What is the Essenzi Creative Engine?

The Essenzi Creative Engine is the creative intelligence layer for directors and studios, across fashion, beauty, music, hospitality, architecture, and any sector that invests in creative direction. It generates structured campaign briefs, visual direction documents, and platform-ready AI prompts for 20+ image and video models, from Midjourney and Flux Pro to Runway and Kling.

How does AI creative direction work?

You provide a raw concept, a mood word, brand name, campaign feeling, or reference image. The engine interprets the emotional register and visual world of your concept, builds a structured creative schema covering lighting, colour palette, casting, wardrobe, lens, and composition, then adapts it into native prompt syntax for whichever AI model you're using.

What is Brand DNA and how does the extractor work?

Brand DNA is your brand's unique visual signature, the specific combination of colour language, compositional instincts, tonal range, and aesthetic patterns that make your work recognisable. The DNA Extractor analyses your existing campaigns, lookbooks, and creative references, then encodes this visual fingerprint into every future brief the engine generates.

Which AI models does the engine generate prompts for?

The engine generates prompts for 20+ AI models across image and video. Image models include Midjourney, Flux Pro, Stable Diffusion XL, Seedream, DALL-E 3, Adobe Firefly, Ideogram, and Leonardo. Video models include Veo, Kling, Runway Gen4, Sora, Luma, Pika, and Higgsfield.

Is the Creative Engine suitable for independent creative directors?

Yes. Director at £59/month is designed for the independent creative director working solo. It includes 20 completed campaigns per month, two brand workspaces, the full reference network, and access to all AI model adapters with PDF export.

// Legal

Privacy Policy

Last updated: 12 June 2026

Draft / Template

This document is a template/draft. It must be reviewed and approved by a qualified solicitor, and all bracketed placeholders completed, before it goes live.

1. Who We Are (Controller Identity)

Essenzi Media Ltd ("we", "us", "our") operates the House of Essenzi Creative Engine (the "Service"), available at houseofessenzi.com. We are a company registered in England and Wales under company number 16144272, with our registered office at Capital Tower Business Centre, 3rd Floor, Capital Tower, Greyfriars Road, Cardiff, CF10 3AG, United Kingdom. We are registered with the UK Information Commissioner's Office under registration number ZC006888. We are the data controller for the personal information described in this policy when you use the Service as an individual or account holder. (Where we process personal data on behalf of a business customer, we act as a processor, governed by our Data Processing Agreement.) Our general contact address is studio@houseofessenzi.com; for privacy, data-protection and data-subject requests, contact our privacy contact / Data Protection Officer at studio@houseofessenzi.com.

2. Personal Data We Collect

We collect and process the following categories of personal data:

Account data — your name, email address, and password (stored only as a one-way bcrypt hash; we never store plaintext passwords).
Authentication data — Google OAuth identifier (if you sign in with Google) and, if you enable two-factor authentication, a 2FA secret (stored encrypted).
Billing data — your Stripe customer identifier and subscription/price identifier. We do not store payment card numbers; card data is collected and processed directly by Stripe (a PCI-DSS Level 1 processor).
Technical and security data — session IP addresses and browser user-agent strings, and authentication logs (including the email address used on failed sign-in attempts), used for security, abuse prevention and fraud detection.
User-generated content — campaign briefs and other text you author, and media you upload (images, video, PDF).
DNA-extraction inputs — Instagram handles or website URLs you submit for brand-DNA analysis, and the publicly available content fetched from those sources (processed transiently; see Section 4).

We do not intentionally collect special category data (e.g. data revealing racial or ethnic origin, health, religious beliefs, or biometric data) and ask that you do not submit it through the Service.

3. Purposes of Processing & Legal Bases (UK/EU GDPR Art. 6)

We process your personal data for the following purposes and on the following legal bases:

To provide the Service (create and authenticate your account, generate creative direction, store your projects) — performance of a contract (Art. 6(1)(b)).
To take payment and manage subscriptions via Stripe — performance of a contract (Art. 6(1)(b)).
To secure the Service (rate limiting, fraud and abuse prevention, auth logging) — legitimate interests (Art. 6(1)(f)) in keeping the Service and its users safe.
To send service emails (email verification, password reset, essential account notices) — performance of a contract and legitimate interests.
To comply with legal obligations (e.g. tax, accounting, responding to lawful requests) — legal obligation (Art. 6(1)(c)).
To improve and analyse the Service using privacy-friendly, aggregated metrics — legitimate interests (Art. 6(1)(f)); where any non-essential cookie or tracking is used, on the basis of your consent (Art. 6(1)(a)). See our Cookie Policy.

Where we rely on legitimate interests, you have the right to object (see Section 8). Where we rely on consent, you may withdraw it at any time.

4. DNA Extractor & Public Content Analysis

The DNA Extractor lets you submit an Instagram handle or website URL for creative analysis. When you use it: (a) our system, via Apify, temporarily fetches publicly available content from the source you provide; (b) that raw content is processed transiently to generate a structured creative brief and is not stored in our database; (c) only the resulting creative brief (your output) is stored and associated with your account; and (d) we do not build profiles of third-party brands from scraped data, nor retain or redistribute raw scraped content. You are responsible for ensuring your use of this feature complies with applicable law and the terms of service of any platform whose content you submit. See our Acceptable Use Policy.

