Privacy Policy

Privacy Policy

Effective date: 2026-04-09


1. Controller / Contact

SNAPCARD AI
Email: hi@snapcard.ninja


2. Purposes, Categories, Legal Bases

We process personal data to provide the Service, manage accounts, billing, security/abuse prevention, support, product improvement, and—optionally—analytics.

  • Registration/Account: name, email, profile data from Google Sign-In or Apple Sign-In. Legal basis: contract performance (Art. 6(1)(b) GDPR).

  • Uploads/Content: images, tasks, metadata. Legal basis: contract performance (Art. 6(1)(b) GDPR).

  • AI processing: sending content to US-based AI providers to deliver features (“Flashcards”, “Solve”, “Chat”, “Voice”). Legal basis: contract performance (Art. 6(1)(b) GDPR).

  • Payments/Billing: email, invoicing/transaction data. Legal basis: contract & legal obligations (Art. 6(1)(b),(c) GDPR).

  • Security, anti-bot & abuse prevention: Cloudflare Turnstile, VPN/proxy detection services, server/WAF logs. To detect and prevent multi-account abuse and free-tier fraud, we also process and retain the following signals in hashed or pseudonymised form: IP addresses and IP-to-account mappings; device installation identifiers; hashed OAuth provider identifiers (from Google/Apple Sign-In) linked to deleted accounts (to prevent immediate re-registration); and email addresses associated with abuse records. On iOS, device-level signals may additionally be verified via platform-provided device integrity mechanisms (stored on the platform provider's infrastructure, not ours). Legal basis: legitimate interests in availability, fraud prevention, and service integrity (Art. 6(1)(f) GDPR).

  • Usage metrics: counters, rate/limit events, plan/subscription status. Legal basis: contract performance & legitimate interests in stability/abuse prevention (Art. 6(1)(b),(f) GDPR).

  • Product improvement & diagnostics: We use Sentry for error tracking and crash reporting. We also use Sentry Session Replay without content masking, which records user interface interactions and visible screen content (including any data displayed on screen) to help us diagnose issues and improve the product. Images you upload are processed and stored to provide our service, including keeping them available in your chat history and library, and to analyse and improve AI output quality. When you delete a chat, flashcard set, or your account, the associated database records (conversations, cards, account data) are permanently removed. Image files are stored in our infrastructure and are not automatically deleted when linked records are removed; once the database records are deleted, these files can no longer be associated with any individual and persist as anonymous data. Legal basis: legitimate interests in product quality and service improvement (Art. 6(1)(f) GDPR).

  • Cookies/Analytics (optional): Legal basis: consent where required (Art. 6(1)(a) GDPR / TTDSG).


3. Processors / Recipients

  • Appwrite Cloud (Frankfurt/Germany): auth, database, storage.

  • Third-party AI providers (US regions): AI processing to deliver app features.

  • Stripe (US/EU): payments & invoicing.

  • Google: OAuth login (if you use it).

  • Apple: Sign in with Apple (if you use it) and in-app purchases.

  • RevenueCat (US): subscription and in-app purchase management, entitlement verification, and billing analytics.

  • Sentry (US): error tracking, crash reporting, and Session Replay (without content masking) for diagnosing issues and improving the product.

  • Datadog (US): performance monitoring and analysis.

  • Cloudflare Turnstile: bot protection (may set necessary cookies/technologies).

  • Proxycheck.io / IPData: IP-based fraud and abuse prevention.

  • Other technical providers (email, logging/monitoring) as needed.

We sign Data Processing Agreements and review subprocessors where required. The privacy policies and terms of service of these providers also apply.


4. International Transfers (notably US)

Using AI services, Sentry, Datadog, Stripe, Google, Cloudflare, and other US-based providers involves transfers to the United States. Transfers rely on appropriate safeguards (e.g., EU-US Data Privacy Framework and/or Standard Contractual Clauses plus transfer risk assessments). Check each provider’s privacy pages for current certifications and transfer mechanisms.


5. Retention

  • Images/uploads/documents: Images and documents (including PDFs) you upload are processed and stored in our infrastructure to provide the service. When you delete a chat, flashcard set, or your account, the associated database records are permanently removed. Image files are not automatically deleted alongside these records; once the database records are removed, the files can no longer be linked to you or any specific user and persist in our storage as anonymous data.

  • Images in "Chat": Images attached to messages in the Chat feature of the iOS App are stored in our infrastructure. The database records linking them to your chat are permanently removed when you delete the chat or close your account; the underlying image files can then no longer be linked to you and persist as anonymous data.

  • Abuse prevention records: IP-to-account mapping data (stored as salted hashes), device installation records (hashed), and hashed OAuth provider identifiers from deleted accounts (tombstone records) are retained for up to 36 months to prevent fraud and multi-account abuse. Active block records expire automatically after approximately one year. Email addresses recorded in abuse audit logs are retained for the duration of the relevant investigation or block period.

