Privacy Policy

Last updated: 03/06/2026
Effective date: 03/06/2026

This Privacy Policy describes how MemoryBites ("we", "our", or "the app") collects, uses, and shares information when you use our iOS application and related services. Please review this policy carefully. By using the app, you agree to the practices described below.

1. Information We Collect

1.1 Account and authentication

Email address – When you register with email and password, or when you sign in with Google, Facebook, or Apple, we receive and store your email address so we can create and manage your account, verify your identity, and communicate with you (e.g. email verification after registration).
Password – If you register with email and password, we store a secure, one-way hash of your password on our servers. We do not store your actual password.
Sign-in provider data – If you use Google, Facebook, or Sign in with Apple, we receive from the provider: your email and a unique identifier from that provider. We use this to create or link your account and to recognize you on future sign-ins. We do not receive your date of birth from these providers; if you sign in with them, you must be at least 10 years old to use the service. Each provider’s use of your data is governed by that provider’s privacy policy.
Date of birth (email/password registration only) – When you create an account with email and password, we ask for your date of birth to verify that you are at least 10 years old. We use it only to confirm your age at registration; we do not store your actual date of birth. We store only a record that age was verified (e.g. date of verification).
Authentication tokens – The app stores access and refresh tokens on your device so you can stay signed in. These are used only to authenticate requests to our servers.

1.2 Photos and image generation

Photos you upload – When you use the app to create AI-generated images, you upload one or more photos from your device. We receive and temporarily store these images on our servers (in cloud storage we operate, such as Azure or Google Cloud) so we can process them and generate new images. We also store metadata about each upload (e.g. upload ID, image identifiers, timestamps, whether it was from auto-upload). Important: After processing is complete and we don't need the uploaded images anymore, we remove them from our storage. We don't retain them.
Custom prompts – If you use a paid tier that allows custom prompts, we store the text of your custom prompt in connection with the upload so we can generate the image. We validate prompts (e.g. via content moderation) before sending them to our image-generation provider; prompts that do not pass are rejected and are not sent. We may use the prompt, together with your images, when calling our image-generation provider only after it has passed validation (see section 3). Important: After processing is complete and we don't need the uploaded images anymore, we remove them from our storage. We don't retain them.
Style and generation metadata – We store which predefined style (if any) you selected, generation status, and similar data so we can show you history and deliver generated images to your device.
Generated images – We store the AI-generated images we create for you so you can view and download them in the app and in your history. Important: Once you download the generated images, we remove them from our storage. We don't retain them.

1.3 Subscription and usage

Subscription tier – We store your current plan (Free, Premium, or Pro), your subscription or transaction identifier from the Apple App Store (for validation), and related data such as available credits and when credits were last refilled. This is used to enforce limits and provide the correct features (e.g. custom prompts, watermarking on Free tier).

1.4 Device and app usage

Device storage (app only) – The app uses local storage on your device for tokens, preferences (e.g. auto-upload time), and similar data necessary for the app to function. We do not collect device identifiers for advertising or tracking across other companies’ apps.

1.5 Feedback

Feedback submissions – When you send feedback (e.g. bugs, feature requests) through the in-app feedback form, we receive the type and message you provide. By default, we do not include your email address with your feedback. We only include your account email when you explicitly opt in by checking the box that says you can be contacted regarding your feedback. If you opt in, we include your email in the message we send to our support inbox so we can respond to you.

2. How We Use Your Information

We use the information above to:

Create, maintain, and secure your account and to authenticate you (including via email verification).
Provide the app’s features: receiving your photos, running AI image generation, storing and serving generated images, and showing your history.
Apply your subscription tier (Free, Premium, Pro), including limits on generations and credits, and to validate subscriptions with the App Store.
Send you transactional emails (e.g. email verification) via our email provider.
Process feedback you submit and, if you opted in, include your email so we can respond to you.
Operate, secure, and improve our systems (e.g. logs for debugging and security; we do not use your photos or prompts for marketing or training our own models beyond what is needed to provide the service).

We do not use your data for advertising or to build advertising profiles. We do not sell your personal information.

We share data only as needed to run the service and as described here:

Google, Facebook, Apple – When you sign in with Google, Facebook, or Sign in with Apple, we send the relevant token to our servers; we receive from the provider your email and a unique ID. Their use of your data is governed by their respective privacy policies.
Email delivery (e.g. ZeptoMail) – We use a third-party email service to send verification and other transactional emails. Your email address and the content of those emails are processed by that provider according to their privacy policy.
Image generation (e.g. OpenAI) – To generate images, our servers send your uploaded photo(s) and the generation prompt (including any custom prompt you provided) to our image-generation provider (e.g. OpenAI). That provider’s privacy policy applies to their processing of this data.
Cloud storage and hosting – We store photos, generated images, and other data on cloud infrastructure we use (e.g. Azure, Google Cloud). These providers process data on our behalf to provide storage and hosting.

We do not sell or rent your personal information to third parties. We may disclose information if required by law (e.g. subpoena, court order) or to protect our or others’ rights, safety, or property.

4. Data Retention

Account data – We retain your account and profile information for as long as your account is active. If you delete your account, we will delete or anonymize your personal data in line with our data retention practices, except where we must retain it for legal or legitimate operational reasons.
Photos and generated images – We retain uploaded and generated images and related metadata for as long as needed to provide the service and to show your history. We may delete or anonymize this data after account deletion or after a period of inactivity, in accordance with our internal policies. Important: Only metadata is retained in our storage. Input images, custom prompts and generated images are all removed from our storage as soon as processing and download are finished.
Logs – Server and operational logs may be retained for a limited period for security and troubleshooting.

5. Your Rights and Choices

Access and accuracy – You can access and update your account information (e.g. email) through the app or by contacting us.
Account deletion – You can delete your account at any time from within the app: open Settings, tap Delete account, and confirm in the dialog. This permanently deletes your account and associated data (e.g. profile, upload and generation records) from our systems. You may also contact us to request deletion (see section 7). We will process requests in line with applicable law and our systems’ capabilities.
Email – You can opt out of non-essential emails (e.g. marketing) if we send them; transactional emails (e.g. verification) are necessary for the service.
Location – The app does not collect your precise location. If that changes, we will update this policy and, where required, obtain consent.
Rights in your jurisdiction – Depending on where you live (e.g. EEA, UK, California), you may have additional rights (e.g. access, correction, deletion, portability, objection, restriction). To exercise them, contact us using the details in section 7.

6. Security

We use industry-standard measures to protect your data (e.g. encryption in transit, secure storage, access controls). No system is completely secure; we cannot guarantee absolute security.

7. Children

The app is not directed at children under 10 (or the applicable age in your country). We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us so we can delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy with a new "Last updated" date and, where required by law or for material changes, we will notify you (e.g. in the app or by email). Continued use of the app after the effective date constitutes acceptance of the updated policy.

9. Contact Us

For questions about this Privacy Policy, your data, or to exercise your rights, contact us at:

support@memorybites.ai

If you are in the EEA/UK, you may also have the right to lodge a complaint with your local data protection authority.