Legal
Privacy Policy
Last updated: April 21, 2026
This policy explains what personal information DecorAI — the AI home design app published by Rocket Digital Limited — collects, how it is used, the third-party services that help us run the product, and the rights you have over your data.
1. Who we are
DecorAI (the "app", "we", "us", "our") is operated by Rocket Digital Limited, a company registered in Hong Kong at 1603, The L Plaza, 367-375 Queens Road Central, Hong Kong. You can reach our privacy team at hello@rocketdigital.ai. For the purposes of the EU GDPR and the UK GDPR, Rocket Digital Limited is the data controller of personal information processed through the DecorAI – AI Home Design App and this website.
2. Information we collect
2.1 Information you give us
- Room photos and images that you upload or capture for AI interior design.
- Prompts, style selections, saved designs, and preferences inside the app.
- Account information such as an Apple ID token, Google account identifier, email address, or display name if you choose to sign in.
- Support messages, feedback, and survey responses.
2.2 Information collected automatically
- Device information: model, operating system version, language, time zone, advertising identifier (when permitted), and a randomly generated installation identifier.
- App usage events: screens visited, features used, generation counts, crashes, and performance metrics.
- Approximate location derived from IP address for fraud prevention and regional content.
- Cookies and similar technologies on the website, as described in section 7.
2.3 Payment information
Subscriptions and one-time purchases are processed by Apple (App Store) and Google (Google Play). We do not receive or store your full payment card number. We receive transaction identifiers, subscription status, country, and currency from RevenueCat so we can unlock paid features for the correct account.
3. How we use your information
- To generate AI home design redesigns from the room photos you submit.
- To deliver and improve the DecorAI app, website, and related services.
- To authenticate users, sync designs across devices, and prevent abuse.
- To process subscriptions, trials, refunds, and receipts.
- To measure the performance of the product and our marketing with aggregated analytics.
- To respond to support messages, investigate incidents, and meet legal obligations.
- With your consent, to send product updates and relevant offers — you can opt out at any time.
4. Legal bases (EU/UK users)
- Contract — to provide the AI home design features you request and to deliver subscriptions you purchase.
- Legitimate interests — to keep the app secure, prevent fraud, improve features, and measure product performance.
- Consent — for non-essential analytics, personalised advertising identifiers on iOS (App Tracking Transparency), and certain marketing communications.
- Legal obligation — to meet tax, accounting, consumer-protection and regulatory requirements.
5. Third-party services we use
DecorAI is built on a small, deliberately chosen stack. Each of the services below processes only what it needs to do its job, under contracts that require appropriate security and data-protection standards.
| Service | Purpose | Data category |
|---|---|---|
| RevenueCat | Subscription management and entitlement sync | Purchase tokens, anonymous user ID, subscription status |
| Firebase (Google) | Authentication, cloud storage, crash reporting, remote configuration | Account identifiers, device tokens, crash logs, uploaded images |
| Google AdMob | In-app advertising on the free tier | Advertising identifier (with consent), coarse device signals |
| OpenAI | Natural-language prompt interpretation and design assistance | Prompt text, style selections, anonymous session identifiers |
| Microsoft Azure | Core compute, hosting, and secure storage of generated assets | Uploaded and generated images, logs, account identifiers |
| Replicate | AI image rendering (xAI Grok Imagine Image and related models) | Room photos, prompt text, generated images |
| Fal.ai | Additional AI rendering and image enhancement models | Room photos, prompt text, generated images |
| Google Analytics 4 | Website traffic and product analytics | Pseudonymous device identifiers, page events, IP (truncated) |
| Meta Pixel | Marketing measurement and audience modelling | Pseudonymous event identifiers, page events, hashed email where provided |
| Vercel Analytics | Privacy-friendly web performance analytics | Anonymised request metadata, page events |
6. How your room photos are handled
- Images are uploaded over encrypted connections and stored in isolated Microsoft Azure buckets, with access limited to authorised DecorAI systems.
- Room photos are sent to Replicate and/or Fal.ai only for the duration required to generate your redesign, then returned to your account.
- We do not sell your images, and we do not use your room photos to train third-party generative models without a separate, explicit opt-in.
- You can delete any saved design or your entire account from the DecorAI app at any time.
7. Cookies and similar technologies
The DecorAI website uses strictly necessary cookies to run, plus optional analytics and marketing cookies that only load when you allow them. Google Analytics 4, Meta Pixel, and Vercel Analytics may set or read identifiers on your browser. You can manage cookies at any time through your browser settings, or through any in-page consent banner we display in regions where consent is required.
8. Data retention
- Room photos and generated redesigns: retained while your account is active, unless you delete them sooner.
- Account data: retained while your account exists, then deleted or anonymised within 90 days of account closure, subject to legal obligations.
- Support messages: retained for up to 24 months after the issue is resolved.
- Aggregated analytics: retained in anonymised form for product research.
9. International transfers
DecorAI is a global product. Your information may be processed in jurisdictions outside your country of residence, including in the European Economic Area, the United Kingdom, the United States, and Hong Kong. Where required, we rely on the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, or other recognised transfer mechanisms to protect your information.
10. Your rights
Depending on where you live, you may have the right to access, correct, export, restrict, object to, or delete the personal information we hold about you, and to withdraw consent where processing is based on consent. To exercise any of these rights, email hello@rocketdigital.ai. You also have the right to lodge a complaint with your local data-protection authority.
11. Children
DecorAI is not directed at children under 13 (or under 16 in the EEA/UK), and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.
12. Security
We use TLS in transit, encryption at rest on Microsoft Azure, role- based access controls, and regular audits of our third-party processors. No system is perfectly secure, but we take reasonable and proportionate steps to protect your information.
13. Changes to this policy
We may update this privacy policy from time to time. When we do, we will revise the "last updated" date at the top of this page and, for material changes, notify you inside the app or by email.
14. Contact us
For privacy questions or requests, contact Rocket Digital Limited at hello@rocketdigital.ai, or write to us at 1603, The L Plaza, 367-375 Queens Road Central, Hong Kong.