  • Session Replay recordings: Sentry Session Replay data is retained in accordance with Sentry’s data retention policies (typically up to 90 days). Replays may contain visible screen content and UI interactions recorded without masking.

  • Generated sets/history: until you delete them or your account is deleted.

  • Account/billing: for the contract term; invoice retention 6–10 years (per tax/commercial laws).

  • Server/security logs: typically up to 30 days (longer if needed for incident handling).

  • Usage metrics: up to 24 months to verify billing, investigate abuse, and support requests.

  • Cookies/Analytics: per your consent settings. This does not apply to the iOS App.

You can request deletion of your data and account via the settings tab in the iOS App or by contacting support. We have limited or no control over data handling and retention by third-party services. For more information, refer to the respective privacy policies of those providers.


6. Cookies & Similar Technologies

We use necessary cookies/technologies (e.g., session, Turnstile) on the web version. Non-essential cookies (e.g., analytics) are used only with consent via a banner offering an equally prominent “reject” option. Details appear in the cookie layer.


7. AI Processing & Model Training

We send your content to third-party AI models to deliver features. We do not train our own models on your content. Third-party AI providers process data to operate and secure their services; according to their policies, training of foundation models on customer prompts/content does not occur or only as described in their documentation. Please review each provider’s privacy documentation for details.


8. Your Rights

Where applicable (e.g., EU/EEA), you have rights to access, rectification, erasure, restriction, portability, to object to processing based on legitimate interests (including the use of personal data for product improvement and Session Replay), and to withdraw consent (prospectively). You may lodge a complaint with an EU supervisory authority.


9. Children

The Service is not directed to children under 13. Registration is only available via Google Sign-In or Apple Sign-In; by creating an account, users represent that they meet the minimum age requirements of their chosen provider (see Google's Privacy Policy and Apple's Privacy Policy). For users aged 13–17, parental or legal guardian consent may be required under applicable law; access may be restricted if verification is missing. We rely on the account-level age controls provided by Google and Apple and do not independently verify user age.


10. Security

We implement appropriate technical and organisational measures (e.g., in-transit encryption, access controls). No method is 100% secure; keep your credentials safe.


11. Notice & Action

You can report allegedly illegal content via email. We review promptly and provide a reasoned decision.


12. Changes

We will update this Policy when services or laws change and notify you appropriately.


Privacy, abuse and support contact: hi@snapcard.ninja

Effective date: 2026-04-09


1. Controller / Contact

SNAPCARD AI
Email: hi@snapcard.ninja


2. Purposes, Categories, Legal Bases

We process personal data to provide the Service, manage accounts, billing, security/abuse prevention, support, product improvement, and—optionally—analytics.

  • Registration/Account: name, email, profile data from Google Sign-In or Apple Sign-In. Legal basis: contract performance (Art. 6(1)(b) GDPR).

  • Uploads/Content: images, tasks, metadata. Legal basis: contract performance (Art. 6(1)(b) GDPR).

  • AI processing: sending content to US-based AI providers to deliver features (“Flashcards”, “Solve”, “Chat”, “Voice”). Legal basis: contract performance (Art. 6(1)(b) GDPR).

  • Payments/Billing: email, invoicing/transaction data. Legal basis: contract & legal obligations (Art. 6(1)(b),(c) GDPR).

  • Security, anti-bot & abuse prevention: Cloudflare Turnstile, VPN/proxy detection services, server/WAF logs. To detect and prevent multi-account abuse and free-tier fraud, we also process and retain the following signals in hashed or pseudonymised form: IP addresses and IP-to-account mappings; device installation identifiers; hashed OAuth provider identifiers (from Google/Apple Sign-In) linked to deleted accounts (to prevent immediate re-registration); and email addresses associated with abuse records. On iOS, device-level signals may additionally be verified via platform-provided device integrity mechanisms (stored on the platform provider's infrastructure, not ours). Legal basis: legitimate interests in availability, fraud prevention, and service integrity (Art. 6(1)(f) GDPR).

  • Usage metrics: counters, rate/limit events, plan/subscription status. Legal basis: contract performance & legitimate interests in stability/abuse prevention (Art. 6(1)(b),(f) GDPR).

  • Product improvement & diagnostics: We use Sentry for error tracking and crash reporting. We also use Sentry Session Replay without content masking, which records user interface interactions and visible screen content (including any data displayed on screen) to help us diagnose issues and improve the product. Images you upload are processed and stored to provide our service, including keeping them available in your chat history and library, and to analyse and improve AI output quality. When you delete a chat, flashcard set, or your account, the associated database records (conversations, cards, account data) are permanently removed. Image files are stored in our infrastructure and are not automatically deleted when linked records are removed; once the database records are deleted, these files can no longer be associated with any individual and persist as anonymous data. Legal basis: legitimate interests in product quality and service improvement (Art. 6(1)(f) GDPR).

