Privacy Policy - Eternal Labs

Date of Last Revision: March 14, 2025

Welcome to Eternal Labs, which is designated and operated by Eternal Labs, LLC (including its subsidiaries, affiliates, agents, and service providers, collectively, “we,” “us,” “our,” or “Eternal Labs”). Eternal Labs provides users and visitors (“you” and “your”) with services of creating 3D content using generative AI technology, including but not limited to prompt-to-3D and image-to-3D services, as well as services provided by Meshy (“Services”).

This Privacy Policy (the “Policy”) describes and governs how we collect, use, share, and protect (collectively, “process”) personal information collected in the context of our Services. Before you use or submit any information through or in connection with the Services, please carefully review this Policy. By using any part of the Services, you consent to the collection, use, and disclosure of your information as outlined in this Policy. To the extent allowed by law, the English version of this Policy is binding, and other translations are for convenience only.

If you are in the European Economic Area, the United Kingdom, or Switzerland (“Europe”):

For the purposes of the EU General Data Protection Regulation 2016/679 (the “GDPR”), the data controller is Eternal Labs and can be reached at the address set out in Section “How to Contact Us” below; and
You will not need to consent to this Privacy Policy, but you do acknowledge you have read and understood its terms.

If you are a resident of California, the California Consumer Privacy Act of 2018 and the California Privacy Rights Act of 2020 provide you with additional rights.

If you are a resident of Australia, the Treasury Laws Amendment (Consumer Data Right) Bill and Consumer Data Right rules might provide you with additional rights.

This Policy applies to the processing of your personal information on the premise that it does not conflict with the laws and regulations applicable to you. The Policy will provide the following information to you:

Definitions
What Information We Collect
How We Use Your Information Collected
How We Disclose Your Information Collected
How We Handle Children’s Personal Information
Security
Do-Not-Track Signals
How Your Information Will be Stored and Transferred
Your Rights
Supplemental Terms and Conditions for Certain Regions
Other Terms
How the Policy Will be Updated
How to Contact Us

1. Definitions

In this Policy, unless the context otherwise requires, the following definitions shall apply:

We, Us, or Our: Refers to Eternal Labs and its subsidiaries, affiliates, agents, and service providers.
Cookies: Small files placed on your computer, mobile device, or any other device by a website, containing details of your browsing history on that website among its many uses.
Data Controller: For the purposes of the GDPR, refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of personal information. For the purpose of the GDPR, Eternal Labs is the Data Controller.
Personal Information (or personal data): Any information that relates to an identified or identifiable individual.
- For GDPR purposes, Personal Information means any information relating to you such as a name, an identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity.
- For CPRA purposes, Personal Information means any information that identifies, relates to, describes, or is capable of being associated with, or could reasonably be linked, directly or indirectly, with you.
Website: Refers to Eternal Labs, accessible from https://buu.fun.
Sell: Refers to any disclosures of personal information by a business to another business or third party for money or other valuable consideration.
Service: Refers to creating 3D content using generative AI technology, including but not limited to prompt-to-3D and image-to-3D services, as well as services provided by Meshy.
Service Provider: Any natural or legal person who processes the data on behalf of us. It refers to third-party companies or individuals employed by us to facilitate the Service, to provide the Service on behalf of us, to perform services related to the Service, or to assist us in analyzing how the Service is used. For GDPR purposes, Service Providers are considered Data Processors.
Usage Data: Data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (e.g., the duration of a page visit).
Under GDPR, you can be referred to as the Data Subject or as the User as you are the individual using the Service.

2. What Information We Collect

When you use or otherwise access the Services, we collect information in multiple ways, including when you provide information directly to us and when we passively collect information from your browser or device (e.g., by logging how you interact with our Services).

