PicPass processes all photos entirely on your device. No images, facial data, or personal information are ever uploaded to any server. We collect anonymous crash diagnostics so we can fix bugs — these contain no photos, no facial data, and nothing that identifies you.
1. Information We Do Not Collect
PicPass does not collect, store, transmit, or share:
- Photos or images you capture or select
- Facial detection data or biometric information
- Your name, email, phone number, or any personal identifiers
- Location data or GPS coordinates
- Advertising IDs (IDFA / GAID)
- Browsing history or app usage outside of PicPass
We do not use cookies or tracking pixels. We do not track you across other apps or websites.
We do collect a small amount of anonymous, non-personal data to keep the app working — see sections 5 and 6 below.
2. On-Device Processing
All photo processing — including face detection, cropping, resizing, compliance checks, and watermark generation — happens entirely on your device using local computing resources. Specifically:
- Camera access is used solely to capture your photo. The image never leaves the camera roll or app sandbox.
- Photo library access is used only when you choose to select an existing photo or save your processed photo.
- Face detection runs locally via on-device machine learning (MLKit). No facial data is transmitted externally.
- Image analysis (brightness, sharpness, background colour) uses local pixel-level processing via Skia. No cloud APIs are involved.
3. In-App Purchases
PicPass offers an in-app purchase to download your processed photos (3 downloads per purchase, valid for 30 days). This transaction is handled entirely by Apple (App Store) or Google (Play Store) through their respective payment systems. PicPass does not process, store, or have access to your payment information, credit card details, or billing address.
Purchase verification is managed by RevenueCat, a third-party purchase management service. RevenueCat receives only an anonymous transaction receipt from Apple or Google to verify your purchase entitlement. RevenueCat's privacy policy is available at revenuecat.com/privacy.
4. Local Storage
PicPass stores a small amount of data locally on your device using AsyncStorage:
- Whether you have completed the onboarding tutorial (a boolean flag)
- Your last selected country and document type (for convenience)
- Whether a purchase has been completed (to restore access)
This data never leaves your device and can be cleared by uninstalling the app.
5. Crash Reporting
PicPass uses Sentry for anonymous crash reporting. If the app crashes, a report containing the error type, stack trace, device model, and OS version is sent to Sentry. This report does not contain any photos, facial data, personal information, or identifiable content. You can learn more at sentry.io/privacy.
6. Third-Party Services
PicPass integrates with the following third-party services:
- Apple App Store / Google Play Store — for app distribution and payment processing
- RevenueCat — for anonymous purchase receipt verification
- Sentry — for anonymous crash reporting
- PostHog — for anonymous usage analytics (e.g. "capture started", "purchase completed"). Events contain no photos, no personal data, and IP addresses are anonymised. PostHog's privacy policy is available at posthog.com/privacy.
PicPass does not include advertising SDKs or social media SDKs.
7. Children's Privacy
PicPass does not knowingly collect any personal information from children under 13 (or the applicable age in your jurisdiction). Since PicPass collects no personal information from any user, it is safe for use by people of all ages. Parental supervision is recommended for in-app purchases.
8. Data Retention
Since PicPass does not collect or transmit personal data, there is nothing to retain or delete. All processed photos exist only on your device and in your photo library. Uninstalling PicPass removes all app-related data from your device.
9. Your Rights
Under GDPR, CCPA, and other privacy regulations, you have rights regarding your personal data. Since PicPass does not collect personal data, these rights are inherently satisfied:
- Right to access — we hold no data about you
- Right to deletion — there is nothing to delete
- Right to portability — your photos are already on your device
- Right to opt out of sale — we do not sell data because we have none
10. Security
The most secure data is data that doesn't exist. By processing everything on-device and transmitting nothing, PicPass eliminates the risk of data breaches, unauthorized access, or server-side vulnerabilities. Your photos are protected by your device's own security measures (passcode, Face ID, Touch ID).
11. Changes to This Policy
If we make changes to this privacy policy, we will update the effective date at the top of this page. Significant changes will be communicated through an in-app notice. Since we do not collect email addresses, we cannot notify you directly — please review this page periodically.
12. Contact
If you have questions about this privacy policy or PicPass's privacy practices, contact us at: