Global Privacy Policy

Last updated: 06/05/2026

Privacy and data protection are fundamental priorities for EroticaMaker's operation. This Policy was outlined in accordance with the guidelines of the General Data Protection Regulation (GDPR) and equivalent global frameworks (such as the LGPD in Brazil), explaining the collection, purpose, and security provided to your information.

1. Data Minimization Principle

EroticaMaker does not act as a data broker. We capture only the information unconditionally necessary to enable your authentication, content generation, and payment processing. No data beyond the functional scope is clandestinely requested or mined.

• Authentication Identifiers: We collect a valid email address, a pseudonym chosen by the user, and the password. All passwords are unidirectionally encrypted ("salted & hashed") at the database level, being unreadable even to our technical team.
• Financial Processing: We do not store credit card numbers (PAN) or CVVs in our databases. The entire payment flow is managed end-to-end and tokenized by internationally certified gateways (e.g., Stripe or Mercado Pago) and audited by PCI-DSS standards. Our system retains only the confirmation (webhook) that the transaction was approved, linking the respective credits to your account.
• Sensitive Writing Data: We understand the intimate nature of the instructions provided to our Creative Engine. Your drafts, guidelines ("prompts"), and completed textual productions are protected within your panel and are not publicly accessible.

2. Consent on Technological Sharing

EroticaMaker's Artificial Intelligence infrastructure relies on integrations with Large Language Model (LLM) Providers, such as xAI or OpenAI. By using the "generate" button, you consent that your prompt will be anonymized and temporarily routed over encrypted connections (HTTPS/TLS) to these partners.

Active Protection: The requests (API) sent to these infrastructure providers are contracted under a "Business/Enterprise" regime, which includes strict clauses called "Zero Data Retention" (ZDR). This means that, by contract, the providers will not retain your stories on their servers or use your content to "train" future versions of AIs. Your fantasies remain private.

3. Automated Filters and Security Auditing

In compliance with strict federal legislation regarding the protection of children and youth, user privacy ceases upon suspicion of criminal practices (such as the intentional generation of content concerning child exploitation). We employ semantic surveillance robots ("Content Guards") that automatically score and flag prompts that severely violate our Terms of Use.

Such flagrant heinous crimes or attempts to use the platform for cybercrimes will revoke the confidentiality agreement with the owner, authorizing the company to fully cooperate with metadata (such as IPs, timestamps, and linked emails) upon requests from law enforcement authorities.

4. Transparency in Cookie Usage

Our platform implements embedded session technologies (Cookies) solely for the purpose of ensuring the software's functionality. "Strictly Necessary Cookies" are used to keep you logged into your account, preserve selections on screens, and mitigate risks of Cross-Site Request Forgery (CSRF) attacks. We do not use aggressive cross-site tracking systems (like parallel pixels on your unrelated browsing).

5. Your Rights (Consent and Deletion)

In full agreement with the GDPR and similar regulations, EroticaMaker guarantees the Data Subject:

• Right to be Forgotten: If you decide to no longer use the platform, you can close your account. Your access, system email, balances, and project histories will be permanently deleted. Documents generated for accounting and anti-fraud reasons related to payment transactions will be stored under a governmental "legal basis" for statutory periods stipulated by tax authorities, only.
• Data Portability: You have at your disposal in your interface the possibility to copy, export (PDF/EPUB), or download the textual content created while keeping the account active, without needing to contact intermediate support to retrieve your work.

6. Contacting Legal Leadership

To exercise civil rights attached to your data or to manifest regarding privacy, the User may direct requests to the official email of the Data Protection Officer (DPO): rp@b20.com.br.