The short version: your canvas files live on your device and are never uploaded to our servers. We collect your email if you join the waitlist. If the app crashes we receive a technical report — no file contents, no personal data.
§ 01
Who we are.
Flint Studio is a product of With Jasper Ltd, a company incorporated in England and Wales. We are the data controller for all personal data described in this policy.
If you have any questions about this policy or about how we handle your data, contact us at dpo@withjasper.co.
§ 02
What data we collect.
On this website (withflint.ai)
- Waitlist sign-up: your email address and, optionally, your creative discipline. You provide these voluntarily when you request early access. We use them to contact you about Flint Studio and nothing else.
- Standard web logs: IP address, browser type, referrer, and pages visited — retained briefly by our hosting provider (Vercel) for security and uptime purposes. We do not use these for marketing or profiling.
In the Flint Studio desktop app
- Canvas files and media assets: stored exclusively on your device, in a folder you control. We have no copy of your work, and no access to it.
- AI model inputs: images and text prompts you send to Flint are routed through our backend to AI model providers in order to generate results. We do not store these inputs or outputs beyond completing the request. We do not use your creative work to train models.
- Third-party connector data: if you connect a third-party account (for example a product catalogue or image library), the authentication token is stored locally on your device. Any data imported from that service is also stored locally. We act as a conduit; we do not copy or retain your third-party account data on our servers.
- Crash and error reports: if the app crashes, a technical report is sent to our error monitoring service. These reports contain the stack trace, app version, and operating system — they do not contain your files, canvas content, or any personally identifying information.
§ 03
Why we collect it — our legal basis.
- Waitlist email: consent (UK GDPR Art. 6(1)(a)). You can withdraw consent at any time by clicking the unsubscribe link in any email we send.
- AI model processing: performance of a contract (Art. 6(1)(b)) — processing your inputs is necessary to provide the service you requested.
- Crash reports: legitimate interests (Art. 6(1)(f)) — we have a legitimate interest in diagnosing and fixing software defects to maintain a stable, secure product. This processing does not override your rights because the reports contain no personal data.
- Web server logs: legitimate interests (Art. 6(1)(f)) — security monitoring and preventing abuse.
§ 04
Who we share data with.
We do not sell personal data. We share it only with:
- Email platform: your waitlist email is stored with our email service provider to send you communications about Flint.
- AI model providers: your prompts and images are passed to AI model providers (such as Anthropic or similar) to generate results. These providers process data under their own terms and privacy policies.
- Error monitoring: crash reports are sent to our error monitoring provider. Reports contain no personal data.
- Vercel: our hosting provider processes standard web request logs as part of serving this website.
- Legal obligation: we may disclose data if required by law or to protect the rights, property, or safety of With Jasper Ltd, our users, or the public.
All third-party processors are contractually required to handle data in accordance with applicable data protection law.
§ 05
How long we keep data.
- Waitlist email: until you unsubscribe or request deletion.
- Crash reports: 90 days, then automatically deleted.
- Web server logs: up to 30 days, per Vercel's standard retention.
- AI model inputs and outputs: not retained beyond completing the request.
- Your canvas files: we hold no copy — retention is entirely under your control.
§ 06
International transfers.
Some of our third-party processors operate outside the UK or European Economic Area. Where this is the case, we ensure appropriate safeguards are in place — typically the UK's International Data Transfer Agreement (IDTA) or the EU Standard Contractual Clauses (SCCs) — before any transfer takes place.
§ 07
Your rights.
Under UK GDPR you have the right to:
- Access a copy of the personal data we hold about you.
- Rectification of inaccurate data.
- Erasure ("right to be forgotten") where we have no overriding legitimate reason to retain your data.
- Restriction of processing in certain circumstances.
- Data portability — receiving your data in a structured, machine-readable format.
- Object to processing carried out on the basis of legitimate interests.
- Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, email dpo@withjasper.co. We will respond within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data lawfully.
§ 08
Cookies and tracking.
This website does not use tracking cookies, advertising pixels, or third-party analytics. No cookie banner is shown because none is required.
The desktop app does not use cookies. It stores application preferences and session data in local files on your device.
§ 09
Children's privacy.
Flint Studio is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
§ 10
Changes to this policy.
We may update this policy as the product develops. When we make material changes we will update the effective date above and, where we hold your email address, notify you directly. Continued use of Flint Studio after a change constitutes acceptance of the updated policy.