Sign In

Privacy Policy

Last updated: March 27, 2026

Introduction

Mangen ("we", "us", or "our") is operated by Rafał Prymus, sole proprietorship (NIP: 9552277477, REGON: 382482709), with registered address at Przemocze 23B, 72-131, Zachodniopomorskie, Poland. Mangen is an AI-powered manga creation studio that allows you to design panels, generate artwork, and publish your stories. This Privacy Policy explains how we collect, use, and protect your personal information when you use our service.

Data Controller

The data controller responsible for your personal data is: Rafał Prymus (Mangen), Przemocze 23B, 72-131, Poland. NIP: 9552277477. For any questions regarding the processing of your personal data, you can contact us at: contact@mangen-studio.com

Legal Basis for Processing (GDPR)

We process your personal data on the following legal bases under Article 6 of the GDPR:

  • Performance of a contract — to provide you with the Mangen service, manage your account, process payments, and deliver the features you use (Art. 6(1)(b))
  • Legitimate interest — to maintain service reliability, monitor errors, prevent abuse, and improve the service (Art. 6(1)(f))
  • Consent — for optional features such as session replay analytics; you may withdraw consent at any time via Cookie Settings (Art. 6(1)(a))
  • Legal obligation — to comply with applicable laws, such as retaining payment records for tax and accounting purposes (Art. 6(1)(c))

Information We Collect

Account Information

When you register, we collect your email address, display name, and password. Your password is stored as a secure bcrypt hash — we never store it in plain text.

Payment Information

Payments are processed by Stripe. We store only your Stripe customer ID. We do not store or have access to your credit card numbers or banking details. Stripe processes your payment data in accordance with their privacy policy. stripe.com/privacy

Content You Create

Your manga projects, pages, characters, items, and uploaded images are stored on Amazon Web Services (AWS) S3 servers in the EU North (Stockholm) region.

AI Generation Data

When you use AI image generation features, your prompts and reference images are sent to third-party AI providers (Google Gemini, Anthropic Claude, and OpenAI) for processing. We do not store conversation history with AI providers. We use these providers through their paid API services, which by default do not use your data for model training. However, each provider's data processing is governed by their own privacy policies and API terms, which may change over time.

Technical Data

We use Sentry for error tracking and performance monitoring to maintain service reliability (legitimate interest). This may include your IP address, browser information, and device information. With your explicit consent, we also enable Sentry Session Replay, which records anonymous interaction data (clicks, scrolling, navigation) to help us improve the user experience. Session Replay is only active if you opt in via the cookie consent banner. All Sentry data is sent to their EU datacenter (Germany).

Local Storage

We store the following data in your browser's local storage: authentication tokens (for keeping you signed in), language preference, and UI state preferences. This data never leaves your browser.

How We Use Your Information

  • Provide, maintain, and improve the Mangen service
  • Process payments and manage your account credits
  • Send transactional emails (email verification, password reset) via AWS SES
  • Generate AI artwork based on your prompts and references
  • Monitor and fix errors and improve performance (via Sentry)

Data Sharing & Third Parties

We do not share, sell, rent, or disclose your personal data to any third party for their own purposes. The only parties that receive your data are the technical service providers strictly necessary to operate Mangen:

We do not sell your personal data to any third party.

Data Storage & Security

Your data is stored on AWS servers in the EU North (Stockholm) region. We use HTTPS encryption for all data in transit, bcrypt hashing for passwords, and JWT tokens with automatic rotation for session management. While we take reasonable measures to protect your data, no system is completely secure.

Data Retention

We retain your account data for as long as your account is active. Your generated images and project content are stored until you delete them or your account. Sentry data is retained according to Sentry's retention policies. Payment transaction records are kept for legal and accounting purposes.

Account Deletion

When you delete your account, all your data is immediately and permanently removed from our systems. This includes your profile, all projects, pages, characters, items, generated images, uploaded files, credit history, and any other content you created. This action is irreversible — once deleted, your data cannot be recovered. Images stored on AWS S3 are deleted as part of this process.

International Data Transfers

Your data is primarily stored and processed within the European Economic Area (AWS EU North, Sentry EU). However, some of our AI providers (OpenAI and Anthropic) may process data in the United States. These transfers are carried out on the basis of Standard Contractual Clauses (SCCs) approved by the European Commission and/or the EU-US Data Privacy Framework, ensuring an adequate level of data protection as required by the GDPR.

Your Rights (EEA/UK — GDPR)

If you are in the European Economic Area or the United Kingdom, you have the following rights:

  • Right of access — request a copy of your personal data
  • Right to rectification — correct inaccurate data
  • Right to erasure — request deletion of your data
  • Right to restriction — limit how we process your data
  • Right to data portability — receive your data in a structured format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — withdraw consent at any time where processing is based on consent
  • Right to lodge a complaint — you have the right to lodge a complaint with a supervisory authority. If you are in Poland, you can contact the President of the Personal Data Protection Office (UODO) at uodo.gov.pl. If you are in another EEA country, you may contact your local data protection authority.

Your Rights (California — CCPA)

If you are a California resident, you have the following rights:

  • Right to know — what personal information we collect and how we use it
  • Right to delete — request deletion of your personal information
  • Right to opt-out — we do not sell personal information, so this right does not apply
  • Right to non-discrimination — we will not discriminate against you for exercising your rights

Children's Privacy

Mangen is not directed at children. In the European Economic Area, we do not knowingly collect personal information from children under 16 years of age (in accordance with GDPR Art. 8). In the United States, we do not knowingly collect personal information from children under 13 years of age (in accordance with COPPA). If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a notice on our service. Your continued use of Mangen after changes are posted constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at: contact@mangen-studio.com