The Leading AI Headshot Generator for Professionals
Privacy Policy
Aragon, AI, Inc. (“Aragon AI”, “we” or “us”) respects your privacy. This Privacy Policy (this “Policy”) describes how we process Personal Data (as defined below) that we gather through our website at www.aragon.ai (“Website”) and when we provide our services (together, the “Services”). It also tells you about your rights and choices with respect to your Personal Data, and how you can contact us if you have any queries or concerns.
In this Policy, “Personal Data” means any information relating to an identified or identifiable natural person. We may collect and process Personal Data about you in the ways outlined below. Where applicable, we indicate whether and why you must provide us with your Personal Data, as well as the consequences of failing to do so. If you do not provide Personal Data when requested, you may not be able to benefit from our Services if that information is necessary to provide you with such Services or if we are legally required to collect it.
1. Personal Data We Collect
1.1 Information you provide to us
Registration and Profile Information. If you sign up for an account, we may ask you for your name, company name, email address, address, and telephone number. We may also collect the username and password you set to establish your account, biographical details, links to your profiles on social networks, interests, preferences, and any other information that you add to your account profile.
User Content and Input Data. When you use our Services, you may upload or provide content such as images, video, audio, text prompts, or other inputs (“User Content”). As part of the generation process, we may ask you to provide certain demographic and descriptive information, such as your age range, gender, ethnicity, hair type, body type, and physical characteristics, to help generate the best quality photos that most accurately represent you. We may also collect information about your participation in our contests, promotions, or surveys. Depending on your location, some of this information may constitute biometric data or sensitive personal data under applicable law.
Query and Prompt Data. We collect commands, descriptions, text prompts, questions, messages, and other content you generate or transmit through our Services, as well as associated metadata. Your prompts and inputs may be transmitted to third-party artificial intelligence model providers as part of the generation process.
Communications. If you contact us directly, we may receive additional Personal Data about you, such as your name, email address, job title, company name and size, location, the contents of a message or attachments that you may send to us, and other Personal Data you choose to provide.
Feedback Data. We may collect information about your experiences with our Services, including survey responses, ratings, and other feedback you choose to submit.
Payment Information and Purchase History. We gather transaction information, such as records of the Services purchased and subscription status, which we may store to manage your account.
Marketing Data. If you sign up for our mailing list, you may provide us with Personal Data, such as your name and contact details (including email address). You may opt out of marketing communications at any time by clicking the unsubscribe link in any marketing email we send. Even if you opt out, you will continue to receive transactional or account-related communications from us.
Other data. Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.
1.2 Information collected via automated means
Usage Information. To help us understand how you use our Services and to help us improve them, we automatically receive Personal Data about your interactions with our Services, like your last login, your IP address, your device ID, device type, operating system type and version, browser type and version, advertising ID, user ID, the pages or other content you view, screen dimensions, scroll depth, how long you spend on a page, navigation paths between pages, your advertising interactions, the searches you conduct, and the dates and times of your visits. We may derive approximate location information, such as your city or region, from your IP address. We also collect UTM parameters and advertising click identifiers (such as Google and Facebook click IDs) when you arrive via a marketing link. We use third-party analytics tools, including PostHog, to help collect and analyze this data.
Location data. We may collect location data when you authorize our mobile application or the Services to access your device's location.
Metadata includes information on how, when, where and by whom a piece of content was collected and how that content has been formatted or edited. Metadata also includes information that users can add or can have added to their content, such as keywords, geographical or location information, and other similar data.
Cookies and similar technologies. We use cookies and similar technologies (collectively “cookies”) to ensure that our Services function properly, to improve our products and services and to assist with marketing campaigns. Cookies are small text files containing a string of alphanumeric characters. We and third-party partners collect information using cookies, pixel tags, or similar technologies. We and third-party service providers may use the following cookies:
Functional cookies. Some cookies are strictly necessary to make our Services available to you. For example, to allow you to fill out forms. We cannot provide you with the Services without this type of cookie.
Analytics cookies. We use cookies for website analytics purposes in order to operate, maintain and improve our Services. We use the following cookies:
Cookie Name Purpose Retention Period Google Analytics Track Website activity such as session duration, pages per session, traffic information etc. 2 years Hotjar Analyze data and give feedback data for user engagement 1 year Intercom Intercom uses this as an anonymous visitor identifier cookie. 9 months PostHog Tracks user interactions, page views, and product analytics events to help us understand and improve our Services. 2 years Advertising cookies. We work with third party advertising partners to show you ads that we think may interest you. These advertising partners may set and access their own cookies on our Services and they may otherwise collect or have access to information about you which they may collect over time and across different online services. We use the following cookies:
Cookie Name Purpose Retention Period Facebook Connect Advertising and user engagement 3 months TikTok Advertising and user engagement 13 months Google ads Advertising and user engagement 90 days Rewardful Records referral source when you arrive via an affiliate or partner link, used to attribute commissions to referring partners. 3 months
The information collected via such cookies may include information such as your IP address, device ID, advertising ID, clicks, URLs visited and other interactions, inferred location data, and advertising interactions.
