Privacy Policy

Introduction

Datewise ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our iOS application ("Datewise" or "the App").

By using Datewise, you agree to the collection and use of information in accordance with this Privacy Policy.

Information We Collect

1. Information You Provide

Screenshots and Images

What We Collect:

• Screenshots of dating conversations
• Photos you upload for reply suggestions

How We Use It:

• Sent to Google Gemini AI API for conversation analysis and reply generation
• Processed temporarily to understand context and generate personalized replies

Data Retention:

• On Your Device: Images are NOT permanently stored on your device after analysis
• Our Backend: Images are processed in real-time and immediately discarded (not stored)
• Google Gemini API: Images are retained for 55 days for abuse monitoring purposes only
  • Important: We use Gemini's PAID API tier, which means your images are NOT used to train Google's AI models
  • Data is only retained for detecting violations of Google's Prohibited Use Policy
  • For more information, see Google's Gemini API Data Logging Policy

Security:

• All images are transmitted via HTTPS encryption
• Images are compressed before transmission to protect your privacy and reduce data usage

User Preferences

What We Collect:

• Tone and style preferences (confident, playful, romantic, etc.)
• Gender and dating preferences (for reply personalization)
• Language preference
• Notification settings

Storage:

• Stored ONLY on your device using iOS UserDefaults
• Never transmitted to our servers except as part of API requests for personalization

2. Automatically Collected Information

Device Identifier

What We Collect:

• Anonymous device ID (UUID) generated and stored in your device's secure Keychain

How We Use It:

• Rate limiting to ensure fair usage across all users
• Preventing abuse of our AI services

Important:

• This is NOT your device's IDFA or any personally identifiable information
• It's a random identifier that cannot be linked to your identity
• Generated once when you first open the app

Data Retention:

• Stored indefinitely on our backend for rate limiting purposes
• Automatically removed when you delete the app from your device
• Future feature: You'll be able to request deletion of your Device ID from our servers

Usage Statistics (Local Only)

What We Track:

• Which features you use (Instant Reply, Pickup Lines)
• When you last used the app
• Feature usage counts
• Activity patterns (for smart notification timing)

Storage:

• Stored ONLY on your device in local storage (UserDefaults)
• NEVER transmitted to our servers
• Used only for local app functionality (smart notifications, reminders)

Conversation History (Local Only)

What We Store:

• Your saved chat sessions
• Generated reply suggestions you've saved
• Favorited replies

Storage:

• Stored ONLY on your device using Core Data (local SQLite database)
• NEVER transmitted to our servers unless you explicitly re-upload a screenshot
• Remains on your device until you delete the app or manually clear the history

3. Third-Party Data Collection

We use third-party services that may collect information used to identify you or provide functionality.

RevenueCat (Subscription Management)

What RevenueCat Collects:

• Anonymous App User ID (auto-generated by RevenueCat)
• Purchase history and transaction data
• Subscription status and renewal information
• Device information (iOS version, app version)
• IP address (for fraud detection and geographic compliance)

How It's Used:

• Managing your subscription and billing
• Processing in-app purchases
• Detecting fraudulent transactions
• Providing subscription analytics

Privacy Policy: https://www.revenuecat.com/privacy

Your Rights:

• RevenueCat is SOC 2 Type II certified
• GDPR compliant for EU users
• You can contact RevenueCat to request data deletion

Google Gemini AI API (AI Processing)

What Google Receives:

• Images you upload (screenshots and photos)
• User preferences sent with API requests (tone, gender, language)
• Anonymous device ID (for our rate limiting)

How It's Used:

• Analyzing conversation context from screenshots
• Generating AI-powered reply suggestions
• Understanding photo content for reply personalization

Data Retention:

• 55 days for abuse monitoring (detecting policy violations)
• NOT used to train Google's AI models (we use Gemini's paid API tier)
• Human reviewers do NOT access your data unless there's a policy violation

Privacy Resources:

• Gemini API Terms of Service
• Gemini API Data Logging Policy

Future Third-Party Services

We plan to integrate the following services in future updates:

Sentry (Error Tracking & Crash Reporting):

• Will collect crash reports and error logs
• Device information (model, OS version)
• Used to improve app stability and fix bugs
• Privacy Policy: https://sentry.io/privacy/

PostHog (Analytics):

• May be added for product analytics
• Will track feature usage and user flows
• Used to improve app experience
• Privacy Policy: https://posthog.com/privacy

Important: We will update this Privacy Policy and notify you in-app before adding these services.

