Galaxium AI
Galaxium AIby Galaxium Studios
Terms of ServiceGet Started
Legal

Privacy Policy

Last updated: March 17, 2025

This Privacy Policy explains how Galaxium Studios collects, uses, and protects your information when you use Galaxium AI. We are committed to protecting your privacy and being transparent about our data practices.

1. Information We Collect

When you use Galaxium AI, we collect the following information:

  • Roblox username and display name (via OAuth2 authentication)
  • Roblox user ID (to identify your session)
  • Roblox avatar URL (to display your profile picture in the dashboard)
  • Prompts you submit to the AI generator
  • Basic usage data such as generation requests and timestamps

We do NOT collect your Roblox password, Robux balance, inventory, private messages, or any sensitive account data.

2. How We Use Your Information

We use the information we collect to:

  • Authenticate your identity via Roblox OAuth2
  • Display your username and avatar in the dashboard
  • Process and respond to your AI generation requests
  • Improve the quality and accuracy of our AI models
  • Monitor for abuse and enforce our Terms of Service

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

3. Authentication & Sessions

We use Roblox OAuth2 to authenticate users. When you sign in, Roblox provides us with an access token stored in a secure, httpOnly cookie on your browser. This cookie expires when your session ends or when the Roblox token expires.

We do not store your Roblox access token on our servers beyond the duration of your session.

4. Cookies

We use the following cookies:

  • galaxium_session — stores your encrypted session data, httpOnly, expires with your Roblox token
  • roblox_oauth_state — a temporary CSRF protection token used during the OAuth flow, deleted after login

We do not use advertising cookies, tracking pixels, or any third-party analytics cookies.

5. Cloudflare

We use Cloudflare for DDoS protection, performance optimization, and human verification (Turnstile). Cloudflare may collect certain technical data including IP addresses as part of its security services.

Cloudflare Turnstile is used to verify that users are human before authenticating. The verification process is privacy-preserving and does not use tracking cookies.

6. Data Storage & Security

Session data is stored in encrypted cookies on your browser. We do not maintain a persistent database of user accounts or generated scripts. We implement HTTPS encryption, httpOnly cookies, and CSRF protection.

7. Third-Party Services

Galaxium AI integrates with:

  • Roblox — for OAuth2 authentication (governed by Roblox's Privacy Policy)
  • Cloudflare — for security and performance (governed by Cloudflare's Privacy Policy)
  • Vercel — for hosting and deployment (governed by Vercel's Privacy Policy)

8. Your Rights

You have the right to access, delete, or opt out of data collection by discontinuing use of the Service. You can withdraw your Roblox OAuth authorization at any time via your Roblox account settings.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us through our Roblox group or Discord community. We aim to respond to all privacy-related inquiries within 48 hours.

← Terms of Service