Privacy Policy for BoardBrain

Effective Date: April 22, 2025

Welcome to BoardBrain! This Privacy Policy explains how we handle information when you use our mobile application ("App"). Your privacy is important to us.

1. Information We Collect

We aim to minimize data collection while providing our service.

• Information You Provide for Processing: When you use the App, you upload images of blackboards or whiteboards. To enable our features, these images are securely transferred using Apple's CloudKit infrastructure (linked to your personal iCloud account and stored on Apple's servers, managed by Apple). We utilize AI providers (see Section 3) to process these images for problem-solving and quiz generation. Consistent with our commitment to privacy, these images are processed only temporarily and are not stored long-term either on our direct servers or within Apple's CloudKit infrastructure once processing is complete.
• Technical Information: To provide the service securely and effectively, we automatically collect certain technical information:
  • IP Address: Used for security purposes (like preventing abuse) and service delivery.
  • CloudKit Identifier: When using CloudKit features, Apple generates user-specific identifiers tied to your iCloud account, managed according to Apple's policies.
  • Unique User Identifier (for Subscriptions): We use a unique identifier (potentially linked to your CloudKit ID or generated separately) associated with your app usage to manage your service access and subscription status via RevenueCat.
• Subscription Information: If you subscribe to premium features, information related to your subscription status is managed via our subscription provider (RevenueCat) and linked to your unique user identifier. Payment processing itself is handled by the respective app stores (Apple App Store, Google Play Store).

We do NOT collect:

• Personally identifiable information like your name or email address (beyond what is inherent in your iCloud account via CloudKit, which is managed by Apple), unless you voluntarily provide it for support purposes.
• We do not store your scanned images long-term after processing.

2. How We Use Information

We use the information collected solely for the following purposes:

• To Provide and Maintain the Service: Processing your uploaded images using AI to solve problems and generate quizzes; securely handling data transfer via CloudKit; managing your access and subscription status.
• For Security and Protection: Monitoring for malicious activity, preventing fraud, protecting our services (e.g., DDoS mitigation using Cloudflare), and ensuring service integrity using IP addresses and identifiers.
• To Manage Subscriptions: Using your unique user identifier and subscription data via RevenueCat to ensure you have access to the features you've purchased.

3. Information Sharing and Third-Party Services

We do not sell your data. We only share information with specific third-party service providers necessary to operate the BoardBrain app:

• Apple (CloudKit): We use Apple's CloudKit framework to securely transfer and temporarily handle the images you upload via your iCloud account. Data handled via CloudKit resides on Apple's infrastructure during this processing period and is subject to Apple's terms and privacy policies. Images are deleted from this infrastructure after processing is complete.
• Google Cloud (Gemini AI Provider): To provide core AI features (image analysis, optical character recognition (OCR), problem-solving, quiz generation), the images you upload (handled via Apple's CloudKit infrastructure) are processed by Google Cloud's Gemini AI services. Google processes this data on our behalf according to our agreement with them and does not use your image data for their own general service improvement or other independent purposes.
• Cloudflare (Security & Performance): We use Cloudflare for security services, content delivery network (CDN) performance, and protection against malicious attacks. Cloudflare may process technical data like your IP address as part of providing these security and performance services.
• RevenueCat (Subscription Management): We use RevenueCat to manage in-app purchases and subscription status across different platforms. We share your unique user identifier and relevant purchase information with RevenueCat so they can validate receipts with the app stores (Apple App Store, Google Play Store) and manage your subscription entitlements.
• Legal Requirements: We may disclose information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, prevent fraud, act in urgent circumstances to protect the personal safety of users of the App, or protect against legal liability.

Our third-party providers are obligated to use the data shared with them only to provide the specific services we have contracted them for.

4. Data Retention

• Uploaded Images: As stated above, images are handled temporarily via Apple's CloudKit infrastructure during processing and are deleted afterwards. They are not stored long-term.
• Technical Information (IP Address, Identifiers): We retain this information for as long as necessary to provide the service, maintain security, manage subscriptions, and comply with legal obligations. CloudKit identifiers are managed per Apple's policies.
• Subscription Data: Subscription status linked to your identifier is maintained while your subscription is active and for a reasonable period afterward for record-keeping and compliance.

5. Data Security

We implement reasonable technical and organizational measures, including leveraging secure infrastructure like CloudKit and security services like Cloudflare, to protect the information we handle from loss, misuse, and unauthorized access or disclosure. However, please be aware that no security measures are perfect or impenetrable, and we cannot guarantee the absolute security of your information.

6. Children's Privacy

BoardBrain is not intended for use by children under the age of 13 (or the relevant minimum age threshold in specific regions, such as 16 in parts of the EU). We do not knowingly collect personal information from children under this age. If we learn that we have collected personal information from a child under the relevant minimum age, we will take steps to delete that information as soon as possible.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your information, such as the right to access or request deletion of the data we hold that is associated with your unique user identifier (including subscription status). Please contact us using the details below to make such requests. Note that deleting certain information may impact your ability to use the App or its premium features. For data managed via CloudKit associated with your iCloud account, please refer to Apple's privacy tools and policies.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy within the App or on our website. You are advised to review this Privacy Policy periodically for any changes. Changes are effective when they are posted.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us at:
policy@arcform.xyz

Alternatively, you may use the contact form available on our website (the website address is indicated in the App Store listing for this App).

Disclaimer: This Privacy Policy is provided as a template. Consult with a qualified legal professional to ensure it meets all legal requirements for your specific application and user base.