Privacy Policy

This Privacy Policy describes how Partsy ("Partsy," "we," "us," or "our"), a company operating in California, USA, collects, uses, discloses, and protects information when you use the Partsy iOS application and related services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Overview and Key Points

• Age Restriction: This app is rated 13+ and is not intended for children under 13
• AI and Biometric Processing: The app uses AI to analyze photos and may process facial data, only with your explicit permission
• Device Permissions: We request Camera, Photo Library, and Location access only when needed for specific features
• Your Control: You control all permissions through iOS settings and can revoke them anytime
• Data Protection: We do not sell, rent, or trade your personal information
• California Location: We operate under California law and comply with California privacy regulations including biometric data laws

2. Information We Collect

2.1 Information You Provide Directly

We may collect information that you voluntarily provide to us, including:

• Contact Information: Email address when you contact us for support or opt in to updates
• Communications: Message content and any other information you choose to provide when contacting support
• Account Information: Any profile details you create within the app, if applicable
• Feedback: Survey responses, ratings, or other feedback you provide

2.2 Photos and Images (User Content)

When you use camera-based features, you may provide photos and images. This content:

• Remains under your ownership
• Is processed only with your explicit permission (via Camera or Photo Library access)
• May be analyzed using AI technology for the features you request
• Is not shared with third parties except as described in this policy
• Can be deleted at any time by you

2.3 Biometric Information (California Disclosure)

When you use AI-powered features that analyze faces in photos, we may collect and process:

• Facial geometry: Mathematical representations of facial features and structure
• Facial landmarks: Coordinates of key facial points used for analysis
• Facial characteristics: Data derived from facial features for app functionality

How We Handle Biometric Data:

• Collection: Only when you explicitly grant Camera or Photo Library permissions and actively use features requiring facial analysis
• Purpose: Solely to provide the AI-powered features you request (e.g., photo analysis, filters, effects)
• Processing Location: Processed locally on your device whenever technically feasible; if cloud processing is required, data is encrypted in transit
• Retention Period: Biometric data is retained only as long as necessary to fulfill the purpose for which it was collected, and will be permanently destroyed within three (3) years of your last interaction with the Service, or upon your request for deletion, whichever comes first
• No Sale or Trade: We do not and will not sell, lease, or trade your biometric information to any third party
• No Profit: We do not use your biometric information for any commercial purpose beyond providing the Service features you request
• Third-Party Sharing: We do not disclose biometric information to third parties except as required by law or with your explicit consent
• Security: Biometric data is protected using industry-standard encryption and security measures
• Your Rights: You may request deletion of all biometric data at any time by contacting support@partsy.info

Your Consent and Control:

By granting Camera or Photo Library permissions and using facial analysis features, you provide informed, written consent (via these permissions and this notice) for the collection and processing of your biometric information. You may withdraw this consent at any time by:

• Revoking Camera and Photo Library permissions in iOS Settings > Partsy
• Not using features that require facial analysis
• Requesting deletion of your data by contacting support@partsy.info
• Uninstalling the app

2.4 Device Permissions and Associated Data

Partsy may request access to the following iOS permissions. Granting permissions is optional, and you can manage them anytime in iOS Settings > Partsy:

• Camera: To enable photo capture and camera-based functionality, including AI analysis. When granted, we may access the camera feed only when you actively use camera features.
• Photo Library: To allow you to select, save, or share photos. When granted, we access only the specific photos you select.
• Location Services: To provide location-based features. When granted, we may collect your approximate or precise location data only while using location features.

If you deny permissions, the app will continue to function, but certain features will be unavailable.

2.5 Automatically Collected Information

We may automatically collect certain technical and usage information to maintain and improve the Service:

• Device Information: Device model, operating system version, unique device identifiers (IDFA/IDFV), screen resolution
• Usage Data: App features accessed, session duration, interaction patterns, button clicks, screen views
• Crash Reports and Diagnostics: Technical logs, error messages, stack traces, and performance metrics
• Analytics Data: Aggregated usage statistics to understand how users interact with the app

This information is collected in aggregate form and is not intended to personally identify you individually.

3. How We Use Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and operate the Service and its features
• AI Processing: To perform facial analysis and other AI-powered features you request
• Improvement: To enhance features, functionality, user experience, and develop new features
• Technical Support: To diagnose technical issues, fix bugs, and maintain security and stability
• Customer Support: To respond to your support requests, questions, and inquiries
• Communications: To send updates, announcements, or promotional materials (only if you opt in)
• Analytics: To analyze usage patterns, understand user behavior, and improve Service performance
• Legal Compliance: To comply with legal obligations and enforce our Terms of Service
• Security: To protect against fraud, abuse, and security threats

4. How We Share Information

We do not sell, rent, or trade your personal information, including biometric data, to third parties for their marketing purposes.

