Privacy Policy

Last updated: September 1, 2025

1. Information We Collect

1.1 Information You Provide

• Personal Information: We do not require users to provide personally identifiable information, such as names or email addresses, unless you contact us for support or feedback
• Rock Images: Photos of rocks and minerals you upload for identification
• User Content: Notes, comments, and personal collection information
• Communication: Messages you send through our support system

1.2 Information We Collect Automatically

• Device Information: Device model, operating system version, unique device identifiers
• Usage Analytics: App features used, session duration, crash reports
• Technical Data: IP address, app version, device settings
• Performance Metrics: App performance, loading times, error logs

1.3 Third-Party Information

• Payment Processors: Apple App Store and Google Play Store process subscription payments. RevenueCat is used for subscription validation and management. These services have their own privacy policies governing the collection and use of payment information
• Gemini API: Used to find rock or mineral data for image analysis and assessment.

2. How We Use Your Information

2.1 Primary Services

• Provide AI-powered rock and mineral identification services
• Maintain your personal geological collection and discoveries
• Sync your data across multiple devices

2.2 Improvement and Development

• Develop new features and enhance user experience
• Analyze app usage patterns to optimize performance
• Conduct research for geological and educational purposes

2.3 Communication and Support

• Provide customer support and technical assistance
• Send important updates about the app and services
• Respond to your inquiries and feedback
• Send educational content and geological insights (with consent)

3. Data Sharing and Disclosure

3.1 We DO NOT sell your personal information

We have never sold personal information and will never sell your personal information to third parties for monetary gain.

3.2 Limited Sharing Scenarios

• Service Providers: Trusted third parties who help operate our services (cloud storage, analytics)
• Legal Requirements: When required by law, court order, or government request
• Safety and Security: To protect rights, safety, and security of users and the public
• Business Transfers: In connection with mergers, acquisitions, or asset sales (with user notification)

3.3 Community Features

If you choose to participate in our community features, certain information (rock discoveries, locations, photos) may be shared with other users. This sharing is always optional and under your control.

4. Data Security and Storage

4.1 Security Measures

• Bank-level encryption for all data transmission and storage
• Regular security audits and vulnerability assessments
• Secure cloud infrastructure with redundant backups
• Access controls and authentication for our systems

4.2 Data Retention

• Account Data: Retained while your account is active, plus 30 days after deletion
• Rock Images: Processed images automatically deleted within 24 hours unless saved to your collection
• Usage Analytics: Aggregated data retained for 24 months for improvement purposes
• Legal Hold: Data may be retained longer when required by law

5. Your Privacy Rights

5.1 Access and Control

• Access: Request copies of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Export your data in common formats
• Opt-out: Withdraw consent for marketing communications

5.2 Marketing Communications

You can opt out of marketing emails by clicking "unsubscribe" in any email or adjusting your preferences in the app settings.

6. Children's Privacy (COPPA Compliance)

Rock Identifier is designed for users 13 years and older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately at privacy@rockidentifier.com.

For users aged 13-17, parental consent may be required in certain jurisdictions. We encourage parents to monitor their children's app usage and contact us with any concerns.

7. International Data Transfers

We operate globally and may transfer your data to countries outside your residence for processing and storage. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by regulatory authorities
• Adequacy decisions for data protection levels
• Your explicit consent when required

8. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected and how it's used
• Right to delete personal information (with certain exceptions)
• Right to opt-out of the sale of personal information (we don't sell data)
• Right to non-discrimination for exercising privacy rights

9. European Privacy Rights (GDPR)

EU residents have rights under the General Data Protection Regulation:

• Legal basis for processing (consent, contract performance, legitimate interest)
• Right to withdraw consent at any time
• Right to lodge complaints with supervisory authorities
• Data Protection Officer contact for privacy concerns

10. Updates to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated through:

• In-app notifications
• Email notifications to registered users
• Website announcements
• Updated "Last Modified" date on this policy

11. Contact Information

General Contact: anujitha.dev@gmail.com

Response Time: We respond to privacy requests within 30 days (or as required by applicable law).