PetArt — Privacy Policy

Last updated: 2026-04-25

This policy explains what data PetArt ("the App") collects, why, and how it is handled. By installing the App you agree to the practices below.

1. Data the App collects

On the device only

• Selected photos of pets, while a portrait is being generated.
• Generated portraits, locally cached for the share gallery and the 12-in-1 collector poster.
• Anonymous device token (random UUID) used solely to anchor in-app purchase entitlements (ad removal) and to throttle backend abuse.
• "Ads removed" flag per pet, set after a successful one-time in-app purchase ($2.99). Stored locally; revalidated against Google Play Billing.

Sent to our backend (Cloudflare Worker proxy)

• The selected photo, transmitted over HTTPS for the duration of one generation. The image is never stored or logged on our backend; only a short-lived hash of the request is kept for caching identical re-runs.
• The anonymous device token, for rate-limiting only.
• The chosen style identifier.

Sent to third parties

• The image is forwarded to Replicate Inc. (replicate.com), the AI provider that renders the stylized portrait. Replicate's privacy policy: replicate.com/privacy.
• Google Mobile Ads SDK collects standard ad-serving data (advertising ID, IP, ad interactions) to serve banners and interstitials. See Google's policy: policies.google.com/technologies/ads. Ads are disabled for users who purchase the "remove ads" pack.
• Google Play Billing processes the in-app purchase. Google's policy: policies.google.com/privacy.

The App does NOT collect

• Your name, email, phone, contacts, location, microphone, or any other identifier.
• We never sell or share data with brokers.

2. Children

PetArt is not directed at children under 13. We do not knowingly collect data from children.

3. Data retention

• Photos: kept on your device only. Cleared when you delete the App or clear cache.
• Generated portraits: kept on the backend cache up to 30 days, keyed by anonymous hash, then auto-purged.
• Replicate retains processing data per their policy.

4. Your rights

You can:

• Reset your anonymous device token by clearing the App's data in Android settings.
• Opt out of personalized ads in your device's "Ads" settings.
• Request deletion of any cached portrait by contacting us with the cache key shown on the result screen.

5. Security

All network traffic uses HTTPS. The backend proxy isolates your device from the AI provider — no API keys ship with the App.

6. Changes

If this policy changes materially, the new "Last updated" date will be set and the new version will appear at the same URL before the change takes effect.

7. Contact

PetArt
business@ddinsights.org

Hosted at https://petart-proxy.ddinsights.workers.dev/privacy.