Privacy Policy
Oona v1 Beta
Last updated: May 20, 2026
Privacy contact: privacy@oona.casa
1. Who We Are
Oona is an AI-powered interior design assistant, currently offered as a beta and operated by its creators. If Oona later transfers operations to a company or another successor entity, this policy may be assigned or updated as described in the Terms.
For purposes of privacy laws that use the terms "controller" or "business," Oona's creators (the beta operator) are responsible for deciding how personal information is processed in Oona, except where a service provider processes data under its own terms for its own legally permitted purposes.
2. Scope
This Privacy Policy applies to Oona's website, web app, beta product, upload and project workflows, chat features, AI-generated renders, public share pages, legal pages, and support communications.
It does not apply to third-party websites, products, retailers, contractors, or services that Oona links to but does not operate.
3. Eligibility
Oona is intended for users who are at least 18 years old. Oona is not directed to children or teenagers. Do not use Oona or upload content if you are under 18.
4. Information We Collect
We collect information you provide, information created while you use Oona, and limited technical information needed to run, secure, debug, and improve the service.
| Category | Examples |
|---|---|
| Account data | Email address, user ID, authentication provider, login timestamps |
| Profile and settings | Display name, profile details, preferences, units, theme, analytics consent |
| Uploaded content | Room photos, inspiration images, annotations, masks, project notes, style and budget preferences |
| Generated content | AI renders, design plans, render intents, design summaries, image versions |
| Chat and prompts | Messages you send to Oona, AI responses, conversation metadata |
| Room analysis | Vision analysis, room summaries, object metadata, project context reused in future chats for the same project |
| AI request data | Prompts, signed image links, room metadata, model IDs, outputs, latency, traces |
| Product analytics | Feature usage, page views, upload/render/chat events, referrer, settings changes, only where analytics consent is granted |
| Diagnostics and security | User ID, stack traces, scrubbed errors, request context, security logs |
| Cookies and local storage | Supabase auth cookies, consent preference storage, essential app preferences |
| Communications | Support emails and authentication emails |
Please do not upload photos that show faces, addresses, mail, documents, financial or medical information, children's identifying information, valuables, alarm systems, or other sensitive personal information unless you have authority to do so and are comfortable with the risk.
If you sign in through a third-party identity provider, such as Google, Oona receives the account information that provider shares with Oona for authentication, such as your email address, account identifier, and basic profile details. Your use of that provider remains subject to its own terms and privacy policy.
Oona does not need and does not intentionally request special-category or highly sensitive personal information, such as health, biometric, precise financial, government ID, racial or ethnic origin, political, religious, sexual-orientation, or children's information. Because room photos can accidentally reveal sensitive details, you are responsible for reviewing uploads before submitting them.
5. How We Use Information
We use information to:
- Create and secure your account.
- Let you upload images and save projects.
- Analyze rooms and generate design suggestions.
- Process prompts, images, and project context through AI model infrastructure.
- Save conversation and project history.
- Generate, track, and display renders and image versions.
- Provide public share links when you choose to share.
- Respond to support and privacy requests.
- Monitor, debug, secure, and improve service reliability.
- Perform product analytics if you consent.
- Prevent abuse, enforce terms, and comply with legal obligations.
6. AI Processing
Oona uses third-party AI infrastructure to provide the service. Your prompts, room photos, signed image links, room metadata, and AI outputs may be processed by Oona's systems, Vercel AI Gateway, model providers such as Google, Anthropic, and OpenAI, and Oona's AI observability provider, Langfuse.
Oona does not train its own models on your content. Under our AI providers' commercial and API terms, your content is not used to train their models. We do not describe analytics consent as consent to model training.
Our providers may retain content for limited periods to deliver the service, comply with their own policies, and maintain safety and security, as described in their respective terms. See our Subprocessors page for the current list of AI providers.
7. Images, Storage, and Sharing
New uploaded images and generated renders are stored in private Supabase Storage. Oona grants access through short-lived signed links for product display, AI processing, and explicit sharing workflows.
If you create a public share link, people with that share link may view the shared project content until the link is revoked or expires, if expiration is supported.
Older copied or raw public storage URLs from before our move to private storage may remain accessible until migrated, deleted, or expired where technically possible. Do not treat any internet-shared URL as secret once it has been copied outside Oona.
8. Analytics and Consent
PostHog product analytics are off by default unless you consent through the cookie banner or privacy settings. If enabled, analytics events may be tied to your user ID and email address. We do not call analytics anonymous when it is associated with an account.