How We Use Your Information

We use the collected information for the following purposes:

Core App Functionality

• Analyze conversation screenshots to understand context
• Generate AI-powered dating reply suggestions
• Personalize suggestions based on your tone and demographic preferences
• Provide photo analysis and context-aware replies

Rate Limiting & Abuse Prevention

• Prevent spam and abuse of AI services
• Ensure fair usage across all users
• Detect and block malicious activity

Subscription Management

• Process and manage your in-app subscriptions
• Handle billing and payments via RevenueCat
• Provide access to premium features

App Improvement (Local Only)

• Understand which features are most used (local analytics only)
• Optimize notification timing based on your activity patterns
• Improve user experience

Future Improvements

• Bug tracking and crash reporting (via Sentry - future)
• Product analytics to understand user behavior (via PostHog - future)

Data Sharing and Third Parties

We DO NOT:

• ❌ Sell your personal information to anyone
• ❌ Share your images or conversations with third parties (except for AI processing as described)
• ❌ Use your data for advertising or cross-app tracking
• ❌ Allow human reviewers to access your data
• ❌ Store your images permanently on our servers

We DO:

• ✅ Use RevenueCat for subscription management (see their privacy policy)
• ✅ Send images to Google Gemini API for AI processing (55-day retention, NOT used for training)
• ✅ Use device IDs for rate limiting (anonymous, cannot identify you)
• ✅ Plan to use Sentry for error tracking (future feature)

Third-Party Service Providers:

Data Storage and Security

Local Data (On Your Device)

Storage Methods:

• Keychain: Device ID (most secure iOS storage)
• Core Data: Conversation history, saved sessions (encrypted local database)
• UserDefaults: User preferences, activity stats (local storage)

Security:

• All local data is protected by iOS security features
• Data is sandboxed and inaccessible to other apps
• Encrypted backups via iCloud (if enabled by you)

Backend Communication

Security Measures:

• All API requests use HTTPS/TLS 1.3 encryption
• Images are compressed and encrypted during transmission
• No permanent storage of images on our servers
• Device IDs are anonymized and cannot identify you personally

Server Location:

• Our backend is hosted on Railway (cloud infrastructure)
• Data may be transmitted through servers in various countries
• Google Gemini API may process data in any country where Google maintains facilities

No Permanent Image Storage

Important: We do NOT permanently store your uploaded images.

Image Processing Flow:

1. You upload screenshot →
2. Sent to our backend (HTTPS) →
3. Forwarded to Google Gemini API →
4. AI analyzes image →
5. Reply suggestions sent back to app →
6. Image immediately discarded (not stored by us)
7. Google retains for 55 days (abuse monitoring only)

Data Retention

Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information.

All Users

You have the right to:

• ✅ Access: View all data stored locally in the app
• ✅ Delete: Delete your conversation history within app settings
• ✅ Opt-Out: Disable notifications in app settings
• ✅ Uninstall: Delete all local data by uninstalling the app
• ✅ Request Info: Contact us to learn what data we have about your device ID

Future Features (coming soon):

• Request deletion of your Device ID from our backend
• Export your saved conversations

European Union (GDPR) Users

Under GDPR, you have additional rights:

• Right to Access: Request a copy of your data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to certain data processing
• Right to Withdraw Consent: Withdraw consent at any time

Note: Since most data is stored locally on your device, you already have full control over it.

California (CCPA) Users

California residents have rights under the California Consumer Privacy Act:

• Right to Know: What personal information we collect and how we use it
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do NOT sell your personal information (no opt-out needed)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

Vietnam Users

As a Vietnam-based developer, we comply with Vietnam's Law on Cybersecurity and data protection regulations.

How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: support@tryflirtai.app
Subject Line: "Privacy Rights Request - [Your Request Type]"

We will respond to your request within 30 days.

Children's Privacy

Datewise is intended for users aged 17 and older.

We do not knowingly collect personal information from anyone under the age of 17. If you are a parent or guardian and believe your child under 17 has provided us with personal information, please contact us immediately at support@tryflirtai.app.

