use disclosure. Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share data only with:

  • PayPal — payment processing.
  • Cloud hosting and infrastructure providers — contractually prohibited from using your data for any other purpose.
  • Law-enforcement or government authorities — only when required by law.

In the event of a merger or acquisition, we will provide advance notice before your data becomes subject to a different privacy policy.

5. Data Retention

  • Account data (name, email, picture) — deleted within 30 days of a deletion request.
  • Generated content and prompts — retained until you delete them or close your account.
  • Payment records — retained for 7 years for legal compliance.
  • Server logs — retained for a maximum of 90 days.
  • Chrome Extension local data — stored on your device only, cleared on sign-out or uninstall.

6. Data Security

We implement HTTPS/TLS encryption for data in transit, encrypted storage for sensitive data at rest, strict access controls, and regular security assessments. API credentials (xAI, NVIDIA, PayPal) are stored exclusively on our secured server — they are never transmitted to or stored in the Chrome Extension. No method of transmission is 100% secure and we cannot guarantee absolute security.

7. Your Rights

You have the right to:

  • Access a copy of your personal data.
  • Request correction of inaccurate data.
  • Request deletion of your data (processed within 30 days).
  • Receive your data in a portable format.
  • Withdraw consent at any time.
  • Object to processing based on legitimate interests.

Contact privacy@comfyaicloud.com to exercise any right. We respond within 30 days.

8. Cookies

Essential session cookies keep you logged in — they cannot be disabled without losing Service access. Analytics cookies (if enabled) help us understand aggregate usage patterns — you can disable these via your browser settings. We do not use advertising cookies, cross-site tracking, or fingerprinting technologies.

9. Google OAuth and Third-Party Services

Authentication is performed via Google Sign-In using only the minimum required OAuth scopes: openid, email, and profile. This is governed by Google’s Privacy Policy. PayPal interactions are subject to PayPal’s Privacy Statement. We are not responsible for third-party privacy practices.

10. International Data Transfers

ComfyAI Cloud stores data on servers located in the United States. By using the Service, you consent to the transfer of your data to the United States or other countries where our providers operate, which may have different data-protection laws than your country.

11. Children’s Privacy

The Service is intended for users 18 years and older only. We do not knowingly collect data from anyone under 18. If we become aware of such collection we will delete it immediately. Contact privacy@comfyaicloud.com if you believe we hold data about a minor.

12. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be announced on the Service and by email. The “Last Updated” date at the top reflects the most recent revision. Continued use after changes constitutes acceptance.

13. Contact Us

Privacy inquiries: privacy@comfyaicloud.com
Legal inquiries: legal@comfyaicloud.com
Support: support@comfyaicloud.com
Website: https://comfyaicloud.com

We aim to respond to all privacy-related inquiries within 5 business days. This policy was prepared for compliance with the Google Chrome Web Store Developer Program Policies, GDPR, CCPA, and other applicable privacy laws.

Home Terms of Service Blog © 2026 ComfyAI Cloud