You can withdraw analytics consent in the app's privacy preferences. Withdrawing consent does not necessarily delete analytics events already collected, but you may contact us to request deletion or further action.
9. Diagnostics and Observability
Oona uses Sentry for essential error monitoring and diagnostics. Sentry is configured with default PII disabled, Replay disabled for beta, and payload scrubbing for sensitive keys, emails, and storage URLs where feasible. Sentry may still receive user IDs, stack traces, and diagnostic context.
Oona uses hosted Langfuse for AI observability when configured in production. Langfuse may receive prompt text, model outputs, user IDs, session IDs, project IDs, latency, and model metadata for reliability, debugging, and prompt evaluation. Oona configures retention, masking, and sampling to limit unnecessary prompt and output retention.
10. When We Share Information
We share information with service providers that help operate Oona, including:
- Hosting, database, authentication, and storage providers.
- AI gateway and model providers.
- Error monitoring and AI observability providers.
- Product analytics providers, where you consent.
- Email/authentication and support providers.
- Professional advisors, authorities, or counterparties where legally required or necessary to protect rights, safety, or security.
We do not currently sell personal information or use cross-context behavioral advertising. If Oona adds retargeting, affiliate pixels, advertising networks, or similar technologies in the future, we will update this policy and provide the required consent or opt-out controls before launching them.
11. Legal Bases for EU/UK Users
Where EU or UK privacy law applies, Oona relies on:
- Contract necessity to provide the app, account, upload, AI, project, and share features.
- Legitimate interests to secure, debug, prevent abuse, and improve service reliability.
- Consent for optional product analytics and any optional marketing.
- Legal obligations where Oona must comply with law or valid legal process.
You may object to processing based on legitimate interests where applicable.
12. Cookies and Local Storage
Oona uses essential cookies and local storage for authentication, security, consent storage, and app functionality. Optional analytics storage is used only if you consent. See the Cookie Policy for the named cookie/storage table.
13. Retention
Oona keeps account, project, chat, image, and settings data while your account is active or as needed to provide the service. If you delete your account, Oona deletes active Supabase database, storage, and auth records where feasible.
Some information may remain for limited periods in backups, logs, caches, vendor systems, or records needed for legal, security, fraud-prevention, dispute, or compliance purposes. Account deletion does not automatically propagate to our analytics and observability providers (PostHog, Sentry, Langfuse); for verified deletion requests, we manually delete or suppress associated data in those systems where legally required and technically available.
14. Your Privacy Rights
Depending on where you live, you may have rights to access, know, correct, delete, export, restrict, or object to processing of your personal information. You may also have the right to withdraw consent and appeal certain decisions.
Requests should be sent to support@oona.casa. We respond within the legally required time after verifying your request.
Self-serve account deletion is available in the app. A self-serve data export is not yet available; to request a copy of your data, contact us and we will provide it manually.
15. California and Certain US State Rights
Residents of California and certain other US states may have rights to know/access, delete, correct, obtain a portable copy, opt out of sale/share or targeted advertising where applicable, and not be discriminated against for exercising privacy rights.
Oona does not currently sell personal information or use cross-context behavioral advertising. If this changes, Oona will add the required notices and opt-out mechanisms before launching those features.
16. International Transfers
Oona is built for a US-based beta and uses service providers that may process information in the United States, European Union, United Kingdom, and other countries. Where required, Oona relies on contracts, data processing addenda, Standard Contractual Clauses, Data Privacy Framework participation, or other lawful transfer mechanisms.
17. Security
Oona uses reasonable technical and organizational safeguards, including Supabase Row Level Security, private storage for new images, signed links, access controls, minimized diagnostics, and vendor security controls. No internet service can be guaranteed to be perfectly secure.
18. Product Clipper Extension
If you use the Oona Product Clipper (Chrome extension), product text and images you choose in the side panel are sent to Oona's servers over HTTPS so they can be saved to your workspace. Selected images may be re-uploaded from your browser or fetched via the extension background context and stored in Oona-managed storage.
Clipper actions that create or update library items are recorded in Oona's admin audit log (who, when, source URL, adapter metadata, and related product fields) for security and operations. Retention follows Oona's standard administrative logging policy; contact us if you need a data-processing summary for your organization.
19. Changes
Oona may update this policy as the beta changes. Material changes will be communicated in a reasonable way. If a change materially expands how Oona uses personal information, Oona will request consent where required by law.
20. Contact
General support and privacy requests: support@oona.casa
Back to Oona