Privacy Policy
Last updated: 2026-07-02
Draft — this policy covers the invite-only test phase and will be finalized before public launch.
The short version
- Your images are processed on your device or transiently in memory — we do not store your images on our servers.
- We run no third-party analytics or advertising SDKs.
- Marking records synced to the cloud are encrypted on your device before upload; we cannot read them.
What we store
- Account data: email address, display name, password hash, subscription tier, and security settings (such as two-factor configuration).
- Encrypted marking records: when you use cloud backup or multi-device sync, your marking records are end-to-end encrypted on your device before they reach us. We store ciphertext we cannot decrypt.
- Operational logs: short-lived technical logs (timestamps, request outcomes) to keep the service reliable and abuse-resistant.
What we do not do
- We do not store the images you mark or verify.
- We do not sell or share personal data with advertisers.
- We do not run analytics or tracking SDKs in the app or on this site.
Payments
Subscriptions are processed by our payment providers (Stripe on desktop, the platform stores on mobile). We receive subscription status, never your full payment details.
Your rights
You can delete your account in the app (Account & plan → delete account). Deletion is scheduled and completed within 30 days. For privacy questions, contact us at the address on the imprint page.