Privacy Policy

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (for account management and notifications)
• Name (optional, for personalization)
• Device identifier (to manage credits and prevent abuse)
• Platform information (iOS/Android for compatibility)

1.2 Usage Information

We collect minimal usage data to improve our service:

• API request logs (automatically deleted after 30 days)
• Transformation counts (for credit management)
• Error logs (anonymized, for debugging)
• Subscription status (for feature access)

1.3 Images

We do NOT store your images. Here's exactly what happens:

• Your image is uploaded temporarily to our secure servers
• AI processing occurs entirely in memory
• The transformed image is returned to you
• Both original and transformed images are immediately deleted
• No copies are kept anywhere in our systems

2. How We Use Your Information

2.1 Service Provision

• Process your photo transformations
• Manage your credit balance and subscriptions
• Send important account notifications
• Provide customer support

2.2 Service Improvement

• Analyze usage patterns (anonymized)
• Debug technical issues
• Improve AI transformation quality
• Develop new features

2.3 Legal Compliance

• Comply with applicable laws and regulations
• Respond to legal requests
• Prevent fraud and abuse

3. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except:

3.1 Service Providers

• OpenAI - For AI image processing (images are not stored by OpenAI)
• Apple/Google - For subscription management and payment processing
• Email Service - For sending notifications (email addresses only)

3.2 Legal Requirements

We may disclose information if required by law, court order, or government request.

4. Data Security

4.1 Technical Measures

• End-to-end encryption for all data transmission
• Secure HTTPS connections for all API calls
• Regular security audits and updates
• Access controls and authentication

4.2 Operational Measures

• Immediate deletion of processed images
• Automatic log rotation and cleanup
• Regular data purging
• Employee access restrictions

5. Your Rights (GDPR)

Under GDPR, you have the following rights:

5.1 Right to Access

You can request a copy of all personal data we hold about you.

5.2 Right to Rectification

You can update or correct your personal information at any time.

5.3 Right to Erasure

You can request complete deletion of your account and all associated data.

5.4 Right to Portability

You can request your data in a machine-readable format.

5.5 Right to Object

You can object to processing of your personal data for certain purposes.

6. Data Retention

• Images: Never stored (deleted immediately)
• Account Data: Retained until account deletion
• Usage Logs: Automatically deleted after 30 days
• Subscription Data: Retained per legal requirements

7. International Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

8. Children's Privacy

FaceZoo is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it immediately.

9. Cookies and Tracking

We use minimal cookies and tracking:

• Session Cookies: For authentication (essential)
• Analytics: Anonymized usage statistics only
• Advertising: We may use advertising services like AdMob which may collect data for ad personalization
• Third-Party Services: Some features may use third-party services with their own privacy policies

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by:

• Sending an email notification
• Posting a notice in the app
• Updating the "Last Updated" date above

11. Contact Us

If you have any questions about this Privacy Policy or your data, please contact us through the app or visit our website for support options.

12. Supervisory Authority

If you're in the EU and have concerns about our data handling, you have the right to lodge a complaint with your local data protection authority.