2.1. Information That You Provide Directly to Us

A. Registration Information

When you register for our Services or open an account, depending on the registration channel you choose, we may collect:

Your email address
Your username
Verification code (for multi-factor authentication and to provide important messages)
Any information you choose to provide (e.g., profile picture, company title)

If you are in Europe, we process this information on the basis of entering into and performing our contract with you (Art. 6 para. 1 subpara. 1 b) GDPR).

B. Purchase Information

When you purchase paid services (e.g., member subscription to our Services) through the Website, we may collect:

Personal information related to your order (e.g., order number, time of order, service purchased)
Financial information (e.g., credit card details processed by our payment Service Provider on our behalf)

If you are in Europe, we process this information on the basis of entering into and performing our contract with you (Art. 6 para. 1 subpara. 1 b) GDPR).

C. Content You Provide Through Our Services

We collect and securely store content that you post, send, receive, and share through our products as part of the Services, such as:

Text or image prompts you input
Public chats you maintain on the Service
3D models and related texture images you create
Files and links you upload

This content includes any personal information you choose to include. You acknowledge and agree that you are authorized by the relevant data subject and have notified them that their personal information might be publicly displayed on our Services.

D. Communications to Us

You may contact us via email or other means (e.g., with questions, for customer support, or to share ideas). You may also respond to surveys or queries about content you generated. We collect:

Contact details
Any images you upload
The contents and nature of your message

To keep your personal information safe, we request that you avoid sending financial or sensitive data through our chat services unless specifically requested. If you share such information, we will process it with care in accordance with our Service Providers.

E. Third-Party Communications

If you use features allowing communication with third parties (e.g., referrals), either by submitting third-party data (“Third-Party Data”) or permitting automatic access to it, you acknowledge and agree that:

You have the authority to allow us to use this data
You have notified these third parties how their information is collected and used by Eternal Labs

We may identify you as the referrer and use Third-Party Data to:

Contact the third party
Provide editable template messages for communication

Communications may include reminders, with an option to “opt out” of further messages.

2.2. Information That is Passively or Automatically Collected

A. Usage Information

When you interact with the Services, we automatically collect:

IP address
Browser settings
Device information
Clicking records, crash data, session IDs
Geolocation information

This includes browser type, referring website, operating system, and location data via IP address, collected to ensure security and stability. If you are in Europe, we process this on the basis of our legitimate interests (Art. 6 para. 1 subpara. 1 f) GDPR).

B. Cookies and Other Electronic Technologies

We use technologies like tracking pixels, JavaScript, and locally stored data (e.g., cookies) to collect:

Text
Personal data (e.g., IP address)
Information about your use of Eternal Labs

3. How We Use Your Information Collected

We use the information collected in a manner consistent with this Policy for:

3.1. Provision of Services

Operate, maintain, and provide the Services
Operate Eternal Labs per this Policy and Terms & Conditions
Restrict use from restricted territories or in breach of Terms

3.2. Marketing and Promotion

Collect contact information (e.g., email) for promotions or marketing communications if you opt in
You can opt out anytime by unsubscribing per message instructions

3.3. Analytics and Improvement

Manage, develop, improve, and maintain Services (e.g., responding to inquiries, providing support)
Analyze usage trends to enhance accuracy, effectiveness, security, usability, and popularity

4. How We Disclose Your Information Collected

We share information with third parties under certain circumstances without further notice, as below. We do not sell your information to advertisers or other third parties.

4.1. Third-Party Service Providers

Security Service Providers: Share clicking records, crash data, session IDs, and device information to enhance security (subject to applicable laws)
Advertising Service Providers: Share profile information, session IDs, device info, and geolocation for ads (in compliance with laws)
Other Providers: Hosting, IT services, and similar providers to support the Website and business services

4.2. Government Authorities/Law Enforcement

Share data if required by law or to protect our legitimate interests, per applicable laws

4.3. Potential Buyers and Advisers

Share data during corporate events (e.g., sale, merger) with advisers and new owners, subject to applicable laws

4.4. Third-Party Partners

Share with partners on initiatives, requiring them to comply with relevant laws
Third-party companies you link with govern their use per their privacy notices

4.5. Your Consent

Share for other purposes if you direct us or consent

4.6. Aggregated Data

Use anonymized data for research and share with affiliates, partners, or third parties (e.g., Google Analytics)

4.7. Other Users

Share information you make public on the Services (e.g., published content, comments)

5. How We Handle Children’s Personal Information

Our Services are not directed to children (under 13, or 16 in Europe). We do not knowingly collect their data. If discovered, we promptly delete it. Children may not submit data without parental permission. Contact us at info@buu.fun if you believe a child has provided data.