We may share information only in the following limited circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating the Service (such as cloud hosting, analytics platforms, or crash reporting services like Firebase or TestFlight). These providers are contractually obligated to protect your information, use it only for the purposes we specify, and not use it for their own purposes. They do not receive access to biometric data unless absolutely necessary for service provision, and only under strict confidentiality agreements.
• Legal Requirements: When required by law, regulation, legal process, court order, or governmental request
• Safety and Rights Protection: To protect the rights, property, safety, or security of Partsy, our users, or the public, or to prevent fraud or abuse
• Business Transfers: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, in which case the acquiring entity will be bound by this Privacy Policy's commitments
• With Your Consent: When you explicitly authorize us to share information for a specific purpose
• Aggregated Data: We may share aggregated, anonymized data that does not identify you personally for analytics, research, or business purposes

5. Your Rights and Choices

5.1 General Rights

• Device Permissions: Manage Camera, Photo Library, and Location access at any time through iOS Settings > Partsy
• Communications Preferences: Unsubscribe from promotional emails using the unsubscribe link in any email or by contacting us
• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete personal information
• Deletion: Request deletion of your personal information and biometric data, subject to legal retention requirements
• Data Portability: Request a copy of your data in a portable format

5.2 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, disclose, and sell (if applicable)
• Right to Delete: Request deletion of your personal information, including biometric data
• Right to Opt-Out: Opt-out of the sale or sharing of personal information (Note: we do not sell personal information)
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit Use of Sensitive Personal Information: Request limitation on use of sensitive personal information, including biometric data
• Right to Non-Discrimination: Exercise your privacy rights without receiving discriminatory treatment

To exercise these rights, contact us at support@partsy.info. We will verify your identity before processing requests and respond within 45 days as required by law.

5.3 Biometric Data Rights

For biometric information specifically, you have the right to:

• Know what biometric data is being collected and why
• Request immediate deletion of all biometric data
• Withdraw consent for biometric processing at any time
• Receive confirmation of biometric data deletion within 30 days of request

6. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy:

• Account Data: Retained while your account is active and for a reasonable period afterward for backup purposes
• Biometric Data: Retained only as long as necessary to provide requested features, and permanently destroyed within three (3) years of your last interaction with the Service, or upon your deletion request, whichever comes first
• Usage and Analytics Data: Typically retained for up to 90 days for performance monitoring, or longer if needed for debugging specific issues
• Crash Reports: Retained for up to 90 days or until the issue is resolved
• Communications: Support emails retained for up to two years for quality assurance
• Legal Compliance: Some data may be retained longer when required by law or to resolve disputes

When information is no longer needed, we securely delete or anonymize it. Biometric data is permanently and irreversibly destroyed using secure deletion methods.

7. Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your information from unauthorized access, disclosure, alteration, or destruction:

• Encryption: Data is encrypted in transit using TLS/SSL and at rest using industry-standard encryption
• Access Controls: Strict access controls limit who can access personal information to authorized personnel only
• Secure Storage: Data stored on secure servers with regular security audits
• Biometric Protection: Biometric data receives additional security measures including isolated storage and enhanced encryption
• Regular Updates: Security measures are regularly reviewed and updated

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your information using commercially reasonable means, we cannot guarantee absolute security. You are responsible for maintaining the security of your device and account credentials.

8. International Data Transfers

Your information, including biometric data if collected, may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction.

By using the Service, you acknowledge and consent to the transfer of your information to the United States and other countries where we or our service providers operate. We ensure that such transfers comply with applicable laws and that appropriate safeguards are in place to protect your information.

9. Children's Privacy (COPPA Compliance)

We are committed to protecting children's privacy and comply with the Children's Online Privacy Protection Act (COPPA):

• No Collection from Children: We do not knowingly collect personal information, including biometric data, from children under 13 years of age
• Age Verification: We require users to confirm they are 13 or older before using the Service
• Parental Notice: If you are a parent or legal guardian and believe your child under 13 has provided us with personal information, please contact us immediately at support@partsy.info
• Prompt Deletion: Upon notification, we will promptly investigate and delete any information collected from children under 13 within 30 days
• No Targeted Services: We do not direct the Service to children under 13 and do not knowingly market to them

If we discover that we have inadvertently collected information from a child under 13, we will delete that information as quickly as possible. We also delete any associated biometric data immediately upon discovery.

10. Third-Party Links and Services

The Service may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to those third-party services. We are not responsible for the privacy practices of third parties.

We encourage you to review the privacy policies of any third-party services you access through the app. Third-party services may have their own policies regarding data collection and use.

11. Do Not Track Signals

Some browsers support a "Do Not Track" (DNT) feature that signals to websites you visit that you do not want to have your online activity tracked. The Service does not currently respond to DNT signals because there is no industry standard for how to respond to them.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post the updated policy on this page and in the app
• Provide notice through the app, via email (if provided), or other appropriate means for material changes
• Obtain your renewed consent for material changes that affect biometric data processing

Your continued use of the Service after such notice constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes, you must stop using the Service and may request deletion of your data.

We will never make changes that reduce your rights regarding biometric data without obtaining your explicit consent.

13. Contact Us

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our privacy practices, including biometric data handling, please contact us:

Email: support@partsy.info
Subject Line: For biometric data requests, use "Biometric Data Request"
Location: California, USA

We will respond to your inquiry within a reasonable timeframe, typically within 30-45 days. For biometric data deletion requests, we will confirm deletion within 30 days.

California Residents - Additional Contact

Under California Civil Code Section 1789.3, California residents may contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs:

Mail: 1625 North Market Blvd., Sacramento, CA 95834
Phone: (916) 445-1254 or (800) 952-5210