1. Who We Are
This Privacy Policy describes how Othentica ("we," "us," or "our") handles your personal information when you use the Othentica mobile application (the "App") on iOS or Android devices.
If you have questions about this policy, contact us at privacy@othentica.com.
2. Information We Collect
2.1 Information you provide
- Account details: name, email address, password, and profile photo when you sign up or update your profile.
- User content: any text, images, or other material you create or upload through the App.
- Support communications: messages you send to us for customer support.
2.2 Information collected automatically
- Device & technical data: device model, operating system, app version, language, crash reports, and diagnostic logs.
- Usage data: screens viewed, actions taken, session duration, and feature interactions.
- Authentication tokens: stored securely on your device to keep you signed in.
2.3 Permissions we request
| Permission | Why we request it |
|---|---|
| Camera | To let you take profile photos or capture images for content you create in the App. |
| Photo Library / Gallery | To let you upload existing images from your device. |
| Biometrics (Face ID / Touch ID / Fingerprint) | Optional — to let you unlock the App securely without re-entering your password. Biometric data never leaves your device. |
| Network access | To communicate with our backend services and sync your data. |
3. How We Use Your Information
- To create and maintain your account and authenticate you securely.
- To provide, personalize, and improve the App's features.
- To process content you create and deliver AI-assisted features you request.
- To diagnose crashes, debug issues, and improve reliability.
- To communicate important service updates, security alerts, and policy changes.
- To comply with legal obligations and enforce our Terms of Service.
4. Third-Party Services
We rely on a small number of trusted service providers to operate the App. These providers process data on our behalf under their own privacy commitments:
| Service | Purpose | Provider |
|---|---|---|
| Firebase Authentication | Account sign-in and session management | Google LLC |
| Cloud Firestore | Storing your content and profile data | Google LLC |
| Firebase Cloud Functions | Backend processing | Google LLC |
| Google Gemini (Generative AI) | AI-assisted features you invoke | Google LLC |
When you use AI-assisted features, the prompt content you submit is sent to the AI provider to generate a response. We do not use your content to train third-party AI models.
5. Data Storage & Security
- Your data is stored on Google Firebase infrastructure with encryption in transit (TLS) and at rest.
- Passwords are never stored in plain text; authentication is handled by Firebase.
- Authentication tokens on your device are kept in secure, OS-provided storage and — on native platforms — persisted via IndexedDB with secure session handling.
- Biometric templates (Face ID, Touch ID, fingerprint) remain on your device and are never transmitted to our servers.
No system is perfectly secure. We cannot guarantee absolute security, but we take reasonable steps to protect your information.
6. Data Sharing
We do not sell your personal information. We share data only:
- With service providers listed in Section 4, under contractual confidentiality obligations.
- To comply with applicable law, valid legal requests, or to protect rights and safety.
- In connection with a merger, acquisition, or asset sale, with notice to you.
- With your explicit consent.
7. Data Retention
We retain your account information for as long as your account is active. If you delete your account, we will remove or anonymize your personal data within 30 days, except where retention is required to comply with legal obligations, resolve disputes, or enforce our agreements.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your account and associated data.
- Object to or restrict certain processing.
- Export a copy of your data in a portable format.
- Withdraw consent at any time for processing that relies on consent.
To exercise any of these rights, email privacy@othentica.com.
9. Children's Privacy
The App is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.
10. International Transfers
Your information may be processed in countries other than your own, including the United States, where our service providers operate. We rely on appropriate safeguards (such as standard contractual clauses) where required by law.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes through the App or by email. Continued use of the App after the effective date of a revised policy constitutes your acceptance of the changes.
12. Contact Us
If you have questions, concerns, or requests regarding this policy or your data:
Email: privacy@othentica.com
App: Othentica (com.othentica.app)