Your content is your own.
What we do, what we don't, and how to delete it.
We don't train models on your inputs.
Every job runs on hosted, off-the-shelf models. Magic Genie never fine-tunes on customer content.
You own every output.
Generated assets are yours to use commercially. We retain a copy for the run history; you can delete any run from Gallery.
Inputs are encrypted in transit and at rest.
TLS 1.3 for transport. AES-256 for stored artifacts on Cloudflare R2. Database is encrypted at rest.
Short retention by default.
Uploaded source files are deleted 30 days after the run completes. Outputs persist as long as the result lives in your account.
No third-party tracking on the editor.
Anonymous analytics only. We use first-party event logging.
HIPAA / SOC 2 — not yet.
We're not certified. If you need a BAA or formal compliance attestation, contact us.
Deleting a run
Open the run in Gallery and choose Delete. Source files and outputs are removed from storage. We keep a minimal audit record (timestamp, account id, operator id) for billing and abuse-prevention.
Have a security question or want to disclose a vulnerability?
Email us at security@magicgenie.ai. Responsible disclosure is appreciated — we'll respond within two business days.