PRIVACY POLICY FOR NAILIFY
Last Updated: November 27, 2024
Effective Date: November 27, 2024
Welcome to Nailiy. This Privacy Policy explains how Nailiy ("we," "us," or "our") collects, uses, discloses, and safeguards your information when you use our mobile application ("App"). Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.
If you do not agree with the terms of this Privacy Policy, please do not access or use the App.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
1. INFORMATION WE COLLECT
1.1 Personal Information
We may collect personally identifiable information that you voluntarily provide when using our App, including:
• Full Name: Collected during account registration for display purposes
• Email Address: Collected during account registration for authentication and account recovery
• User ID: A unique identifier assigned to your account for service delivery
• Device Information: Device type, operating system version, and unique device identifiers for app functionality and diagnostics
1.2 Photos and Images
Our App requires access to your device's camera and photo library to provide our core service:
• Hand/Nail Photos: Images you capture or select for AI nail design processing
• Pattern Images: Design patterns you upload for nail art creation
• Generated Designs: AI-processed images created from your photos
IMPORTANT: Photos you submit for AI processing are temporarily sent to our third-party AI service provider. Processed design results are stored in your personal gallery within the App and remain there until you manually delete them or delete your account.
1.3 Usage Data
We automatically collect certain information when you use the App:
• App usage statistics and feature interaction data
• Session duration and frequency
• Trial credits used and remaining balance
• Purchase history and transaction records
• Performance data and diagnostic information
1.4 Purchase Information
When you make in-app purchases:
• Transaction identifiers from Apple App Store
• Purchase timestamps and product identifiers
• Subscription status and expiration dates (if applicable)
• We do NOT collect or store your payment card information - all payments are processed securely through Apple
1.5 Diagnostic and Performance Data
We collect technical information to maintain and improve app quality:
• Crash reports and error logs (automatically collected via Firebase Crashlytics)
• App performance metrics
• Device compatibility information
• Network connectivity data
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
2. HOW WE USE YOUR INFORMATION
2.1 Primary Purposes
We use the collected information for the following purposes:
• To Process Your Nail Designs: Your photos are sent to our AI processing service to generate custom nail art designs
• To Manage Your Account: Authentication, account security, profile management, and account recovery
• To Process Transactions: Managing your trial credits, purchase history, and subscription status
• To Provide Customer Support: Responding to your inquiries, resolving issues, and improving user experience
• To Ensure App Functionality: Maintaining app stability, preventing fraud, implementing security measures, and improving performance
2.2 AI Image Processing
When you submit a photo for nail design:
1. Your hand photo and selected pattern are securely transmitted to our AI processing service (Fal.ai)
2. The AI generates your custom nail design based on your selections
3. The processed result is returned to the App and saved to your personal gallery
4. Images in your gallery remain stored until you manually delete them or delete your account
2.3 Product Personalization
We use your data to customize your experience:
• Displaying your remaining trial credits and purchase history
• Managing your subscription status and benefits
• Showing your saved designs in your personal gallery
• Providing personalized in-app purchase recommendations
2.4 Analytics and Improvements
We use aggregated, de-identified usage data to:
• Understand how users interact with our App features
• Identify and fix technical issues and crashes
• Develop new features and improvements
• Measure app performance and stability
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
3. THIRD-PARTY SERVICES
Our App integrates with the following third-party services, each with their own privacy policies:
3.1 Firebase (Google)
• Purpose: User authentication, cloud database storage, crash reporting, and performance monitoring
• Data Shared: Full name, email address, user ID, device identifiers, usage analytics, crash logs, and performance data
• Privacy Policy: https://firebase.google.com/support/privacy
3.2 Fal.ai
• Purpose: AI-powered image processing for nail design generation
• Data Shared: Hand photos and pattern images submitted for processing (sent temporarily during processing)
• Privacy Policy: https://fal.ai/privacy
• Note: Fal.ai does not retain your images after processing is complete
3.3 Adapty
• Purpose: In-app purchase management, subscription handling, and payment fraud prevention
• Data Shared: User identifiers, device identifiers, purchase history, and transaction data
• Privacy Policy: https://adapty.io/privacy
3.4 Apple App Store
• Purpose: Payment processing for in-app purchases
• Data Shared: Transaction data (handled entirely by Apple's secure payment system)
• Privacy Policy: https://www.apple.com/legal/privacy
3.5 SendGrid
• Purpose: Transactional email delivery for account verification and password reset
• Data Shared: Email address and verification codes
• Privacy Policy: https://www.twilio.com/legal/privacy
• Note: We do NOT use SendGrid for marketing or promotional emails
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
4. DATA STORAGE AND SECURITY
4.1 Data Storage Locations
• Account data (name, email, user ID) is stored on secure Firebase Cloud Firestore servers located in the United States
• Design photos you save to your gallery are stored in Firebase Cloud Storage until you delete them
• Purchase records are stored by Adapty and Apple App Store according to their respective retention policies
4.2 Security Measures
We implement appropriate technical and organizational security measures including:
• Encrypted data transmission using TLS 1.2 or higher
• Secure authentication mechanisms via Firebase Authentication
• Regular security monitoring and assessments
• Access controls and permission management
• Secure API communications with encryption
However, please note that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.
