...

Privacy Policy

Effective date: 27/09/2025
Entity: Pixel Sauce Pty Ltd (ABN 15 659 781 343) trading as Mock It AI (“Mock It AI”, “we”, “us”, “our”)
Contact: support@mockit.ai
Governing law: South Australia (operates worldwide)

This Privacy Policy explains how we collect, use, disclose, and protect information in connection with our websites and app subdomain (together, the “Service”). By using the Service, you agree to this Policy.

1) Who we are & scope

Mock It AI is an online AI photoshoot/mockup generator using a prompt-builder. Accounts work across our main domain and app subdomain (SSO). This Policy covers personal information we process as a controller. For certain processors (e.g., payment, analytics, infrastructure), we remain the controller and they act as our processors.

2) Information we collect

  • Account & billing: name, email address; limited billing metadata via our payment provider (we do not store full card details).
  • Technical & usage data: IP address, device/browser data, pages/events, session identifiers, dates/times, crash/error logs, performance metrics, feature usage, approximate location (from IP).
  • Product content & metadata: prompts, settings, generated images (“Outputs”), and related timestamps/IDs.
  • Communications: support requests, email preferences, and marketing engagement (opt-in status, unsubscribes).
  • Cookies & similar tech: session/auth cookies, analytics/measurement, A/B testing, session replay, error logging, and advertising/retargeting cookies (see Cookie Policy).

We do not intentionally collect sensitive categories of personal data. Please do not submit such data.

We process data to:

  • Provide the Service and operate accounts, credits, subscriptions, and Stripe billing (Contract).
  • Maintain security, prevent abuse/fraud, enforce policies (Legitimate interests/legal obligations).
  • Improve and develop the Service, troubleshoot, and run analytics/A/B tests (Legitimate interests).
  • Communicate transactional messages (receipts, service notices) (Contract/Legitimate interests).
  • Send marketing emails and measure their performance (Consent, where required; Legitimate interests where permitted).
  • Comply with law and respond to lawful requests (Legal obligation).

No model training on your content: We do not train our models on your prompts, uploads, or Outputs.

4) Community & showcasing (future feature)

By default, accounts will be opted-in for their approved Outputs to appear in a curated community gallery. Publication is not automatic—items are moderated/approved first. You will be able to opt out in your profile (feature coming soon). We may showcase approved items on our sites/socials/marketing; you can withdraw consent for new uses at any time.

5) Cookies & tracking technologies

We use:

  • Strictly necessary cookies (auth/session, CSRF, load balancing)
  • Analytics/performance (e.g., GA4), A/B testing, session replay (e.g., product analytics), error logging (e.g., crash reports)
  • Advertising/retargeting (e.g., Google/Meta) on marketing site and, where applicable, in-app

Where required (e.g., EU/UK), we obtain consent via a region-aware banner and honor your choices. Details appear in our separate Cookie Policy.

6) Disclosures to third parties

We disclose information to:

  • Service providers/processors: hosting/CDN, payment processing (Stripe), analytics, email delivery, customer support, logging/monitoring, security, anti-fraud.
  • Professional advisors and authorities as legally required.
  • Business transfers: in a merger, acquisition, or asset sale, your information may be transferred with appropriate safeguards.

We do not sell personal information. We do not permit third parties to train models on user content from our Service.

7) International transfers

We operate globally and may transfer data across borders (e.g., to the US, EU, or other regions) with appropriate safeguards such as Standard Contractual Clauses (and UK Addendum where applicable). For Australian users, we take reasonable steps to ensure overseas recipients do not breach the Australian Privacy Principles.

8) Data retention

We retain information for as long as necessary to provide the Service, comply with law, resolve disputes, and enforce agreements. As guidance (adjustable to your preference):

  • Account data (name, email): while your account is active and up to 24 months after closure.
  • Transactional/billing records: 7 years (tax/audit).
  • Logs & telemetry: typically 12–18 months.
  • Prompts/Outputs: while your account is active (and per Community settings); deleted upon account deletion request subject to backups and legal holds.
  • Marketing preferences: until you unsubscribe or the list is pruned.

Backups may persist for a limited period with restricted access before they are overwritten.

9) Security

We apply administrative, technical, and organizational measures appropriate to the risk, including encryption in transit, access controls/least privilege, monitoring, and regular backups. No method of transmission or storage is 100% secure; you use the Service at your own risk.

10) Your rights & choices

Depending on your location, you may have rights to:

  • Access and correct your information
  • Delete your information (subject to legal exceptions)
  • Data portability (structured, commonly used format)
  • Object or restrict certain processing (e.g., analytics/marketing)
  • Withdraw consent at any time (e.g., marketing emails, cookie categories)
  • Opt out of targeted advertising/“share” (where applicable under CPRA)

How to exercise: email support@mockit.ai from your account email. We may request verification. You can also unsubscribe using links in marketing emails and adjust cookie preferences in our banner or your browser.

11) Children’s privacy

The Service is not directed to children under 13 (or older age as required by local law). We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will take appropriate steps to remove it.

12) Do Not Track / Global Privacy Control

We do not respond to browser Do Not Track signals. Where recognized by law (e.g., GPC for certain jurisdictions), we will honor valid signals related to sale/share opt-outs.

Our Service may link to third-party sites/services. Their privacy practices are governed by their own policies. Please review them.

14) Changes to this Policy

We may update this Policy to reflect changes to our practices or legal requirements. If changes are material, we’ll notify you by email or in-product notice. Continued use after the effective date constitutes acceptance.

15) Contact & complaints

Questions, requests, or complaints: support@mockit.ai
Australian users may also contact the OAIC (Office of the Australian Information Commissioner) if concerns remain unresolved.