5. AI Processing (Anthropic Claude)

When you use AI-powered features, the text you submit (including campaign briefs and DNA-extraction inputs) is sent to Anthropic's Claude API for processing. Anthropic therefore receives and processes that content. We do not send identifiers such as your name or email to Anthropic beyond what is inherent in the content you choose to submit. You should not submit other people's confidential information, personal data, or trade secrets into the Service.Anthropic operates under its own privacy and usage policies (anthropic.com); under Anthropic's commercial API terms, inputs and outputs are generally not used to train its models. This reflects Anthropic's stated position and may change; you should review Anthropic's current terms. We do not use your content to train third-party AI models beyond what is necessary to provide the Service to you.

6. Sub-Processors

We share personal data with the following sub-processors, each acting under contract and appropriate data-protection terms. A current list is maintained in our Data Processing Agreement.

Anthropic — AI generation; brief and DNA-extraction text is sent to its API.
Apify — fetches publicly available content from Instagram handles / website URLs you supply for DNA extraction.
Cloudflare R2 — storage of files you upload (images, video, PDF).
Stripe — payment processing (PCI-DSS); we store no card data.
Google — OAuth sign-in, if you choose to authenticate with Google.
SMTP / email provider — delivery of verification and password-reset emails.
Vercel — hosting and infrastructure; Service traffic passes through this platform.

7. International Data Transfers

Several of our sub-processors are based outside the UK and EEA, including in the United States (for example Anthropic, Stripe, Cloudflare and Google). Where personal data is transferred internationally, we rely on appropriate safeguards under UK and EU GDPR, including the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the SCCs, and — where applicable — transfers to countries recognised as providing an adequate level of protection (such as those covered by an adequacy decision or the UK extension to the EU–US Data Privacy Framework). You may request details of the relevant safeguard for any transfer.

8. Your Rights (UK & EU GDPR)

Subject to applicable law, you have the right to:

Access the personal data we hold about you;
Rectification of inaccurate or incomplete data;
Erasure ("right to be forgotten") in certain circumstances;
Restriction of processing in certain circumstances;
Data portability — to receive your data in a structured, commonly used, machine-readable format;
Object to processing based on legitimate interests, and to withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact studio@houseofessenzi.com (or studio@houseofessenzi.com). We will respond within the timeframes required by law (generally one month under the GDPR). You also have the right to lodge a complaint with a supervisory authority — in the UK, the Information Commissioner's Office (ICO, ico.org.uk); in the EU, your local Data Protection Authority. We would appreciate the chance to address your concerns first.

9. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to: know what personal information we collect, use and disclose; access and obtain a copy of it; request correction; request deletion; and not be discriminated against for exercising these rights.

Do Not Sell or Share My Personal Information. We do not sell your personal information, and we do not "share" it for cross-context behavioural advertising as those terms are defined under the CCPA/CPRA. Accordingly, no "Do Not Sell or Share" opt-out is required, though you may still contact us with any request. To exercise your California rights, contact studio@houseofessenzi.com; you may use an authorised agent, and we will verify your request as required by law.

10. Data Retention

We retain personal data only as long as necessary for the purposes set out above:

Account, profile and user-generated content — for as long as your account is active, and deleted (or anonymised) within a reasonable period after account closure or a valid erasure request.
Uploaded media — retained while associated with your account; deleted following account closure or erasure request.
Authentication / security logs — retained for a limited period for security and abuse-prevention purposes, then deleted.
Billing records — retained for the period required by tax and accounting law (typically up to 6–7 years in the UK).
DNA-extraction raw content — processed transiently and not stored.

[Retention periods to be confirmed against the company's actual data-lifecycle configuration before publication.]

11. Cookies & Similar Technologies

We use a single essential session cookie (essenzi_session) and may use privacy-friendly analytics and operational tools. Full details, including the lawful basis for each (essential vs. consent under PECR / the ePrivacy rules), are set out in our Cookie Policy.

12. Children's Privacy

The Service is not directed to children. It is intended for users aged 18 or over, and in any event we do not knowingly collect personal data from anyone under 16 in the EEA / under 18 in the UK. If you believe a child has provided us personal data, please contact studio@houseofessenzi.com and we will delete it.

13. Security

We implement appropriate technical and organisational measures to protect your data, including HTTPS/TLS in transit, one-way bcrypt password hashing, encryption of 2FA secrets, HttpOnly session cookies, server-side management of API secrets, access controls, and use of reputable infrastructure providers. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

14. Data Breach Notification

In the event of a personal data breach, we will assess and, where required by the UK/EU GDPR, notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of it. Where a breach is likely to result in a high risk to your rights and freedoms, we will notify affected individuals without undue delay.

15. Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top reflects the latest revision, and we will take reasonable steps to notify you of material changes. Continued use of the Service after changes constitutes acceptance of the updated policy.

16. Contact

For privacy enquiries or to exercise your rights, contact our privacy contact / DPO at studio@houseofessenzi.com, or write to Essenzi Media Ltd, Capital Tower Business Centre, 3rd Floor, Capital Tower, Greyfriars Road, Cardiff, CF10 3AG, United Kingdom. General enquiries: studio@houseofessenzi.com.

House of EssenziTerms of Service →