Privacy Policy

Sosana is the operator of sosana.studio — an AI presentation studio. We control how your personal data is processed when you use the website or the API.

Support and any data-related request: https://t.me/sosana_art.

When you sign in with Google we receive the name, email and avatar from your Google account, plus the Google user ID that anchors your account. We do not control what is stored on the Google side.

When you generate a presentation we store the prompts, parameters and outputs of the run so they appear in your history. When you upload source material it is stored alongside the run that used it.

When you create an API key we store its identifier and a hash so the key can be used and revoked; the secret itself is shown to you once on creation.

When you contact us through Telegram we keep the conversation in Telegram until the request is resolved.

Account data identifies you and lets you sign in. Prompts and outputs power your history feed and reruns. Credit transactions are recorded so the balance reconciles and so we can return credits for failed or moderated runs. Transactional notifications — run finished, payment receipt — may be sent to the email Google returned at sign-in.

We do not run third-party analytics, tracking pixels or advertising cookies and we do not profile your behaviour across other sites.

Decks and any text the studio displays alongside a run are produced by AI models and may be inaccurate, incomplete or unexpected. They are not statements made by Sosana. Any decisions you make based on AI output are your own.

We do not sell your data. To actually generate a presentation your prompt and any source files are forwarded to the upstream model provider that runs the model. Generated files are stored in Cloudflare R2 under our account and served from there.

Payments are processed by our payment provider, which receives the order amount and the contact data needed to issue a receipt; card data is collected and stored by the provider and its acquirer, not by us. We may disclose data when a binding legal request requires it.

Our infrastructure and the upstream model providers operate in multiple jurisdictions, so your data may be processed outside the country you are in. We rely on contractual safeguards and provider commitments to keep data protected wherever it sits.

You can request a copy of the data we hold about you, correct it, withdraw consent, or ask us to delete the account and the generations attached to it. Write to https://t.me/sosana_art and we will act within 30 days.

We use HTTPS in transit, scoped access to storage, short-lived signed URLs for assets and hashed credentials for API keys. No method of transmission over the Internet is fully secure; if we become aware of an incident that affects you we will act on it and notify you when required.

We may update this policy as the studio evolves. The current version always lives at this URL; the date at the top tells you when it last changed. Material changes will be highlighted in-app or by email.