C.Creslo.Back to home

Privacy Policy

Last updated: 8 June 2026

This policy explains what personal data Creslo collects, how we use it, who we share it with, and the rights you have over it. We have tried to keep it plain and specific to what Creslo actually does.

Who we are

Creslo is operated by Creslo AI Ltd, a company registered in England and Wales (company number 17256802) with its registered office at Bartle House, Oxford Court, Manchester M2 3WQ, and registered with the UK Information Commissioner's Office (ICO) under registration number ZC169912. For anything in this policy, you can reach us at privacy@creslo.ai. Creslo AI Ltd is the data controller for the personal data described here.

The data we collect

Account data

When you create an account we collect your email address and authentication details (handled by our authentication provider, Supabase). If you add them, we also store your name and basic profile information.

Brand profile data

Information you enter to describe your brand - business name, industry, tone, audience, description, brand colour, logos, and any words or styles you tell us to avoid. This is used to generate content that matches your brand.

Content you create

The posts, captions, images, and ad creatives you generate or upload, along with any scheduling information.

Connected social accounts

When you connect a social network (for example Instagram, Facebook, LinkedIn, X or TikTok), we receive and store the access tokens and basic account information (such as your username and display name) needed to publish on your behalf. This connection is handled through our publishing partner, Zernio. You can disconnect any account at any time from your brand profile, which revokes that access.

Payment data

Subscription and billing is handled by Stripe. We do not store your full card details - Stripe processes them directly. We retain records of your plan, subscription status, and trial dates.

Usage and technical data

Basic information about how you use Creslo (such as generation counts and feature usage) and standard technical data needed to run a secure service. We keep cookies and similar storage to essential and functional purposes - we do not run advertising trackers.

How we use your data

  • To provide the service - creating your account, storing your brands, and generating content.
  • To generate text using our AI provider (Anthropic) and images using our image provider (fal.ai), guided by your brand profile.
  • To schedule and publish content to the social accounts you have connected, via Zernio.
  • To take payment and manage your subscription and trial, via Stripe.
  • To send you service emails (for example trial reminders or important account notices), via our email provider, Resend.
  • To keep the service secure, prevent abuse, and meet our legal obligations.

Legal bases (UK GDPR)

We process your data to perform our contract with you (providing the service), on the basis of our legitimate interests (running and improving Creslo securely), to comply with legal obligations, and - where required, such as for certain communications - with your consent. Where we rely on consent you can withdraw it at any time.

Who we share data with

We use a small set of trusted providers (sub-processors) to run Creslo. We share only what each needs to do its job:

  • Supabase - database, authentication and file storage (hosted in the EU/UK, London region).
  • Vercel and Railway - application hosting.
  • Anthropic - AI text generation.
  • fal.ai - AI image generation.
  • Zernio - connecting and publishing to your social accounts.
  • Stripe - payment processing.
  • Resend - transactional email.
  • Pexels - stock imagery, where used.

Some of these providers may process data outside the UK. Where that happens, we rely on appropriate safeguards (such as the UK International Data Transfer Agreement or equivalent contractual protections). We do not sell your personal data.

Data retention

We keep your data for as long as your account is active. If you close your account, we delete or anonymise your personal data within a reasonable period, except where we need to retain certain records (for example billing records) to meet legal or accounting obligations. When you disconnect a social account, the associated access tokens are removed.

Your rights

Under UK data protection law you have the right to access your data, correct it, erase it, restrict or object to its processing, and request portability. To exercise any of these, email privacy@creslo.ai. You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk, though we would appreciate the chance to resolve any concern first.

Security

We take reasonable technical and organisational measures to protect your data, including encrypted connections, access controls, and storing social access tokens only where needed to provide the service. No system is perfectly secure, but we work to keep your data safe and to act quickly if anything goes wrong.

Children

Creslo is intended for use by businesses and adults. It is not directed at anyone under 18, and we do not knowingly collect data from children.

Changes to this policy

We may update this policy from time to time. If we make material changes we will update the date above and, where appropriate, notify you. Continuing to use Creslo after a change means you accept the updated policy.

Contact

Questions about this policy or your data? Email privacy@creslo.ai and we will help.