Curato
Sign in

Legal

Privacy & Cookie Policy

Last updated: 14 May 2026

1. Who We Are and How to Contact Us

Curato is a UK-based interior design concept service. If you have questions about this policy or your personal data, contact us at [your contact email]. You also have the right to complain to the UK Information Commissioner's Office at ico.org.uk.

2. Data We Collect

2.1 Account data

When you create an account we collect your email address, encrypted password, subscription status, and account creation date.

2.2 Payment data

Payments are handled by Stripe. Curato never sees or stores your card details. Stripe processes payment data under its own privacy policy at stripe.com/privacy.

2.3 Mood board inputs

When you use the generator, your room description is sent to the Anthropic Claude API to create your mood board. Please do not include sensitive personal information in your descriptions. Anthropic's privacy policy applies to this processing: anthropic.com/legal/privacy.

2.4 Technical data

Our servers automatically log your IP address, browser type, device type, pages visited, and referring URL for security and performance purposes.

2.5 Cookie data

See Section 5.

3. Why We Use Your Data

We use your data to provide the Curato service (lawful basis: contract), process payments (contract), prevent fraud (legitimate interests), improve the service (legitimate interests), and — with your consent — for analytics and affiliate tracking.

4. Who We Share Your Data With

We do not sell your data. We share it only with: Anthropic (AI generation), Stripe (payments), Awin (affiliate tracking, consent-only), and our hosting provider. All processors are contractually bound to handle your data securely.

5. Cookie Policy

Essential cookies (no consent needed)

  • Session cookie — keeps you logged in. Expires when you close your browser.
  • Authentication token — remembers your login between visits. Expires after 30 days.
  • Stripe cookies — required for secure payment processing.

Non-essential cookies (require your consent)

  • Analytics cookies — help us understand how Curato is used. Data is aggregated and anonymous.
  • Awin affiliate tracking cookie — set when you click a Shop Similar link, allowing Curato to earn a small commission on purchases at no extra cost to you. Expires after 30 days.

You can change your cookie preferences at any time using the Cookie Settings link in the footer.

6. How Long We Keep Your Data

  • Account data: while your account is active, plus 12 months after deletion.
  • Mood board prompts: not stored by Curato beyond the API call.
  • Payment records: 7 years (UK legal requirement).
  • Technical logs: 90 days.

7. Your Rights

Under UK GDPR you have the right to: access your data, correct inaccurate data, request deletion, restrict processing, data portability, object to processing, and withdraw consent at any time. Email us to exercise any of these rights. We will respond within one month.

8. Security

Curato uses HTTPS for all data in transit. Passwords are hashed and salted. Payment data is handled entirely by Stripe. If we become aware of a breach affecting your rights, we will notify you and the ICO as required by law.

9. Children's Privacy

Curato is not directed at children under 13. We do not knowingly collect data from children.

10. Changes to This Policy

We will notify registered users by email of any material changes and update the "Last updated" date on this page.