Privacy Policy for MOCKLIO

Name: Art Mockup Generator & Art Video Reels for Artists | MOCKLIO
Price: 19.99 USD
Rating: 4.9 (196 reviews)
Author: Basti

Last Updated: June 9, 2026

This policy applies to mockl.io and the MOCKLIO web and mobile apps. A separate, shorter policy applies to public artist portfolio pages (e.g. artistname.mockl.io).

1. Who We Are (Data Controller)

MOCKLIO

Operated by Sebastian Kluger (Einzelunternehmer)

Gensinger Straße 23, 10315 Berlin, Germany

Privacy contact: contact@mockl.io

Website: mockl.io

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use MOCKLIO’s platform services (account, mockups, video renders, portfolios, deal room, and payments). By using these services, you acknowledge this policy. If you do not agree, please do not use MOCKLIO.

2. Information We Collect

2.1 Information You Provide

Account & identity: Name, email address, and authentication data (email magic link or Google sign-in). If you use Google sign-in, we receive basic profile information Google shares with us (typically name, email, and profile image).

Profile & preferences: Instagram username, subscription tier, credits, onboarding progress, cookie consent choice, and similar account settings.

Uploaded content: Artwork images and related files you upload to create mockups and videos. You are solely responsible for ensuring you have the right to upload and use these files; see our Terms of Service for copyright and takedown procedures.

Portfolio & listings: Text, images, videos, prices, and contact details you publish in your portfolio or shop.

Deal Room (buyers): If you inquire about an artwork without a MOCKLIO account, we collect your name, email, and postal address to facilitate the introduction between buyer and seller.

AI portfolio wizard: Artist bio, style preferences, and similar text you enter when generating a portfolio with AI (see Section 3.5).

Payment-related data: We do not store full card numbers. Payment details are processed by our payment providers (Stripe on the website; Paddle for legacy website subscriptions; Apple App Store via RevenueCat for iOS in-app purchases). We retain transaction references, amounts, and subscription status for billing support and legal compliance.

Support & communications: Messages you send to us and emails we send you (service updates, onboarding, and account-related notices).

2.2 Information Collected Automatically

When you use MOCKLIO, we automatically collect technical and usage data. Under GDPR, data such as IP address, device identifiers, and browsing activity is considered personal data where it can be linked to you.

• Device and browser type, operating system, and language

• IP address and approximate country (derived server-side)

• Pages visited, features used, and timestamps

• Referring URLs and on-site navigation paths

• Session and anonymous identifiers for product analytics

• Authentication session cookies (required to keep you logged in)

• Google Analytics data (only if you accept cookies via our cookie banner)

• Vercel Web Analytics (privacy-oriented, cookieless page-view metrics — see Section 8.2)

2.3 Information From Third Parties

We may receive information from payment processors (payment status, customer IDs), Google (if you sign in with Google), and Apple/RevenueCat (mobile subscription entitlements synced to your MOCKLIO account).

3. How We Use Your Information

3.1 Service Delivery

• Create image mockups and video animations from your uploads

• Host and display your portfolio and shop listings

• Operate the Deal Room and generate deal documents

• Manage your account, credits, and subscriptions

• Authenticate you and keep your session secure

3.2 Uploaded Files

We use your uploaded artwork solely to provide the services you request — for example, placing your art in room mockups, rendering videos, and showing results in your account or published portfolio. We do not sell your uploads. Generated outputs are delivered to you; public display occurs only where you choose to publish a portfolio or listing.

3.3 Communications

• Send transactional emails (login links, render ready, receipts)

• Respond to support requests

• Send onboarding and product tips (you may unsubscribe from non-essential emails)

• Notify you of material changes to this policy or our Terms

3.4 Product Analytics (First-Party)

We record first-party product events (e.g. feature usage, errors, funnel steps) in our own database. This processing is essential to operate, secure, and improve MOCKLIO — including diagnosing bugs, measuring reliability, preventing abuse, and understanding which features work. It is not sold to third parties and is not used for third-party advertising. When you are logged in, events may be linked to your account; otherwise we use anonymous session identifiers.

3.5 AI Portfolio Generation

If you use the AI portfolio wizard, we send the text and metadata you provide (e.g. artist bio, style preferences, media counts — not your image files themselves) to DeepSeek via our AI infrastructure to generate layout and copy suggestions. If the AI service is unavailable, we use a built-in fallback. We do not use your data to train public AI models.

3.6 Security, Fraud & Legal Compliance

• Rate limiting, abuse detection, and incident response

• Maintaining tax and accounting records for payments

• Responding to lawful requests and enforcing our Terms

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA) or UK, we process personal data on the following bases:

Contract (Art. 6(1)(b)): Account management, mockup/video generation, portfolio hosting, deal room, and payment fulfillment.

Legitimate interests (Art. 6(1)(f)): First-party product analytics, security monitoring, bug diagnosis, service improvement, and Vercel Web Analytics — balanced against your rights; you may object (Section 8).