4.3 Data Retention
• Account Information: Retained until you delete your account
• Photos in Gallery: Retained until you manually delete them or delete your account
• Purchase History: Retained for up to 7 years for legal, tax, and accounting compliance
• Deleted Account Records: Email addresses of deleted accounts are retained indefinitely to prevent abuse of free trial credits
• Crash and Performance Data: Retained for up to 24 months in de-identified form
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
5. DATA SHARING AND DISCLOSURE
5.1 We Do NOT Sell Your Data
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
5.2 Service Providers
We share your information with trusted third-party service providers who assist us in operating our App:
• Firebase: For authentication, database, and infrastructure services
• Fal.ai: For AI image processing (images are sent temporarily and not retained)
• Adapty: For in-app purchase management
• SendGrid: For transactional email delivery
These providers are contractually obligated to protect your data and use it only for the purposes we specify.
5.3 Legal Requirements
We may disclose your information if required by law or in response to:
• Valid legal processes (court orders, subpoenas)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Prevention of fraud or security threats
5.4 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.
5.5 No Tracking or Advertising
We do NOT:
• Use your data for cross-app tracking or targeted advertising
• Share your data with advertising networks or data brokers
• Collect or use advertising identifiers (IDFA) for tracking purposes
• Combine your data with third-party data for advertising purposes
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
6. YOUR RIGHTS AND CHOICES
6.1 Access and Portability
You have the right to:
• Access your personal data stored in our systems
• Request a copy of your data in a portable format
• Review your purchase history and saved designs within the App
6.2 Correction and Deletion
You have the right to:
• Update or correct your account information (name, email)
• Delete individual photos from your gallery
• Delete your account and all associated data
To delete your account: Open the App → Settings → Account → Delete Account
When you delete your account:
• Your profile information will be permanently deleted
• All photos in your gallery will be permanently deleted
• Your email address will be retained to prevent trial credit abuse
• Purchase records will be retained for legal compliance (up to 7 years)
6.3 Opt-Out Options
You can:
• Revoke camera and photo library permissions in your device settings
• Disable crash reporting (note: this may affect app stability)
• Stop using the App at any time
6.4 Data Portability (GDPR)
If you are in the European Economic Area, you have the right to receive your personal data in a structured, commonly used, and machine-readable format.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
7. INTERNATIONAL DATA TRANSFERS
Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers (Firebase, Fal.ai, Adapty) are located.
When we transfer data internationally, we ensure appropriate safeguards are in place:
• Standard Contractual Clauses approved by the European Commission (for EU users)
• Compliance with applicable data protection frameworks
• Contractual data protection obligations with all service providers
• Technical and organizational security measures
By using the App, you consent to the transfer of your information to the United States and other countries where our service providers operate.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
8. CHILDREN'S PRIVACY
Our App is not intended for children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children.
If we discover that we have collected personal information from a child under 13 without parental consent, we will delete that information immediately.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@nailify.app so we can delete the information.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
9. CALIFORNIA PRIVACY RIGHTS (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):
9.1 Right to Know
You have the right to request:
• What categories of personal information we collect
• The sources from which we collect personal information
• Our business or commercial purposes for collecting personal information
• The categories of third parties with whom we share personal information
9.2 Right to Delete
You have the right to request deletion of your personal information, subject to certain exceptions.