1.3 Information we obtain from third parties:
Social media information. We may maintain pages on social media platforms, such as Facebook, TikTok, Instagram, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider's privacy policy will apply to your interactions and their collection, use and processing of your Personal Data. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Policy.
Third-party login information. When you link, connect, or login to the Services with a third-party service (e.g., Google, Facebook, or Apple), you direct the service to send us information such as your registration, friends list, and profile information as controlled by that service or as authorized by you via your privacy settings at that service. Our use and disclosure of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Other Sources. We may obtain your Personal Data from other third parties, such as marketing partners, publicly available sources and data providers.
1.4 Data about others.
We may offer features that allow you to invite friends or contacts to use the Services. If you share the contact details of others with us, please ensure you have their permission to do so. If you share your or others' details via third-party platforms (e.g., messaging applications), those platforms process such information in accordance with their own privacy policies.
2. How We Use Personal Data
We will only process your Personal Data based on a valid legal ground. The table below describes the legal ground by purpose.
| Purpose | Description | Legal ground |
|---|---|---|
| Providing the Services | We use Personal Data about you to operate, maintain, and provide our Services, develop, host, and maintain new programs and services, enable security features of the Services, communicate with you about the Services, and establish and maintain your user profile. | The processing is necessary for entering into, or performance of a contract to which you are a party; We, or a third party, have a legitimate interest in using your Personal Data for the purpose of developing, hosting, and maintaining the Services; You give us consent to do so. |
| Personalization | We use your Personal Data to understand your needs and interests, personalize your experience on our Services and offer you the best quality photos that most accurately represent you, personalize our Service-related communications, and remember your selections and preferences as you navigate our Services. | The processing is necessary for entering into, or performance of a contract to which you are a party; You give us consent to do so. |
| Support | We use Personal Data to provide technical support, including diagnosing and resolving any issues you report. | The processing is necessary for entering into, or performance of a contract to which you are a party |
| Fraud prevention | We use your Personal Data to keep our Services secure and to identify and prevent fraud in the use of our Services, including cyberattacks and identity theft. | The processing is necessary for entering into, or performance of a contract to which you are a party; We need it to comply with a legal obligation; We, or a third party, have a legitimate interest in protecting against and preventing fraud. |
| Customer relationship management | We may process your Personal Data for customer relationship management purposes. | The processing is necessary for entering into, or performance of a contract to which you are a party; We, or a third party, have a legitimate interest in managing customer relationships; You give us consent to do so. |
| Communicating with you | We may use your email address and other Personal Data as necessary to contact you for administrative purposes such as to provide information that you request or to ask you to provide feedback and complete surveys. | The processing is necessary for entering into, or performance of a contract to which you are a party; You give us consent to do so. |
| Analytics and product development | We use Personal Data about you to analyze usage trends and preferences to improve our Services, as well as to develop new products, services, features, and functionalities. | We, or a third party, have a legitimate interest in evaluating and improving our products or services; You give us consent to do so. |
| Marketing | We may process your Personal Data for marketing purposes, such as to develop and provide promotional materials or events that may be relevant, valuable, or otherwise of interest to you. | We, or a third party, have a legitimate interest in delivering marketing and advertising materials; You give us consent to do so. |
| Administrative and legal purposes | We may use your Personal Data to enforce this Policy, to defend our legal rights and to comply with our legal obligations and internal policies. We may also audit our internal processes for compliance with legal and contractual requirements or our internal policies. | The processing is necessary for entering into, or performance of a contract to which you are a party; We need it to comply with a legal obligation; We, or a third party, have a legitimate interest in addressing administrative and legal issues. |
| Generating anonymized or aggregate data | We may use your Personal Data to generate anonymized or aggregate data containing only de-identified, non-personal data that we may use for any lawful purposes. | The processing is necessary for entering into, or performance of a contract to which you are a party; We, or a third party, have a legitimate interest in generating anonymized or aggregate data; You give us consent to do so. |
| Use of AI and third-party models | We may use Personal Data and User Content to generate AI outputs by fine-tuning and calling third-party artificial intelligence models and service providers. As part of providing the Services, User Content may be transmitted to and processed by such third-party providers. | The processing is necessary for entering into, or performance of a contract to which you are a party; We, or a third party, have a legitimate interest in providing and improving AI-powered services. |
Further uses. In some cases, we may use your Personal Data for purposes that are not compatible with the initial purpose for which it was collected, in which case we will ask for your consent before doing so.
