Privacy Policy

1. Introduction

This Privacy Policy describes how Catify ("we," "our," or "us") collects, uses, stores, and protects your personal information when you use our mobile application ("App"). We are committed to protecting your privacy and ensuring transparency about our data practices.

By using Catify, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Personal Information

Account Information:

• Name and display name
• Profile picture (optional)
• Email address (through authentication provider)
• Unique user identifiers
• Account creation and last login dates

Authentication Data:

• Login credentials managed by Clerk authentication service
• Session tokens and authentication status
• External authentication provider information (if using social login)

2.2 Payment and Credit Information

Financial Data:

• Credit balance and transaction history
• Purchase records including product IDs, amounts, and timestamps
• Payment method information (processed by third parties)
• Transaction IDs and purchase verification data
• Refund and dispute information

Note: We do not directly store credit card numbers or sensitive payment information. All payment processing is handled by Apple App Store, Google Play Store, and RevenueCat.

2.3 Content and Images

User-Generated Content:

• Original images uploaded for transformation
• Transformed/processed images
• Image metadata (file type, size, upload date)
• Image processing history and status
• Transformation preferences and settings

Storage Information:

• File storage IDs and secure URLs
• Image access logs and download history
• Content moderation flags (if applicable)

2.4 Usage and Analytics Data

App Usage:

• Feature usage patterns and frequency
• Screen views and navigation paths
• Time spent in app and session duration
• Error logs and crash reports
• Performance metrics and load times

Device Information:

• Device type, model, and operating system
• App version and build information
• Device identifiers (advertising ID, installation ID)
• Network connection type and status
• Device permissions granted to the app

2.5 Location and Technical Data

Technical Information:

• IP address and general location
• Network information and connectivity status
• Browser type and version (for web components)
• Referral sources and campaign tracking
• API usage logs and system interactions

3. How We Use Your Information

3.1 Core Service Provision

• Account Management: Creating and maintaining user accounts, authentication, and profile management
• Image Processing: Transforming uploaded images using AI technology, storing results, and delivering processed content
• Credit System: Managing credit balances, processing purchases, tracking usage, and preventing fraud
• Payment Processing: Handling transactions, verifying purchases, and maintaining financial records

3.2 Service Improvement and Analytics

• Performance Optimization: Analyzing usage patterns to improve app performance and user experience
• Feature Development: Understanding user preferences to develop new features and improvements
• Quality Assurance: Monitoring service quality, identifying bugs, and resolving technical issues
• AI Model Improvement: Using aggregated, anonymized data to enhance transformation quality

3.3 Communication and Support

• Customer Support: Responding to inquiries, troubleshooting issues, and providing assistance
• Service Updates: Notifying users about important changes, new features, or service disruptions
• Marketing Communications: Sending promotional content and updates (with user consent)
• Legal Compliance: Fulfilling legal obligations and responding to valid legal requests

3.4 Security and Fraud Prevention

• Account Security: Detecting and preventing unauthorized access, fraud, and abuse
• Credit Protection: Monitoring for exploitation attempts and unauthorized credit manipulation
• System Integrity: Protecting against technical attacks, spam, and malicious activity
• Compliance Monitoring: Ensuring adherence to terms of service and community guidelines

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share information with trusted third-party services that help us operate the App:

4.2 Legal and Compliance Sharing

We may disclose information when required by law or to protect our rights:

• Legal Obligations: Compliance with court orders, subpoenas, or regulatory requirements
• Safety Protection: Preventing harm to users, the public, or our service
• Rights Enforcement: Protecting intellectual property, investigating fraud, or enforcing terms
• Business Transfers: In connection with mergers, acquisitions, or asset sales

4.3 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify individual users:

• Usage statistics and trends
• Performance metrics and analytics
• Research and development insights
• Industry reporting and benchmarking

5. Data Storage and Security

5.1 Storage Infrastructure

Primary Storage:

• Backend data stored using Convex infrastructure
• Images stored with secure access controls and encrypted URLs
• Database records protected with industry-standard encryption
• Redundant backups and disaster recovery systems

Geographic Location:

• Data may be stored in multiple geographic regions for performance and redundancy
• Primary storage regions comply with applicable data protection laws
• Cross-border transfers are conducted with appropriate safeguards

5.2 Security Measures

Technical Safeguards:

• Encryption in transit using TLS/SSL protocols
• Encryption at rest for sensitive data storage
• Secure authentication and access controls
• Regular security audits and vulnerability assessments

Administrative Safeguards:

• Employee access controls and training
• Data handling policies and procedures
• Incident response and breach notification protocols
• Regular security policy reviews and updates

5.3 Data Retention

• Account Data: Retained for the duration of account existence plus legal requirements
• Images: Original and transformed images retained while account is active
• Financial Records: Purchase and transaction data retained for 7 years for tax and legal compliance
• Usage Analytics: Aggregated usage data retained for 2 years for service improvement
• Support Communications: Customer service records retained for 3 years

6. Your Privacy Rights and Choices

6.1 Access and Control

Account Access:

• You can view and update your profile information through the App's settings
• Access your credit balance and purchase history
• Review your transformation history and saved images
• Download or delete your transformed images

Data Portability:

• You can request a copy of your personal data in machine-readable format
• Export your images and transformation history
• Receive account information and settings data

6.2 Deletion and Modification Rights

Account Deletion:

• You can delete your account at any time through the App's settings
• Request complete data deletion (subject to legal retention requirements)
• Choose to keep or delete transformed images upon account closure

Data Correction:

• You can update incorrect or outdated personal information
• You can modify your privacy preferences and communication settings
• You can correct your payment and billing information

6.3 Regional Privacy Rights

California Residents (CCPA):

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information
• Right to non-discriminatory treatment

European Union Residents (GDPR):

• Right of access to personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing

7. Children's Privacy

7.1 Age Requirements

• Catify is intended for users aged 13 and older
• We do not knowingly collect personal information from children under 13
• Users under 18 should have parental consent before using the App

7.2 Parental Controls

If we learn that we have collected information from a child under 13:

• We will delete the information as quickly as possible
• We will terminate the associated account
• We will notify parents if contact information is available

8. International Data Transfers

8.1 Cross-Border Processing

• Our services may involve data transfers across international borders
• We implement appropriate safeguards for international transfers
• Data processing agreements include adequate protection measures
• We comply with applicable cross-border data transfer regulations

8.2 Transfer Mechanisms

• Adequacy Decisions: Transfers to countries with adequate protection levels
• Standard Contractual Clauses: EU-approved contractual protections
• Binding Corporate Rules: Internal data protection standards
• Consent: User consent for specific transfer purposes where required

9. Privacy Policy Updates

9.1 Notification of Changes

How We Notify You:

• In-app notifications for material changes
• Email notifications to registered users
• Updated policy posted on our website
• Version history maintained for transparency

When Changes Take Effect:

• Material changes effective 30 days after notification
• Non-material changes effective immediately upon posting
• Continued use constitutes acceptance of updated policy
• Users may delete accounts if they disagree with changes

10. Contact Information and Requests

10.1 Privacy Officer Contact

For privacy-related questions or requests:

• Email: catifyaiapp@gmail.com
• Subject line: "Privacy Request - [Your Request Type]"
• Include your account email and specific request details
• Response time: Within 30 days for most requests

10.2 Data Subject Requests

To exercise your privacy rights:

• Use in-app privacy request forms when available
• Email catifyaiapp@gmail.com with "Data Request" in subject line
• Provide verification information to confirm identity
• Specify the type of request and any relevant details

11. Effective Date and Acceptance

This Privacy Policy is effective as of July 15, 2025 and was last updated on July 15, 2025. By using Catify, you acknowledge that you have read and understood this Privacy Policy and agree to our data practices as described herein.