  • Cookies/Analytics (optional): Legal basis: consent where required (Art. 6(1)(a) GDPR / TTDSG).


3. Processors / Recipients

  • Appwrite Cloud (Frankfurt/Germany): auth, database, storage.

  • Third-party AI providers (US regions): AI processing to deliver app features.

  • Stripe (US/EU): payments & invoicing.

  • Google: OAuth login (if you use it).

  • Apple: Sign in with Apple (if you use it) and in-app purchases.

  • RevenueCat (US): subscription and in-app purchase management, entitlement verification, and billing analytics.

  • Sentry (US): error tracking, crash reporting, and Session Replay (without content masking) for diagnosing issues and improving the product.

  • Datadog (US): performance monitoring and analysis.

  • Cloudflare Turnstile: bot protection (may set necessary cookies/technologies).

  • Proxycheck.io / IPData: IP-based fraud and abuse prevention.

  • Other technical providers (email, logging/monitoring) as needed.

We sign Data Processing Agreements and review subprocessors where required. The privacy policies and terms of service of these providers also apply.


4. International Transfers (notably US)

Using AI services, Sentry, Datadog, Stripe, Google, Cloudflare, and other US-based providers involves transfers to the United States. Transfers rely on appropriate safeguards (e.g., EU-US Data Privacy Framework and/or Standard Contractual Clauses plus transfer risk assessments). Check each provider’s privacy pages for current certifications and transfer mechanisms.


5. Retention

  • Images/uploads/documents: Images and documents (including PDFs) you upload are processed and stored in our infrastructure to provide the service. When you delete a chat, flashcard set, or your account, the associated database records are permanently removed. Image files are not automatically deleted alongside these records; once the database records are removed, the files can no longer be linked to you or any specific user and persist in our storage as anonymous data.

  • Images in "Chat": Images attached to messages in the Chat feature of the iOS App are stored in our infrastructure. The database records linking them to your chat are permanently removed when you delete the chat or close your account; the underlying image files can then no longer be linked to you and persist as anonymous data.

  • Abuse prevention records: IP-to-account mapping data (stored as salted hashes), device installation records (hashed), and hashed OAuth provider identifiers from deleted accounts (tombstone records) are retained for up to 36 months to prevent fraud and multi-account abuse. Active block records expire automatically after approximately one year. Email addresses recorded in abuse audit logs are retained for the duration of the relevant investigation or block period.

  • Session Replay recordings: Sentry Session Replay data is retained in accordance with Sentry’s data retention policies (typically up to 90 days). Replays may contain visible screen content and UI interactions recorded without masking.

  • Generated sets/history: until you delete them or your account is deleted.

  • Account/billing: for the contract term; invoice retention 6–10 years (per tax/commercial laws).

  • Server/security logs: typically up to 30 days (longer if needed for incident handling).

  • Usage metrics: up to 24 months to verify billing, investigate abuse, and support requests.

  • Cookies/Analytics: per your consent settings. This does not apply to the iOS App.

You can request deletion of your data and account via the settings tab in the iOS App or by contacting support. We have limited or no control over data handling and retention by third-party services. For more information, refer to the respective privacy policies of those providers.


6. Cookies & Similar Technologies

We use necessary cookies/technologies (e.g., session, Turnstile) on the web version. Non-essential cookies (e.g., analytics) are used only with consent via a banner offering an equally prominent “reject” option. Details appear in the cookie layer.


7. AI Processing & Model Training

We send your content to third-party AI models to deliver features. We do not train our own models on your content. Third-party AI providers process data to operate and secure their services; according to their policies, training of foundation models on customer prompts/content does not occur or only as described in their documentation. Please review each provider’s privacy documentation for details.


8. Your Rights

Where applicable (e.g., EU/EEA), you have rights to access, rectification, erasure, restriction, portability, to object to processing based on legitimate interests (including the use of personal data for product improvement and Session Replay), and to withdraw consent (prospectively). You may lodge a complaint with an EU supervisory authority.


9. Children

The Service is not directed to children under 13. Registration is only available via Google Sign-In or Apple Sign-In; by creating an account, users represent that they meet the minimum age requirements of their chosen provider (see Google's Privacy Policy and Apple's Privacy Policy). For users aged 13–17, parental or legal guardian consent may be required under applicable law; access may be restricted if verification is missing. We rely on the account-level age controls provided by Google and Apple and do not independently verify user age.


10. Security

We implement appropriate technical and organisational measures (e.g., in-transit encryption, access controls). No method is 100% secure; keep your credentials safe.


11. Notice & Action

You can report allegedly illegal content via email. We review promptly and provide a reasoned decision.


12. Changes

We will update this Policy when services or laws change and notify you appropriately.


Privacy, abuse and support contact: hi@snapcard.ninja