Privacy Policy – X-Ray Camera AI

  Effective date: 30 Sep 2025

  1. Introduction

  - X-Ray Camera AI (“the App,” “we”) respects your privacy and protects your personal data. By using the App you agree to this Policy.

  2. Data we collect

  - In‑app images: temporarily sent to OpenAI servers for processing and deleted once finished. We do not store copies on our servers; photos remain on

  your iPhone.

  - Subscriptions: subscription status and purchase receipts via RevenueCat/Apple. We do not receive your Apple ID or full card details.

  - Stability logs (Firebase Crashlytics): anonymous technical data such as app/OS version, device model, and crash traces. We do not attach these logs

  to your identity.

  - Optional metrics (Firebase Analytics, if enabled): aggregated, non‑PII usage events. We do not use the advertising identifier (IDFA) or personalize

  ads.

  - Minimal technical identifiers: a hashed device identifier (derived from IDFV) and small keychain flags (e.g., “free test used,” “trial started”) to

  enforce trial/limits and prevent abuse.

  We do not collect: location/GPS, contacts, full photo library, health data, audio, or microphone data.

  3. How we use the data

  - Deliver the service: AI image processing, usage limits, and subscription verification.

  - Improve and support: anonymous metrics, crash resolution, and security/anti‑fraud.

  - Necessary subscription/support notices and legal compliance.

  4. Legal bases

  - Consent (e.g., image processing).

  - Contract performance (service delivery).

  - Legitimate interests (improvement, security, abuse prevention).

  - Legal compliance.

  5. Sharing with third parties

  - OpenAI: temporary images; purpose: AI effect; retention: immediate deletion after processing.

  - RevenueCat: subscription/receipt data; purpose: purchase/subscription management; retention: while the account is active or per their policies.

  - Apple (App Store): in‑app purchase info; purpose: payments; retention: per Apple policies.

  - Firebase (Google): Crashlytics for crash logs and, if enabled, Analytics for anonymous metrics. We never sell data or share it with advertisers. We

  disclose data only when legally required or with your consent.

  6. Storage & security

  - Photos: on‑device only; encrypted in transit (TLS) to OpenAI and deleted after processing.

  - Logs/metrics: stored by providers with access controls and encryption in transit. We follow each provider’s retention policies.

  7. Your rights

  - Request access, correction, deletion, portability, objection, or restriction at mmdevopios@gmail.com. We reply within 30 days.

  8. Children

  - Not directed to children under 13. If we learn of such data, we delete it promptly.

  9. International transfers

  - Processing by OpenAI and Firebase may occur in the USA or other jurisdictions. Standard Contractual Clauses or equivalent safeguards apply where

  required.

  10. Identifiers & cookies

  - We use device identifiers and session tokens to maintain security, enforce the one‑time trial, and gather basic stats. You can limit certain

  tracking in iOS Settings › Privacy.

  11. Changes

  - We may update this Policy. We will notify you in‑app and update the “Last updated” date.

  12. Contact

  - Privacy or support inquiries: mmdevopios@gmail.com

  13. Disclaimer of liability

  - The App is provided “as‑is.” To the fullest extent permitted by law, you use it at your own risk and waive claims for damages so long as we process

  data as described in this Policy.