Privacy Policy

Effective Date: March 12, 2025  ·  Last Updated: March 23, 2025

SnapShade ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application SnapShade (the "App") available on the Apple App Store.

By downloading or using the App, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the App.

1. Information We Collect

1.1 Information You Provide

  • Photos & Images (including face data): Photos you upload for AI hair transformation. These are sent to Google Gemini for processing and may be temporarily stored in Cloudflare R2 to deliver transformation results. See Section 4 for how third parties store and retain this data.
  • Account Information: If you create an account, we may collect your email address and display name.

1.2 Information Collected Automatically

  • Device Information: Device model, operating system version, unique device identifiers, and IP address.
  • Usage Data: Features used, session duration, in-app actions, crash logs, and performance data.
  • Purchase Data: Transaction identifiers and subscription status managed through Apple's App Store and RevenueCat. We do not store full payment card details.

1.3 Information We Do NOT Collect

  • We do not collect biometric data (e.g., Face ID templates).
  • We do not permanently store your uploaded photos; any temporary storage is limited (see Section 4 and Section 5).
  • We do not collect contact lists, location data, or microphone input.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the App and its AI transformation features.
  • Process your in-app purchases and manage subscription status.
  • Improve app performance, fix bugs, and develop new features.
  • Send you important service notifications (e.g., subscription renewals).
  • Respond to your support requests and inquiries.
  • Comply with legal obligations.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

3. Third-Party Services

The App integrates with the following third-party services. Each service operates under its own privacy policy:

Google Gemini API

AI-powered image processing for hair transformations. Your photo (which may contain face data) is transmitted securely to Google's servers for processing. See Section 4.2 below for detailed information on how Google stores and retains face data.

View Privacy Policy →

Cloudflare R2

Object storage for temporarily storing transformed images. When we store images containing face data in R2, Cloudflare provides the storage infrastructure. See Section 4.3 below for detailed information on storage and retention.

View Privacy Policy →

RevenueCat

Subscription management, purchase validation, and entitlement tracking. RevenueCat receives your App Store receipt and subscription identifiers.

View Privacy Policy →

Apple App Store

App distribution and in-app purchase processing. All payments are handled by Apple.

View Privacy Policy →

Firebase Analytics (Google)

Anonymized usage analytics to understand user behavior and improve the App. Analytics data is pseudonymized and does not identify you personally.

View Privacy Policy →

4. Face Data: Collection, Processing & Third-Party Storage

Photos you upload for AI hair transformation may contain face data. We share this data with third-party service providers to deliver the transformation feature. Below we describe whether these third parties store face data and, if so, their privacy practices, storage duration, and reasons for storage.

4.1 Our Practices

  • We request explicit in-app user consent before any face photo is transmitted to third parties.
  • Face photo data is processed for hairstyle generation and is not retained on our servers beyond the session (except where temporarily stored in Cloudflare R2 as described below).
  • Users can revoke AI face processing consent at any time in app settings.

4.2 Google Gemini API — Face Data Storage by Third Party

Does Google store face data? Yes. When we send your photo to Google Gemini for processing, Google may temporarily store the image (including any face data) as part of the API request and response.

  • Why Google stores face data: Google retains prompts (including images), contextual information, and API responses solely to detect and prevent violations of its Prohibited Use Policy (e.g., abuse, harmful content) and to maintain the safety and security of its services.
  • Length of storage: Up to 55 days.
  • Why this length: This retention period allows Google to investigate potential policy violations and abuse while limiting the duration of storage to what is necessary for those purposes.
  • Privacy practices: This data is not used to train or fine-tune AI models. It is used exclusively for abuse monitoring and policy enforcement. When using the paid Gemini API, your content is processed in accordance with Google's Data Processing Addendum. For more information, see Google Gemini API Terms and Abuse Monitoring.

4.3 Cloudflare R2 — Face Data Storage by Third Party

Does Cloudflare R2 store face data? When we use Cloudflare R2 to store images (e.g., transformed results that may contain face data), yes — that data is stored on Cloudflare's infrastructure at our direction.

  • Why we use R2: To temporarily store transformed images so we can deliver results to you and, where applicable, allow you to access them during your session.
  • Length of storage: Images are retained only as long as needed for the service. We delete stored images within 30 days or upon your request (e.g., account deletion), whichever is sooner.
  • Why this length: This allows us to serve your transformation results and provide a smooth experience while minimizing how long face data is stored.
  • Cloudflare's role: Cloudflare R2 provides object storage infrastructure. Cloudflare stores data we upload but does not use it for its own purposes beyond providing the storage service. Data is encrypted at rest (AES-256) and in transit (TLS). For Cloudflare's privacy practices, see Cloudflare Privacy Policy.

5. Data Retention

  • Uploaded Photos & Transformed Images: Processed in real-time. Any temporary storage in Cloudflare R2 is deleted within 30 days or upon your request. Google Gemini may retain API data (including images) for up to 55 days for abuse monitoring (see Section 4).
  • Account Data: Retained as long as your account is active. Deleted within 30 days of account deletion request.
  • Analytics Data: Retained in aggregated, anonymized form for up to 24 months.
  • Purchase Records: Retained as required by applicable law and Apple's App Store policies.

6. Data Security

We employ industry-standard security measures to protect your data:

  • All data transmitted between the App and our servers (and third-party APIs) is encrypted using TLS 1.2 or higher.
  • Access to stored data is restricted to authorized personnel only.
  • We regularly review and update our security practices.

Despite our safeguards, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Children's Privacy

The App is not directed to children under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at mehmetirmaakk@icloud.com and we will delete the information promptly.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete data.
  • Right to Deletion: Request deletion of your personal data ("right to be forgotten").
  • Right to Portability: Request your data in a machine-readable format.
  • Right to Object: Object to processing of your data for certain purposes.
  • Right to Opt-Out (CCPA): California residents may opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us at mehmetirmaakk@icloud.com. We will respond within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside (including the United States), where data protection laws may differ from your jurisdiction. By using the App, you consent to such transfers. We take appropriate measures to ensure your data is protected in accordance with this Privacy Policy.

10. Apple-Specific Disclosures

As an App Store app, SnapShade complies with Apple's App Store Review Guidelines and App Privacy requirements:

  • The App requests camera/photo library access only to enable the photo upload feature.
  • In-app purchases are managed exclusively through Apple's StoreKit. We do not process payments directly.
  • The App does not use Apple's advertising identifier (IDFA) for tracking.
  • The App follows Apple's App Tracking Transparency (ATT) framework guidelines.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, through an in-app notification. Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

SnapShade Support

mehmetirmaakk@icloud.com

Website: https://snap-look.live