ViralMe ("we," "our," or "us"), operated by Reklamstore Reklamcılık A.Ş., is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application ("App").
By using ViralMe, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Face Data and Photographs
We collect photographs containing facial images that you voluntarily upload through our App. This includes:
- Photos selected from your device's photo library
- Photos captured using your device's camera within the App
Important: We only collect photos that you actively choose to upload for AI processing. We do not access your photo library without your explicit action.
1.2 Account Information
- Anonymous user identifiers generated by the App
- Device identifiers (Adjust ADID) for analytics purposes
- Email address (only if you choose to create an account)
1.3 Subscription and Purchase Data
- In-app purchase transaction identifiers
- Subscription status and history
- Payment information is processed by Apple/Google and is not stored by us
1.4 Usage Data
- App interaction and feature usage statistics
- Crash logs and performance data
- Device type, operating system version
2. How We Use Your Information
2.1 Face Data Usage
Your face photos are used exclusively for:
- AI-powered face swap and image generation
- Creating personalized visual content as requested by you
- Generating the output images you have specifically requested
We do NOT use your face data for:
- Facial recognition or identification purposes
- Building facial recognition databases or training AI models
- Surveillance, tracking, or monitoring
- Sharing with advertisers or data brokers
- Any purpose other than generating your requested content
2.2 AI Processing Workflow
- You upload a face photo through the App
- The photo is securely transmitted to our servers using TLS 1.3 encryption
- Our AI system processes the image to generate your requested content
- The original uploaded photo is immediately and permanently deleted after processing
- Only the generated output image is stored in your personal gallery
2.3 Analytics and Improvement
We use anonymized usage data to:
- Improve App performance and user experience
- Analyze feature usage to prioritize development
- Identify and fix technical issues
3. Data Storage and Security
3.1 Storage Location
All data is stored on Supabase, a SOC 2 Type II compliant cloud infrastructure hosted on Amazon Web Services (AWS). Our primary servers are located in the United States.
3.2 Security Measures
We implement industry-standard security measures including:
- Encryption in Transit: All data transmission uses TLS 1.3 encryption
- Encryption at Rest: Data stored on servers is encrypted using AES-256 encryption
- Access Control: Server access is strictly limited to authorized personnel only
- Monitoring: Regular security audits and continuous monitoring for unauthorized access
- Secure Infrastructure: SOC 2 Type II compliant hosting environment
3.3 Data Isolation
Each user's data is logically isolated and accessible only to that user. We implement strict access controls to prevent unauthorized access to user data.
4. Data Retention
4.1 Input Face Photos (Original Uploads)
Your uploaded face photos are automatically and permanently deleted immediately after AI processing is complete.
- Typical processing time: Less than 2 minutes
- After processing: Original photo is permanently deleted from all servers
- We do NOT retain your original face photos
4.2 Generated Output Images
Generated images are stored in your personal gallery within the App and are retained until:
- You manually delete them through the App, OR
- You delete your account
You have full control over your generated images and can delete them at any time.
4.3 Account Data
- Active accounts: Data is retained while your account is active
- Inactive accounts: Accounts inactive for more than 24 months may be scheduled for deletion
- Account deletion: Upon request, all data is permanently deleted within 30 days
4.4 Analytics Data
Anonymized analytics data may be retained for up to 24 months for analytical purposes. This data cannot be used to identify individual users.
5. Third-Party Sharing
5.1 Face Data - AI Processing Disclosure
We do not sell or rent face data.
To provide the AI effect you request, selected photos/videos and optional prompt text are transmitted to our AI processing provider EachLabs through our secure backend. This transfer happens only after your explicit in-app consent.
EachLabs processes this data only to generate the requested output and is not permitted to use your data for unrelated purposes such as advertising, resale, or model training.
5.2 Service Providers
We use the following third-party service providers to help us operate the App:
| Service Provider | Purpose | Data Shared |
|---|---|---|
| EachLabs | AI effect generation | User-selected photo/video and optional prompt text (for requested processing only) |
| Supabase | Database and file storage | Generated images (user-controlled), account data |
| Adjust | App analytics and attribution | Device identifiers, app usage events (no photos) |
| OneSignal | Push notifications | Device tokens, notification preferences (no photos) |
| Adapty | Subscription management | User ID, subscription status (no photos) |
| Apple/Google | In-app purchases | Transaction data (processed by platform) |
All service providers are contractually obligated to protect your data and use it only for the specified purposes.
5.3 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
6. Your Rights and Choices
6.1 Your Rights
Depending on your location, you may have the following rights:
- Right to Access: View all your data stored in the App
- Right to Delete: Delete any or all of your generated images and account data
- Right to Portability: Request a copy of your data in a portable format
- Right to Withdraw Consent: Stop using the App at any time
- Right to Object: Object to certain processing of your data
6.2 How to Exercise Your Rights
| Action | How to Do It |
|---|---|
| View your images | Open the App → Gallery |
| Delete an image | Tap on image → Delete button |
| Delete all images | Settings → Delete All Images |
| Delete your account | Settings → Delete Account |
| Data export request | Email: [email protected] |
| Privacy questions | Email: [email protected] |
6.3 Account Deletion
When you delete your account:
- All your generated images are permanently deleted
- All your account data is permanently deleted
- This process is completed within 30 days
- This action cannot be undone
7. Cookies and Tracking Technologies
7.1 Mobile Identifiers
We use mobile advertising identifiers (IDFA on iOS, GAID on Android) for:
- App analytics and performance monitoring
- Attribution of app installs to marketing campaigns
You can limit ad tracking through your device settings:
- iOS: Settings → Privacy → Tracking
- Android: Settings → Google → Ads
7.2 App Tracking Transparency (iOS)
On iOS devices, we request your permission before tracking through the App Tracking Transparency framework. You can change this permission at any time in your device settings.
8. Children's Privacy
8.1 Age Restriction
ViralMe is not intended for children under 13 years of age (or under 16 in certain jurisdictions). We do not knowingly collect personal information from children.
8.2 Parental Notice
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at [email protected]. We will take steps to delete such information from our servers.
9. International Data Transfers
9.1 Data Location
Your data may be transferred to and processed in countries other than your country of residence, including the United States where our servers are located.
9.2 Safeguards
We ensure appropriate safeguards are in place to protect your data during international transfers, including:
- Standard Contractual Clauses (SCCs) where applicable
- SOC 2 Type II compliant infrastructure
- Encryption of data in transit and at rest
10. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: What personal information we collect and how we use it
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights
To exercise these rights, contact us at [email protected].
11. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):
- Legal Basis: We process your data based on your consent (photos) and legitimate interests (analytics)
- Data Controller: Reklamstore Reklamcılık A.Ş.
- DPO Contact: [email protected]
You have the right to lodge a complaint with your local data protection authority.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes:
- We will update the "Last Updated" date at the top of this policy
- For significant changes, we will notify you through the App or by email
- Continued use of the App after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically for any changes.
📋 Summary: Face Data Handling
| Data Type | Collected | Purpose | Retention | Shared |
|---|---|---|---|---|
| Input Face Photos | Yes | AI Processing Only | Deleted immediately | No |
| Generated Output Images | Yes | User's gallery | Until user deletes | No |
| Facial Recognition Data | No | N/A | N/A | N/A |
| Face Biometrics | No | N/A | N/A | N/A |
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Company: Reklamstore Reklamcılık A.Ş.
Address: Ä°stanbul, Turkey
Response Time: We will respond to your inquiry within 30 days.
🔒 Your privacy matters to us. We are committed to being transparent about our data practices and protecting your personal information.