Privacy.

The only identifying data tied to a studio is your email and (optionally) the studio name you’d like printed on your listings. We don’t ask for an address, a phone number, or a real name. Passwords are stored salted and hashed; we cannot read them.

The patterns, testers, swatches, milestones, and generated images you create are stored on your behalf so your gallery survives a browser refresh. They are scoped to your studio and never returned in another customer’s requests.

Generated images live in private object storage and are served via short-lived signed URLs — anyone without a fresh signed link can’t reach the file.

We never sell account data, never share it for advertising, and never use your records, swatches, or generated output to train models. The AI providers we route generations through do not retain your inputs for training under their commercial API terms.

A single HTTP-only session cookie is set when you sign in. It contains a random session identifier — nothing else. No analytics, advertising, or third-party tracking cookies are set by Vortle.

Top-up payments are processed by a PCI-compliant payment processor. Card data is never sent to or stored by Vortle; we only see the amount, currency, and a token identifying the order so we can credit your wallet.

Write to studio@vortle.example to export your records, request deletion of your studio, or ask a privacy question. We respond within a working day and complete export or deletion within thirty days.