3. How We Disclose Your Personal Data
We may disclose your Personal Data to third parties in the following circumstances:
Service providers, vendors, and analytics partners. We work with service providers and vendors to help us operate our Services, such as for processing User Content and generating AI outputs using third-party artificial intelligence models and service providers, data storage and cloud services, payment processing, website chat and customer support messaging, transactional and marketing emails, application monitoring and error logging, and giving credit to affiliates that bring users to our Website. We further use service providers and vendors for analyzing data, providing IT-hosting and maintenance, assisting with customer relationship management, and other activities related to our Services. These third parties may have access to or process your Personal Data as part of providing those services to us. In addition, we use analytics service providers such as Google Analytics and PostHog to collect and process certain analytics data. We also use Sentry to capture and report technical errors and performance data to help us maintain and improve our Services. You can learn more about Google's practices on its Policies Page and opt-out by downloading the Google Analytics opt-out browser add-on.
Payment Processors. Any payment card information you provide is collected and processed directly by our third-party payment processors, such as Stripe and Paddle, and is not stored by Aragon AI. Each processor's use of your payment data is governed by their respective privacy policies: Stripe (https://stripe.com/privacy) and Paddle (https://www.paddle.com/legal/privacy).
Affiliates. We may disclose Personal Data to our affiliates, subsidiaries, and branch offices to which it is reasonably necessary or desirable for us to disclose Personal Data for the above-mentioned purposes. We also use Rewardful to manage our affiliate referral program. Rewardful may receive information about referrals and conversions for commission attribution purposes.
Advertising Partners. We may share your Personal Data with third-party advertising companies for interest-based advertising purposes. These advertising partners may set and access their own cookies on our Services and may collect information about you across different online services over time.
Partners. We may share your Personal Data with third parties with whom we partner, including parties with whom we co-sponsor events or promotions, or jointly offer products or services.
Linked Third-Party Services. If you log into the Services with, or otherwise link your account to, a social media or other third-party service, we may share your Personal Data with that service. The third party's use of the shared information will be governed by its own privacy policy and the settings associated with your account with that service.
Professional Advisors. We may share your Personal Data with our professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services they render to us.
Authorities and others. We may disclose your Personal Data to third parties if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose your Personal Data that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of our Services and any facilities or equipment used to make our Services available, or (v) protect our property or other legal rights, including to enforce our agreements, or the rights, property, or safety of others.
Merger, Sale, or Other Asset Transfers. We may transfer your Personal Data to service providers, advisors, prospective counterparties and their advisers, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets. We may also disclose your Personal Data to an acquirer, successor, or assignee in the event of an insolvency, bankruptcy, or receivership in which Personal Data is transferred to one or more third parties as one of our business assets. The use of your Personal Data following any of these events will be governed by the provisions of this Policy in effect at the time the applicable Personal Data was collected.
Consent. We may also disclose your Personal Data with your permission, such as if you choose to disclose your generated content with others, and we may share your Personal Data with any third parties you specifically instruct us to share your information with.
Third parties designated by you. We may share your Personal Data with third parties where you have instructed us or provided your consent to do so, including contacts to whom you consent to share your generated content or other Personal Data.
Public sharing. If you choose to share content through the Services, including by making content available in any public gallery or similar feature, such content may be visible to other users and the public. Shared content may be cached, copied, screen captured, or stored by others (e.g., search engines), and we are not responsible for any such use. Once shared publicly, we cannot control how others use or further distribute that content.
4. Data Retention
We take measures to delete your Personal Data or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we need to retain certain information as required by law, including to comply with tax requirements, or for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse or enforce our terms and conditions. When determining the specific retention period, we take into account various criteria, such as the type of service provided to you, the nature and length of our relationship with you, and mandatory retention periods provided by law and the relevant statute of limitations. Your Personal Data is generally retained for as long as your account remains active. When you close your account, we will take steps to delete your Personal Data, though copies may exist in backup systems for a limited period before permanent deletion. We may retain certain information for longer periods where required for legal purposes, including litigation holds, law enforcement requests, or regulatory audits. When we no longer require Personal Data, we may delete it, anonymize or aggregate it, or isolate it from further processing.