9.3 Right to Opt-Out
You have the right to opt out of the "sale" of personal information. Note: We do NOT sell your personal information.
9.4 Right to Non-Discrimination
We will not discriminate against you for exercising your CCPA rights.
9.5 How to Exercise Your Rights
To exercise these rights, contact us at privacy@nailify.app with "CCPA Request" in the subject line. We will respond within 45 days.
Categories of Personal Information We Collect (CCPA):
• Identifiers (name, email, user ID, device ID)
• Commercial information (purchase history)
• Internet or network activity (app usage data)
• Visual information (photos you upload)
• Inferences (preferences based on app usage)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
10. EUROPEAN PRIVACY RIGHTS (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):
10.1 Legal Basis for Processing
We process your personal data based on:
• Consent: When you create an account and use our services
• Contract: To provide the services you requested
• Legitimate Interests: To improve our services, prevent fraud, and ensure security
• Legal Obligations: To comply with applicable laws
10.2 Your GDPR Rights
You have the right to:
• Access your personal data
• Rectify inaccurate personal data
• Erase your personal data ("right to be forgotten")
• Restrict processing of your personal data
• Object to processing of your personal data
• Data portability
• Withdraw consent at any time
• Lodge a complaint with your local data protection authority
10.3 How to Exercise Your GDPR Rights
Contact us at privacy@nailify.app with "GDPR Request" in the subject line. We will respond within 30 days.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
11. TURKISH DATA PROTECTION (KVKK)
For users in Turkey, we comply with the Personal Data Protection Law (KVKK - Kişisel Verilerin Korunması Kanunu):
• We process your data based on your explicit consent
• You have the right to learn whether your data is processed
• You have the right to request information about processing activities
• You have the right to request correction or deletion of your data
• You have the right to object to processing
• You have the right to request data portability
Türkiye'deki kullanıcılar için: Kişisel verileriniz KVKK kapsamında korunmaktadır. Verilerinizin işlenmesine ilişkin tüm haklarınızı kullanabilirsiniz. Taleplerinizi privacy@nailify.app adresine "KVKK Talebi" konusuyla iletebilirsiniz.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
12. COOKIES AND TRACKING TECHNOLOGIES
Our mobile App does not use traditional web cookies. However, we use similar technologies for essential app functionality:
• Authentication Tokens: To keep you logged in securely
• Session Management: To maintain your app session
• Analytics Identifiers: To understand app usage (Firebase Analytics)
• Crash Reporting Identifiers: To diagnose and fix issues (Firebase Crashlytics)
These technologies are necessary for the App to function properly. You can control some of these through your device settings, but disabling them may limit app functionality.
We do NOT use tracking technologies for:
• Cross-app tracking
• Targeted advertising
• Third-party advertising networks
• Behavioral profiling for marketing
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.
When we make changes, we will:
• Update the "Last Updated" date at the top of this policy
• Post the new Privacy Policy in the App
• Notify you via in-app notification for material changes
• In some cases, send an email notification (for significant changes)
We encourage you to review this Privacy Policy periodically. Your continued use of the App after changes are posted constitutes your acceptance of the updated Privacy Policy.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
14. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
General Inquiries:
Email: support@nailify.app
Subject Line: Privacy Policy Inquiry
Privacy-Specific Requests (GDPR, CCPA, KVKK):
Email: privacy@nailify.app
Subject Lines:
• "GDPR Request" for European users
• "CCPA Request" for California users
• "KVKK Talebi" for Turkish users
• "Privacy Request" for general privacy inquiries
Response Time:
• General inquiries: Within 5 business days
• GDPR requests: Within 30 days
• CCPA requests: Within 45 days
• KVKK requests: Within 30 days
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
15. CONSENT AND ACCEPTANCE
By creating an account and using Nailiy, you acknowledge that you have read, understood, and agree to:
• The collection and processing of your data as described in this Privacy Policy
• The sharing of your data with third-party service providers as specified
• The international transfer of your data where necessary to provide our services
• The storage of your photos in your personal gallery until you delete them
You may withdraw your consent at any time by:
• Deleting your account through App Settings
• Contacting us at privacy@nailify.app
• Ceasing to use the App
Withdrawal of consent may limit your ability to use certain features or may require account deletion.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
This Privacy Policy is effective as of November 27, 2024.
Copyright © 2024 Nailiy. All rights reserved.