Privacy Policy

Last updated: April 27, 2026

SnapPanda ("we", "our", or "the app") is committed to protecting your privacy. This Privacy Policy explains what data the app collects, how it is collected, how it is used, with whom it is shared, and how it is retained.

1. Overview of Data Practices

SnapPanda analyzes photos for composition, lighting, and aesthetics. The app uses three separate processing methods:

• On-device face analysis — processed entirely on your device using Apple's Vision framework. No face data ever leaves your device.
• Cloud-based photo analysis — with your explicit consent, a resized copy of your photo is sent to our servers for AI-powered scoring via OpenAI. No face data, landmarks, or biometric information is included in this upload.
• Cloud-based AI photo improvement — with your explicit consent, a resized copy of your photo is sent to our servers and forwarded to Google's Gemini API to generate an improved version of the photo based on the analysis suggestions. No face data, landmarks, or biometric information is included in this upload.

No account or personal information is required to use the app.

2. Face Data (On-Device Only)

SnapPanda uses Apple's Vision framework to provide real-time photography coaching during your camera session.

• Collection: The app uses Apple's Vision APIs (VNDetectFaceLandmarksRequest, VNDetectFaceRectanglesRequest, VNDetectFaceCaptureQualityRequest) to detect face bounding boxes, landmark geometry (eye openness, head yaw and roll), face capture quality scores, and face count.
• Use: This data is used solely to provide real-time on-screen coaching tips — including framing guidance, expression feedback, blur detection, group composition suggestions, and local photo scoring.
• Disclosure & sharing: Face data is never transmitted, shared, or disclosed to any server, third party, or external service. All processing occurs entirely on your device using Apple's Vision framework.
• Retention: Face data exists only as transient VNFaceObservation objects in device memory during an active camera session. It is automatically discarded when the camera session ends. No face data is written to disk, saved to files, or persisted in any form.
• Not used for: Face data is not used for facial recognition, user identification, authentication, advertising, user profiling, or tracking of any kind.

3. Photo Analysis & AI Processing

When you choose to get an AI-powered analysis, a copy of your photo is sent to our servers for processing. This requires your explicit consent.

• What is sent: A resized version of your photo (maximum 512px JPEG) and the analysis category you selected (e.g., "Dating", "Social Media", "Business"). Technical metadata such as your prior score and retake count may also be sent to improve feedback quality.
• What is NOT sent: No face data, facial landmarks, Vision framework outputs, or biometric information is included in the upload. Only the photo image and category are transmitted.
• Who receives it: Your photo is sent to SnapPanda servers hosted on Google Cloud Functions, which forward it to OpenAI, L.L.C. via the OpenAI API for AI-powered scoring and feedback.
• How it is transmitted: All data is transmitted securely over HTTPS (encrypted in transit).
• Processing & retention: Your photo is processed in real time to generate the analysis response. Photos are discarded immediately after processing is complete — they are not stored on our servers or by OpenAI. OpenAI does not use data submitted via the API to train its models.
• Use: Your photo and selected category are used solely to generate scores, feedback, and suggestions for improving your photos. They are not used for advertising, marketing, profiling, or any other purpose.
• OpenAI's privacy practices: OpenAI's handling of data sent via its API is governed by the OpenAI Terms of Use and OpenAI Privacy Policy, which provide protections for your data consistent with or exceeding the protections described in this policy.

4. AI Photo Improvement (Google Gemini)

If you choose to generate an improved version of your photo, a copy of your photo is sent to our servers and forwarded to Google's Gemini API for image generation. This is a separate feature from analysis and requires your explicit consent.

• What is sent: A copy of your photo, the analysis category you selected (e.g., "Dating", "Social Media", "Business"), and the improvement suggestions previously generated for that photo.
• What is NOT sent: No face data, facial landmarks, Vision framework outputs, or biometric information is included in the upload. Only the photo image, category, and suggestion text are transmitted.
• Who receives it: Your photo is sent to SnapPanda servers hosted on Google Cloud Functions, which forward it to Google LLC via the Gemini API for AI-powered image generation.
• How it is transmitted: All data is transmitted securely over HTTPS (encrypted in transit).
• Processing & retention: Your photo is processed in real time to generate the improved image. Photos are discarded immediately after processing is complete — they are not stored on our servers. Data submitted via the paid Gemini API is not used by Google to train its generative AI models.
• Use: Your photo, category, and suggestions are used solely to generate an improved version of your photo. They are not used for advertising, marketing, profiling, or any other purpose.
• Output: The improved image returned by Gemini is delivered to your device. You decide whether to save or share it. We do not retain a server-side copy.
• Google's privacy practices: Google's handling of data sent via the Gemini API is governed by the Gemini API Additional Terms of Service and the Google Privacy Policy.

