Skip to content
RNDRS
Start free

Privacy Policy

Last updated: June 2026

1. Who we are

RNDRS ("we", "us") operates rndrs.ai, a node-based AI rendering platform for architecture and design professionals. This policy explains what we collect, why, and the choices you have. Questions: use the contact page.

2. What we collect

Account data: name, email, password hash (or Google account identifier), and onboarding answers (profession, team size, referral source). Content: images you upload, prompts you write, and the renders you generate. Usage & billing: credit transactions, subscription status (via Lemon Squeezy), device and log data including IP address for security and rate limiting.

3. How we use it

To run the service: storing your projects, generating renders through our AI model providers, metering credits and processing payments. To secure it: fraud prevention, abuse detection, rate limiting. To improve it: aggregate, de-identified usage analytics. We do not sell your personal data, and we do not use your uploads or renders to train AI models.

4. AI processing

When you generate, your input images and prompts are transmitted to our inference provider (fal.ai) to produce the output, then stored in our object storage (Cloudflare R2) so they appear in your library. Inference providers process this data as our processors and do not retain it for their own purposes beyond operational requirements.

5. Payment data

Payments are processed by Lemon Squeezy as merchant of record. We never see or store your full card number — only billing status, card brand and last four digits for display.

6. Cookies

We use strictly necessary cookies for authentication and security (session cookies, CSRF protection, Cloudflare bot protection). We do not run third-party advertising trackers.

7. Retention & deletion

Your content stays until you delete it or your account. Deleting a render removes the file from storage. You can delete your account anytime from Settings → Delete account: access is revoked immediately and your data is retained only for a short recovery window before it is permanently erased. You can also contact us to request deletion.

8. Your rights

Depending on your jurisdiction (including GDPR and CCPA), you may have rights to access, correct, export or delete your personal data, and to object to certain processing. Contact us to exercise any of these; we respond within the legally required window.

9. Security

Data in transit is encrypted with TLS. Passwords are hashed with modern algorithms. Access to production systems is restricted and audited. No system is perfectly secure — report concerns via the contact page and we will investigate promptly.

10. Changes

We may update this policy as the product evolves. Material changes will be announced in-app or by email. Continued use after changes take effect constitutes acceptance.