5. Your Rights in Relation to Your Personal Data
Update Your Information. You can update your account and profile information through your profile settings. You can close your account by emailing us at: support@aragon.ai.
Marketing Communications. You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt out of receiving promotional messages from us, you will continue to receive administrative messages from us. Some Internet browsers may be configured to send "Do Not Track" signals to online services. We currently do not respond to "Do Not Track" signals.
Delete Your Content or Close Your Account. You may request to delete specific content you have uploaded or to close your account entirely by contacting us at support@aragon.ai. Upon account closure, your Personal Data will become inaccessible and purged from our systems. Copies of your content may be held in backups of our systems after that period. These periods may be extended where required for legal purposes such as litigation holds or regulatory requests.
Linked third-party platforms. If you choose to connect to the Services through your social media account or other third-party platform, you may be able to use your settings in your account with that platform to limit the information we receive from it. If you revoke our ability to access information from a third-party platform, that choice will not apply to information that we have already received from that third party.
Declining to provide information. We need to collect Personal Data to provide certain Services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those Services.
Depending on where you reside, you may have the following legal rights:
Access and Portability. You may ask us to provide you with a copy of the Personal Data we maintain about you, including a machine-readable copy of the Personal Data that you have provided to us, and request information about its processing.
Rectification and Deletion. You may ask us to update and correct inaccuracies in your Personal Data, or to have the information anonymized or deleted, as appropriate.
Restriction and Objection. You may ask us to restrict the processing of your Personal Data, or object to such processing.
Consent Withdrawal. You may withdraw any consent you previously provided to us regarding the processing of your Personal Data, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdrew your consent.
Complaint. You may lodge a complaint with a supervisory authority, including in your country of residence, place of work, or where an incident took place. We would, however, appreciate the chance to deal with your concerns before you approach a supervisory authority, so please contact us in the first instance.
You may exercise these rights by contacting us using the contact details at the end of this Policy. Before fulfilling your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
6. Third Parties
Our Services may contain links to or integrations with other websites, products, or services, including AI models, that we do not own or operate. These links and integrations are not an endorsement of, or a representation that we are affiliated with, any third party. We are not responsible for the privacy practices of these third parties. Please be aware that this Policy does not apply to your activities on these third-party services or any information you disclose to these third parties. We encourage you to read their privacy policies before providing any information to them.
7. Security
We make reasonable efforts to protect your Personal Data by using physical and electronic safeguards designed to improve the security of the information we maintain. However, because no electronic transmission or storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your information, to the extent permitted by applicable law. You can read more about our information security practices at https://www.aragon.ai/security-policy.
We have put in place procedures designed to address breaches of Personal Data. In the event of a breach, we have procedures in place to work with applicable regulators. In addition, in certain circumstances (including where we are legally required to do so), we will notify you of breaches affecting your Personal Data.
8. Children's Privacy
We do not knowingly collect, maintain, or use Personal Data from children under 18 years of age, and no part of our Services is directed to children. If you learn that a child has provided us with Personal Data in violation of this Policy, then you may alert us by emailing us at support@aragon.ai. If we learn that we have collected Personal Data through the Services from a child without the consent of the child's parent or guardian where required by applicable law, we will take steps to delete such information in accordance with applicable law.
9. Cross-Border Data Transfers
Our Services are hosted in the United States (“U.S.”), and your Personal Data may be processed in the United States and other jurisdictions where we or our service providers operate. If you choose to use our Services from regions of the world with laws governing data collection and use that may differ from U.S. law, you acknowledge that your Personal Data will be transferred to, stored in, and processed in the United States and such other jurisdictions.
10. Changes to this Policy
We may update this Policy from time to time to reflect changes in our privacy practices. If we modify this Policy, we will indicate the date of the latest revision at the top of this Policy. If we materially change the ways in which we use or disclose Personal Data previously collected from you through the Services, we will notify you through the Services, by email, or other communication. Your continued use of the Services after the effective date of any updated Policy constitutes your acknowledgment of, and agreement to, the updated Policy.
11. Our Contact Information
Aragon AI is the entity responsible for, or the “data controller” of, the processing of your Personal Data as described in this Policy. Should you have any queries regarding this Policy, about Aragon AI's processing of your Personal Data or if you wish to exercise your rights with respect to your Personal Data, you can contact Aragon AI by email at support@aragon.ai or by writing to us at: 782 Superior Rd., Milpitas, CA 95035.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.Get your AI headshots today
Create your headshots now
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
AI Generated by Aragon
