Pose Studio Terms Privacy Policy

Privacy Policy

Last updated June 25, 2026

Privacy at Pose Studio

This privacy policy applies to the Pose Studio mobile application ("Application") developed by Nirmal Jeffrey Bernard Wilson ("Service Provider") as a Freemium service. This service is provided "AS IS".

How you use the Application

Pose Studio uses anonymous Firebase authentication. We do not require or collect your email address, name, or other personally identifying information at sign-up. A unique anonymous user identifier (Firebase UID) is generated to associate your subscription and usage with your device.

What data does the Application collect?

  • Photos. When you use the pose analysis feature, photos you capture or select are transmitted to our backend (Firebase Cloud Functions) and to third-party AI providers for processing. We do not store your photos on our servers. They are processed in real-time and discarded.
  • Anonymous user identifier (Firebase UID). A unique anonymous ID generated per device.
  • Device information. OS version, device model, app version, locale.
  • IP address. Logged by our backend for abuse detection and rate limiting.
  • Approximate location. Country/region derived from your IP address. We do not access GPS or precise location.
  • Crash logs and analytics. Crashes, screen views, and feature usage events via Firebase Crashlytics and Firebase Analytics.
  • Push notification token. If you enable notifications, your device's Firebase Cloud Messaging token is stored to deliver pushes.
  • Purchase history. Subscription state and transaction events via RevenueCat.

How is AI used and which providers process my data?

Pose Studio uses third-party AI providers to analyze photos and generate pose suggestions:

  • Anthropic Claude — analyzes scene composition. Photos are transmitted via API. Anthropic retains API data for up to 7 days for abuse monitoring per their privacy policy, then deletes it. Photos are not used to train AI models.
  • OpenAI — our pose-image generator. Photos are transmitted via API. OpenAI retains API data for up to 30 days for abuse monitoring per their API data usage policies, then deletes it. Photos are not used to train AI models.
  • Google Gemini — an alternate pose-image generator ("Nano Banana", gemini-2.5-flash-image), used as a fallback. Photos are transmitted via the Gemini API. On Google's paid Gemini API tier, your prompts and images are not used to train Google's models and are not retained beyond serving the request, per Google's Gemini API Additional Terms of Service.

All photo transmission is encrypted in transit (HTTPS / TLS).

These providers act as data processors. They are contractually bound (through Data Processing Agreements, and for EU/UK users Standard Contractual Clauses) to protect your data to the same standard described in this policy, to use it only to perform the requested processing, and not to train their AI models on it. We confirm that these providers offer the same or equivalent data protection that we provide.

Before your photo is sent to any of these AI providers, Pose Studio asks for your explicit consent. You must agree before the AI features are used. You can withdraw consent at any time by not using the AI features and by contacting us to delete any data tied to your anonymous user identifier.

AI-Generated Content Disclosure (EU AI Act)

Pose previews displayed in Pose Studio are AI-generated images, not authentic photographs. They are produced by AI models analyzing your input photo. AI-generated content may not perfectly preserve your appearance, clothing, or environment, and should be treated as a creative reference, not a faithful representation.

Information collected automatically

In addition to the categories above, the Application may collect anonymized telemetry: type of mobile device, mobile operating system, app version, and information about how you use the Application. This is used to improve the product.

Does the Application collect precise real-time location?

No. Pose Studio does not access GPS or precise device location. Approximate country/region is derived from your IP address only.

Third parties that may receive your information

The Application uses third-party services that have their own privacy policies. Below are the providers and links:

  • Google Play Services
  • Firebase (Auth, Firestore, Cloud Functions, Cloud Messaging, Analytics, Crashlytics)
  • RevenueCat — subscription management
  • Anthropic — Claude AI analyzer
  • OpenAI — pose-image generation
  • Google (Gemini) — pose-image generation (fallback)
  • Apple App Store — iOS payment processing

The Service Provider may disclose information:

  • as required by law (e.g. subpoena or similar legal process);
  • when disclosure is necessary in good faith to protect rights, safety, investigate fraud, or respond to a government request;
  • with trusted service providers operating on our behalf, who do not have an independent right to use the data and are bound by this privacy policy.