6. Security

We strive to protect your data with robust measures, including:

A dedicated security team and system
Security measures for data handling (e.g., encryption, access control)
Confidentiality agreements and training for employees
Compliance commitments from third-party processors
Encrypted transmission for sensitive data

No internet transmission is fully secure, so transmission is at your risk. Report vulnerabilities to security@eternallabs.com.

7. Do-Not-Track Signals

We do not recognize or respond to browser-initiated Do Not Track (DNT) signals, as industry standards are still evolving.

8. How Your Information Will be Stored and Transferred

We retain your information as necessary for its collection purpose and our operations, per applicable laws. When no longer needed, we remove or anonymize it per our retention policies, considering:

Service type and relationship duration
Re-enrollment potential
Impact of deletion on Services
Legal retention requirements

Data may be transferred, processed, and stored globally, with safeguards consistent with applicable laws. EEA users, see “Supplemental Terms” for transfer details.

9. Your Rights

Subject to applicable law, you have rights to:

Access your data and receive a copy
Rectify inaccurate data
Erase data when no longer needed or unlawfully processed
Object to processing (e.g., for marketing)
Restrict processing in certain cases
Receive data in a portable format
Withdraw consent (without affecting prior processing)
Avoid automated decision-making with significant effects
Lodge a complaint with your local data protection authority

10. Supplemental Terms and Conditions for Certain Regions

10.1. Privacy Information for California Residents

10.1.1. Categories of Information Collected and Disclosed

Under the CCPA, we disclose:

Contact info (e.g., email) and network/device info (e.g., IP address) to advertising/analytics partners
See Sections 2, 3, and 4 for details

10.1.2. Your Choices

Opt out of advertising disclosures via Cookie settings

10.1.3. Other CPRA Rights

No financial incentives offered
Sensitive data used only for non-opt-out business purposes
See “Your Rights” for additional rights

10.1.4. Retention

See Section 8

10.1.5. Shine the Light

We do not disclose data to third parties for their direct marketing

10.2. Privacy Information for Residents in Europe

10.2.1. Legal Basis

Processing based on contract performance (Art. 6 para. 1 subpara. 1 b) GDPR)

10.2.2. Global Transfers

Data may transfer outside Europe with safeguards (e.g., EU standard clauses)

10.3. Privacy Information for Residents in PRC

10.3.1. Storage

Stored in the US by Eternal Labs, LLC
Types: Email, username, verification code, financial info (paid users)
Purpose: Authentication and messaging
Contact: info@buu.fun

10.3.2. Global Transfers

Transferred to affiliates/suppliers per Section 3, with legal safeguards

10.3.3. Your Rights

Additional rights: Deregister account, request processing explanation
Contact us; response within 15 business days

11. Other Terms

Opt-Out: Unsubscribe from marketing via email instructions
Rights Requests: Email info@buu.fun; up to 30 days to fulfill
Complaints: Contact us first, or lodge with your data authority
Terms: Use subject to Eternal Labs’ Terms & Conditions

12. How the Policy Will be Updated

We may update this Policy, revising the date above. Significant changes will be notified via email or Website banner, giving you time to exercise rights. If you disagree, deactivate your account or stop using the Services. Review periodically.

13. How to Contact Us

For questions, contact us at:

Email: info@buu.fun
Address: 1111B S Governors Ave STE 28193, Dover, DE 19904