5. Your Consent

Before any photo is sent to our servers, to OpenAI, or to Google Gemini, the app presents an in-app disclosure screen that clearly explains what data will be sent and who will receive it. You must grant explicit consent before any data is transmitted. If you choose not to consent, your photo will not be sent and you can continue using the app's on-device features.

You can withdraw your consent at any time in the app's Settings, which immediately stops all server communication. Previously analyzed or improved photos are not retained on any server.

6. Analytics & Crash Reporting

We use the following Firebase services to improve the app:

• Firebase Analytics: Collects anonymous usage events (e.g., photo captured, analysis completed, camera switched). No personal data is included in analytics events.
• Firebase Crashlytics: Collects crash reports to help us identify and fix bugs. Crash reports contain device and app state information but no personal data or photos.
• Firebase Authentication: Provides anonymous authentication to manage usage limits. No personal information (name, email, phone number) is collected.

Analytics and crash data are not linked to your identity and are used solely to improve the app experience.

7. Data Storage & Retention

Your photo history, scores, and preferences are stored locally on your device. This data is removed when you delete the app. Photos sent for AI analysis or AI improvement are not retained on any server after processing is complete. We do not maintain a server-side copy of your photos. Face data is never stored — it exists only transiently in memory during camera sessions.

8. Data Security

We use industry-standard security measures to protect your data, including HTTPS encryption for all data in transit, Firebase App Check to prevent unauthorized access, and secure authentication via Firebase Authentication.

9. Third-Party Data Sharing Summary

The following table summarizes all third-party data sharing:

• OpenAI, L.L.C. — receives your photo and analysis category for AI scoring (with your explicit consent). Does not retain data after processing. Does not use API data for model training.
• Google LLC (Gemini API) — receives your photo, analysis category, and suggestion text for AI image improvement (with your explicit consent). Does not retain data after processing. Paid Gemini API data is not used to train Google's generative AI models.
• Google (Firebase Analytics, Crashlytics, Cloud Functions) — receives anonymous usage events, crash reports, and hosts our backend infrastructure. No personal data or photos are shared with the analytics services.
• Meta Platforms, Inc. — receives app install, app launch, and four custom in-app events plus limited device info (model, OS version, locale, IDFV) for measuring the performance of ads we run on Facebook and Instagram. See Section 12 for details.

No data is sold to third parties. No data is shared for user profiling or cross-app tracking. Aggregated ad campaign measurement shared with Meta is described in Section 12.

10. Children's Privacy

SnapPanda does not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal data through the app, please contact us and we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

12. Advertising Measurement (Meta)

SnapPanda uses the Meta (Facebook) iOS SDK to measure the performance of ad campaigns we run on Facebook and Instagram. The SDK helps us understand whether our ads are reaching the right people — it does not enable cross-app tracking and does not show the App Tracking Transparency (ATT) prompt.

• What is sent to Meta: App install and app launch events, plus four custom in-app events (onboarding completed, photo analyzed, retake initiated, share tapped). Limited device information is included: device model, OS version, locale, and the IDFV (Apple's per-vendor identifier, which is scoped to apps from the same publisher).
• What is NOT sent: The IDFA (Apple's cross-app advertising identifier) is not collected or shared. The app does not request ATT permission. We do not use Meta Login, Meta Share, or Meta Custom Audiences. No photos, face data, or content from your photo analyses are sent to Meta.
• How attribution works: Ad attribution is performed using Apple's privacy-preserving SKAdNetwork API and Meta's Aggregated Event Measurement (AEM). These methods report results in aggregate and do not enable tracking individual users across apps.
• Meta's privacy practices: Meta's handling of this data is governed by the Meta Privacy Policy.

13. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact us at support@snappanda.io.