If we discover that a user under 17 has provided us with personal information, we will:

1. Delete such information from our servers immediately
2. Terminate their access to the app
3. Notify the parent/guardian (if contact information is available)

Parental Verification: We may request age verification before allowing access to the app.

International Data Transfers

Datewise is developed in Vietnam by Max Luong.

Data Transfer:

• Our backend services may process data in various countries
• Google Gemini API may process images in any country where Google maintains facilities
• RevenueCat processes subscription data globally

Safeguards:

• All data transfers use encryption (HTTPS/TLS)
• We comply with applicable data protection laws in Vietnam, EU (GDPR), and California (CCPA)
• Third-party processors (Google, RevenueCat) maintain international compliance certifications

EU Users: Data transfers outside the EU are protected by:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by the EU Commission
• Third-party certifications (e.g., Google's ISO 27001, RevenueCat's SOC 2)

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or app features.

How We Notify You:

• Update the "Last Updated" date at the top of this policy
• Post the new Privacy Policy at https://tryflirtai.app/privacy
• Display an in-app notification for significant changes
• Email notification for major changes (if we add email collection in the future)

Your Responsibility:

• Review this Privacy Policy periodically for changes
• Continued use of the app after changes constitutes acceptance of the updated policy

Significant Changes:

• Addition of new third-party services (e.g., Sentry, PostHog)
• Changes to data retention policies
• New data collection practices
• Material changes to how we use your information

If we make significant changes, we will provide prominent notice at least 30 days before the changes take effect.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

In-App Support:

• Settings → Help & Support → Contact Support

For Privacy-Specific Inquiries:

• Use subject line: "Privacy Policy Question"
• Include your Device ID (found in Settings → About) for faster assistance

Legal Compliance

Datewise complies with:

• ✅ Apple App Store Guidelines: App Store Review Guidelines
• ✅ General Data Protection Regulation (GDPR): For EU users
• ✅ California Consumer Privacy Act (CCPA): For California residents
• ✅ Vietnam Law on Cybersecurity: Local data protection regulations
• ✅ Google Gemini API Terms: Gemini API Terms of Service
• ✅ RevenueCat Terms: RevenueCat Privacy Policy

Transparency Commitments

We are committed to transparency about our data practices:

What We Promise:

1. No Surprise Changes: We will notify you before making significant changes to data collection
2. Clear Communication: We explain technical terms in plain language
3. User Control: You have control over your local data at all times
4. Minimal Collection: We only collect data necessary for app functionality
5. No Hidden Tracking: We do not use hidden trackers or analytics (except what's disclosed)
6. Honest Disclosure: We clearly state all third-party services and their data practices

What We Don't Do:

• ❌ Sell your data to advertisers
• ❌ Share your images with anyone except AI processors
• ❌ Track you across other apps or websites
• ❌ Use your data for purposes not disclosed in this policy
• ❌ Store your images permanently
• ❌ Allow unauthorized access to your data

Data Breach Notification

In the unlikely event of a data breach that affects your personal information:

We will:

1. Investigate the breach immediately
2. Notify affected users within 72 hours (GDPR requirement)
3. Disclose what data was affected
4. Explain what steps we're taking to prevent future breaches
5. Provide guidance on protecting yourself
6. Notify relevant authorities as required by law

How We'll Notify You:

• In-app notification
• Email (if we have your email address in the future)
• Notice on our website

Note: Since most data is stored locally on your device, backend breaches would primarily affect Device IDs (which are anonymous).

Your Consent

By using Datewise, you consent to:

• ✅ Collection and use of information as described in this Privacy Policy
• ✅ Processing of images by Google Gemini API (55-day retention)
• ✅ Use of RevenueCat for subscription management
• ✅ Storage of data on your device using iOS security features
• ✅ Transmission of anonymous Device ID for rate limiting

You can withdraw consent at any time by:

• Deleting the app from your device
• Contacting us to request data deletion
• Disabling specific features in app settings

Additional Resources

Learn More About Our Practices:

• Terms of Service (Coming Soon)
• App Store Privacy Disclosure (Coming Soon)
• Subscription Terms (Coming Soon)

Third-Party Privacy Policies:

• Google Gemini API Privacy
• RevenueCat Privacy Policy
• Sentry Privacy Policy (Future)
• PostHog Privacy Policy (Future)

Legal Resources:

• GDPR Information (EU)
• CCPA Information (California)