Privacy Policy
This Policy explains how 3813 AI LABS LLC, a Delaware limited liability company, handles personal data when you use Lovicons, including its AI generation tools, hosted icon library, API, and MCP server.
Effective June 12, 2026
Scope and controller
3813 AI LABS LLC is the controller of personal data described in this Policy unless we process data solely on behalf of a business customer under a separate agreement. This Policy covers Lovicons websites, accounts, applications, APIs, MCP tools, support, and related services. It does not govern third-party websites or services linked from Lovicons.
Information we collect
- Account and profile data, including email address, password credentials handled by our authentication provider, optional display name, avatar URL, phone number, authentication method, and optional authenticator-app settings.
- Customer content, including pack names, prompts and creative briefs, icon concepts, style and color settings, generated SVG icons, logo-generation inputs and outputs, and materials you choose to provide.
- API and agent data, including token labels, cryptographic token hashes, last four token characters, token scope, creation, revocation and last-used times, requested pack or icon, and MCP/API actions.
- Usage and technical data, including generation and fetch counts, event timestamps, limited event metadata, IP address, browser or device information, request and security logs that our hosting providers may create, and errors needed to operate and secure the service.
- Billing and transaction data when payments are enabled, such as plan, renewal status, payment status, invoices, and limited payment-method details received from our payment processor. We do not intend to store full card numbers.
- Communications and support data, including messages, feedback, legal requests, and records needed to resolve your request.
Local storage and cookies
Lovicons currently uses browser local storage to keep you signed in and remember settings such as theme and saved color presets. These items are necessary for account sessions and requested preferences. We do not currently use third-party advertising cookies or third-party behavioral analytics in the application. Our infrastructure providers may use essential technologies or maintain standard request logs to deliver and secure the service.
If we later add non-essential analytics or advertising technologies, we will update this Policy and provide consent controls where required.
How we use information
- provide accounts, authentication, generation, storage, exports, hosted icons, APIs, MCP tools, support, and billing;
- process prompts and settings to generate requested icons and logos;
- measure plan usage, enforce fair-use and API limits, prevent abuse, troubleshoot, secure tokens and accounts, and maintain service reliability;
- communicate about authentication, transactions, security, support, service changes, and legal terms;
- comply with law, enforce agreements, investigate fraud or infringement, and protect users, 3813 AI LABS LLC, and the public; and
- analyze aggregated or de-identified service performance that does not reasonably identify an individual.
AI processing and no training
We send the prompt, requested icon names, style parameters, and related instructions needed to generate an output through our AI service infrastructure. We do not use customer prompts, uploaded materials, generated icons, or generated logos to train generative AI models. We direct service providers processing this content for us to use it only to provide, protect, and support the requested service, subject to their contractual obligations.
Do not submit sensitive personal data, confidential information you are not authorized to share, regulated health or financial data, government identifiers, or information about children. AI systems can produce unexpected results; review outputs before publishing them.
Legal bases for processing
Where GDPR, UK GDPR, or similar laws apply, we process data as necessary to perform our contract with you, pursue legitimate interests in operating, securing, improving, and protecting Lovicons, comply with legal obligations, and obtain consent where required. You may withdraw consent at any time, without affecting earlier lawful processing. We balance legitimate interests against your rights and expectations.
How we disclose information
We do not sell personal data or share it for cross-context behavioral advertising. We disclose information only as needed to the following categories:
- cloud database and authentication providers that store accounts, packs, icons, tokens, roles, and usage records;
- hosting, content-delivery, security, and infrastructure providers that process requests and technical logs;
- AI infrastructure providers that process generation inputs and return requested outputs;
- open-source icon delivery providers when your browser or our server requests a curated icon;
- payment and billing providers when you purchase a plan;
- professional advisers, authorities, courts, and other parties when reasonably necessary for law, safety, fraud prevention, or enforcement; and
- a buyer, investor, lender, or successor in connection with a merger, financing, reorganization, or sale, subject to appropriate safeguards.
Public links, API tokens, and connected agents
Your generated packs are private to your account unless you access or share them through an authorized token or public feature. Anyone who obtains a usable token or token-bearing URL may be able to retrieve its permitted icons. Keep tokens confidential, avoid placing secrets in public code, and revoke exposed tokens promptly.
When you connect Lovicons to Lovable, Cursor, Claude, or another agent environment, that provider processes your prompts, tokens, project context, and agent actions under its own privacy terms. We receive only requests sent to Lovicons. Review the connected provider’s settings and permissions before authorizing an agent.
Retention
We keep account and customer content while your account is active or as needed to provide the service. Deleting a pack removes it from active service systems, subject to limited backup retention. Revoked token records and usage events may be retained for security, fraud prevention, billing, dispute resolution, and legal compliance. Support, transaction, and legal records may be kept for the period required by law or reasonably necessary for those purposes.
You may request account deletion at hello@lovicons.com. After verifying the request, we will delete or de-identify personal data unless retention is required for legal obligations, security, fraud prevention, payment records, disputes, or establishment and defense of legal claims. Backups are deleted on their normal cycle and isolated from ordinary use.
International transfers
Lovicons and its providers may process information in the United States and other countries whose data-protection laws differ from yours. Where required, we use recognized safeguards such as standard contractual clauses, adequacy decisions, or another lawful transfer mechanism. By using a global online service, your data may be processed outside your country of residence.
Security
We use administrative, technical, and organizational safeguards designed to protect information, including access controls, user-scoped database rules, authenticated server requests, hashed API tokens, token scoping and revocation, optional multi-factor authentication, and sanitization of generated SVG content. No system is completely secure, so we cannot guarantee absolute security. You are responsible for securing your credentials and devices.
Your privacy rights
Depending on where you live, you may have rights to access, correct, delete, restrict or object to processing, obtain a portable copy, withdraw consent, or appeal a denied request. You may also have the right to complain to your local data-protection authority. We will not discriminate against you for exercising applicable rights.
Submit a request to hello@lovicons.com from your account email. We may verify your identity and authority before responding. Authorized agents must provide proof of authority, and we may still verify the request directly with you. We do not currently sell personal data, share it for cross-context behavioral advertising, or use it for solely automated decisions producing legal or similarly significant effects.
Adults only
Lovicons is intended only for people aged 18 or older. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us so we can investigate and delete it where appropriate.
Changes to this Policy
We may update this Policy to reflect changes in our service, providers, or legal requirements. We will post the revised Policy with a new effective date and provide additional notice for material changes where required. If a change requires consent, we will request it before applying that change.
Contact
For privacy questions or requests, contact 3813 AI LABS LLC at hello@lovicons.com. A mailing address and representative details will be provided where required by applicable law or upon a verified legal request.