Consent (Art. 6(1)(a)): Google Analytics cookies (only after you accept via our cookie banner), and any optional marketing emails where consent is required.

Legal obligation (Art. 6(1)(c)): Tax, accounting, and regulatory record-keeping.

5. How We Share Information

5.1 We Do Not Sell Your Data

We do not sell your personal information. We do not share it with third parties for their own marketing purposes.

5.2 Service Providers (Processors)

We use trusted providers who process data on our behalf, only as needed to deliver the service:

Supabase — authentication, database, and file storage (EU/US)

Vercel — website hosting and privacy-oriented Web Analytics

Google Cloud — video rendering and delivery of generated media

Stripe — website payments and subscriptions

Paddle — legacy website Merchant of Record for historical subscriptions

Apple App Store / RevenueCat — iOS in-app purchases and entitlement sync

Resend — transactional and service email delivery

Google Analytics — traffic measurement (consent required; see Section 8)

DeepSeek — AI text processing for portfolio wizard suggestions

Google — OAuth sign-in (if you choose Google login)

Each provider maintains its own privacy policy. We use contractual safeguards (including Standard Contractual Clauses where required) for international transfers.

5.3 Public Content You Publish

Information you publish on a public portfolio or listing (e.g. artist name, artwork, prices, contact links) is visible to anyone who visits that page. You control what you publish.

5.4 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect rights, safety, and security.

5.5 Business Transfers

If MOCKLIO is involved in a merger, acquisition, or asset sale, your information may transfer as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

6. Data Retention

We keep data only as long as necessary for the purposes above:

Account data: While your account is active; deleted or anonymized within 30 days of a confirmed deletion request, except where law requires longer retention.

Uploads & generated media: Until you delete them or your account is deleted, plus a short backup window (up to 30 days).

Deal Room records: For the life of the deal and up to 6 years thereafter for legal and dispute purposes.

Payment records: Up to 10 years as required by German tax and commercial law.

First-party analytics events: Up to 24 months, then aggregated or deleted.

Google Analytics:Per Google’s retention settings (configurable; default up to 14 months).

Support emails: Up to 3 years after the ticket is closed.

Request deletion at contact@mockl.io.

7. Data Security

We use technical and organizational measures including encryption in transit (TLS), access controls, authenticated APIs, rate limiting, and need-to-know access to production systems. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

8. Your Rights and Choices

8.1 GDPR / EEA Rights

You may request access, correction, deletion, restriction, portability, or object to processing based on legitimate interests. You may withdraw consent at any time (without affecting prior lawful processing). Contact contact@mockl.io; we respond within 30 days. You may lodge a complaint with the Berlin Commissioner for Data Protection.

8.2 Cookies & Tracking

Essential cookies: Authentication session cookies are required to keep you logged in.

Google Analytics:Loaded only if you click “Accept” on our cookie banner. If you click “Opt out,” Google Analytics is not loaded. Your choice is stored in your browser and, if logged in, in your account profile.

Vercel Web Analytics:We use Vercel’s privacy-oriented analytics to measure page views. It does not use advertising cookies and does not require consent under our current configuration. You can still block it with browser privacy tools.

First-party analytics: Operates as described in Section 3.4 and is necessary for service operation and bug tracking; it is not disabled by the cookie banner.

8.3 Marketing Communications

Unsubscribe from non-essential emails via the link in any marketing message or by contacting us. Transactional emails (receipts, security, render notifications) cannot be opted out while you have an account.

8.4 Account Settings

Update your name, Instagram username, and other profile fields in your dashboard. For data export or deletion, email us.

9. Children’s Privacy

MOCKLIO is not directed to anyone under 18. We do not knowingly collect personal information from minors. If you believe a child has provided us data, contact contact@mockl.io and we will delete it.

10. International Data Transfers

Your data may be processed in the EU, United States, and other countries where our providers operate. When transferring data from the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses and provider compliance programs.

11. Third-Party Links

Our site may link to third-party websites (e.g. artist Instagram, payment portals). We are not responsible for their privacy practices. Review their policies before sharing data with them.

12. Policy Updates

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be notified by email to registered users. The “Last Updated” date shows the current version.

13. Do Not Track

Some browsers send “Do Not Track” signals. There is no industry standard for responding to DNT; we do not currently alter tracking based on DNT alone. Use our cookie banner to control Google Analytics.

14. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and disclose

• Request deletion of your personal information

• Request correction of inaccurate personal information

• Opt out of the “sale” or “sharing” of personal information — we do not sell or share data for cross-context behavioral advertising

• Limit use of sensitive personal information — we use uploads only to provide the service you request

• Non-discrimination for exercising your privacy rights

• Use an authorized agent — provide written permission and verification of identity

Submit requests to contact@mockl.io. We verify identity before fulfilling requests.

15. Contact Us

Email: contact@mockl.io

Postal:MOCKLIO, Gensinger Straße 23, 10315 Berlin, Germany

Imprint: mockl.io/imprint

We aim to respond within 30 days.

By using MOCKLIO, you acknowledge that you have read and understood this Privacy Policy.