Device permissions Pose Studio requests

  • Camera — required to capture photos for AI pose analysis. Photos are transmitted for processing and not retained on our servers.
  • Photo library — optional. Used only when you choose to add a custom pose by selecting an image from your device.
  • Save to Photos — optional. Used only when you choose to save a generated pose preview to your device's photo library.
  • Notifications — optional. Used to alert you about new features, generation completion, or subscription updates. Declining notification permission does not affect core app functionality.

You can revoke any of these permissions at any time from your device's Settings.

Your rights under GDPR (EU/UK users)

If you are located in the European Economic Area or the United Kingdom, you have the following rights regarding your personal data:

  • Right of access — request a copy of your data.
  • Right to rectification — request correction of inaccurate data.
  • Right to erasure ("right to be forgotten") — request deletion of your data.
  • Right to data portability — request your data in a machine-readable format.
  • Right to object — object to processing of your data.
  • Right to restrict processing — request that we limit how we use your data.
  • Right to withdraw consent at any time.

To exercise these rights, contact nirmal.jeffrey@vaazhstudios.com. The lawful basis for our processing is the performance of a contract (the AI pose analysis service you have requested).

International data transfers

Our backend operates on Google Cloud (US) and our AI providers (Anthropic, OpenAI, Google) are based in the United States. Personal data of EU/UK users is transferred to the United States under Standard Contractual Clauses (SCCs) approved by the European Commission, as part of our agreements with these processors.

Your rights under CCPA / CPRA (California users)

If you are a California resident, you have the right to know what personal information we collect, the right to request deletion of your personal information, and the right to opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising. Contact nirmal.jeffrey@vaazhstudios.com to exercise these rights.

Opt-out rights

You can stop all collection of information by uninstalling the Application using the standard uninstall process on your device or via the app marketplace. To request deletion of any data tied to your anonymous user identifier, contact nirmal.jeffrey@vaazhstudios.com.

Data retention

The Service Provider retains user-provided data only as long as you use the Application and for a reasonable time thereafter. Photos are not retained on our servers — they are processed in real-time and discarded. AI providers may retain transmitted photos for short periods (Anthropic up to 7 days; OpenAI up to 30 days; Google's paid Gemini API not beyond serving the request) for abuse monitoring, then delete. Automatically collected analytics are retained for up to 24 months and may then be aggregated. To request deletion of your data, contact nirmal.jeffrey@vaazhstudios.com.

Children's privacy

The Service Provider does not knowingly solicit data from or market to children under the age of 16. The Application is not directed at anyone under 16. The Service Provider does not knowingly collect personally identifiable information from children under 16. If we discover that a child under 16 has provided personal information, we will immediately delete it from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact nirmal.jeffrey@vaazhstudios.com so that we can take appropriate action.

How is your information kept secure?

The Service Provider provides physical, electronic, and procedural safeguards to protect information we process and maintain. We limit access to authorized parties who need that information to operate, develop, or improve the Application. Photo transmission is encrypted in transit (HTTPS/TLS). API keys for third-party providers are stored in Google Cloud Secret Manager, never on the device. App Check (App Attest on iOS, Play Integrity on Android) is used to validate that requests come from the genuine Pose Studio app. Although we endeavor to provide reasonable security, no system can prevent all potential security breaches.

Changes to this Privacy Policy

This Privacy Policy may be updated from time to time. The Service Provider will notify you of any changes by updating this page with the new Privacy Policy. You are advised to consult this Privacy Policy regularly. Continued use of the Application is deemed approval of all changes.

Consent

By using the Application, you consent to the Service Provider processing your information as set forth in this Privacy Policy.

Contact

If you have any questions about privacy while using the Application, please contact nirmal.jeffrey@vaazhstudios.com.