Privacy Policy

Last updated: May 12, 2026

1. Information We Collect

We try to collect only what we need to run the verification service. Here's the full list, grouped by how we get it.

Information you provide directly

  • Photos and videos you capture or upload through the app
  • Your email address, only if you do not choose “Hide My Email” when signing in with Apple
  • Optional passcodes you set for individual photos. Passcodes are stored as a hash (scrypt), never as plaintext, and cannot be recovered by us
  • Any content you send us through reports, support requests, or contact forms

Information collected automatically from your device

  • Your Apple account identifier. This is the stable anonymous identifier from Sign in with Apple, not your Apple ID email. We use it to authenticate you
  • Device model, iOS version, and app build number
  • Cryptographic attestation data generated by Apple's App Attest and DeviceCheck frameworks. We use this to verify that photos were captured by a genuine, uncompromised copy of the RealPic app
  • Your IP address, logged at our edge infrastructure for rate limiting, abuse prevention, and security
  • App diagnostic and crash data collected via Sentry. This includes stack traces, device state at the time of a crash, and your IP address

Information generated by your use of the service

  • Verification codes and QR codes we generate for your photos
  • Verification records: when your photos are accessed through a verification link, we record the timestamp, the requester's IP address, and the coarse geolocation derived from that IP
  • Moderation signals: AI-authenticity certainty scores, flags, and reports we receive about your content

2. How We Use Your Information

We use the information we collect to:

  • Authenticate you and maintain your account
  • Store and serve your verified photos
  • Generate and serve verification codes and QR codes
  • Allow third parties who have your verification code or link to verify photo authenticity
  • Detect and prevent fraud, abuse, spam, and security threats
  • Enforce our Terms of Service, including content moderation and responding to reports
  • Comply with legal obligations, including reporting suspected child sexual abuse material (CSAM) to the National Center for Missing & Exploited Children (NCMEC) as required by federal law
  • Respond to support requests and communicate with you about the service
  • Improve the reliability, security, and performance of the service
  • Review aggregate, non-identifying patterns in server logs to understand how the service is used. We do not build individual behavioral profiles

3. Photo Storage and Retention

Photos

  • Free plan: original photos are stored for 30 days. After that, we retain a condensed version and a thumbnail so the photo can continue to be verified through its existing verification link
  • Premium plan: originals are stored indefinitely while your account is active
  • Deleted photos: moved to Recently Deleted and retained for 30 days before permanent removal. You can restore them from Recently Deleted within that window

Verification data

Cryptographic attestation records and verification metadata (including the verification logs described in Section 1) may be retained longer than the underlying photo to support ongoing verification of previously-shared links. We retain this data for as long as the verification link is active, and for up to [FLAG: duration, e.g., “2 years after the photo itself is deleted”] afterwards.

Account data

  • Retained while your account is active
  • After you delete your account: a 7-day grace period during which deletion can be canceled by signing back in. After the grace period, we delete your personal data within 30 days and revoke your Apple refresh tokens

Data retained after account deletion

A few categories survive account deletion because they are needed for moderation, security, or to meet legal obligations:

  • Cryptographic hashes of previously-uploaded photos, used to prevent re-upload of content we have removed for policy violations
  • Audit logs tied to security investigations or reports
  • Apple subscription transaction records, retained for tax and accounting purposes (typically 7 years)
  • Any content subject to a legal hold or law enforcement preservation request
  • Content and associated account data subject to a NCMEC CyberTipline report are retained for at least one year as required by 18 U.S.C. § 2258A, and may be retained longer if needed to support an ongoing investigation
  • Anonymized aggregate analytics that cannot be linked back to you

4. Sharing Your Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Photos you share via verification links or QR codes are accessible to anyone who has the link or code — that is the core function of the service. If you set a passcode on a photo, the passcode is hashed and must be entered before the photo can be viewed.

We share data with the following categories of service providers, only as needed to run the service:

  • Cloud infrastructure: Cloudflare (CDN, edge Workers, R2 object storage, and Access) and DigitalOcean (app hosting and managed database) — for service operation
  • Error tracking: Sentry — for diagnosing crashes and errors in the iOS app and backend
  • Background job processing: Trigger.dev — for asynchronous tasks such as thumbnail generation, scheduled cleanup, and subscription reconciliation
  • Apple: for Sign in with Apple authentication and for processing in-app purchases through the App Store
  • NCMEC, law enforcement, and legal compliance: we may disclose user content (photos), metadata, identifiers (including your Apple account identifier), IP addresses, App Attest and DeviceCheck attestation data, and other account information to the National Center for Missing & Exploited Children (NCMEC) and to federal, state, local, or foreign law enforcement when required by law, valid legal process (subpoena, warrant, or court order), or when we believe in good faith that disclosure is necessary to comply with 18 U.S.C. § 2258A or to protect the rights, safety, or property of RealPic, our users, or the public
  • Acquirer: in the event of a merger, acquisition, or sale of all or substantially all of RealPic's assets, users will be notified and the new entity will be bound by this Privacy Policy

NCMEC reporting

RealPic LLC is a registered Electronic Service Provider (ESP) with the National Center for Missing & Exploited Children (NCMEC). We report apparent child sexual abuse material to NCMEC's CyberTipline as required by 18 U.S.C. § 2258A. RealPic does not currently perform proactive content scanning; we report apparent CSAM when we become aware of it, including through user reports and other means.

Content and associated account data that are the subject of a CyberTipline report are preserved for at least one year as required by federal law, and may be preserved longer if necessary to support an ongoing investigation or legal process.

5. Security

Your photos are encrypted at rest with AES-256, so they cannot be read directly from storage. Even RealPic staff cannot view a photo unless it has received 5 or more verifications from other users, or has been flagged by our automated AI-authenticity review. This keeps photos private by default and limits manual review to cases where there is a legitimate reason to look. Cryptographic attestation additionally ensures the integrity of your photos from the moment of capture, and all data is encrypted in transit.

No security system is perfect. While we use industry-standard practices to protect your information, no method of electronic storage or transmission is 100% secure. If we become aware of a data breach that affects your personal information, we will notify you and the appropriate authorities as required by applicable law.

6. Your Rights and Choices

You can delete your account at any point through the mobile application. A 7-day grace period applies during which you can cancel the deletion by signing back in and pressing cancel. After 7 days, your photos and personal data will be deleted and your photos will no longer be verifiable.

You also have the following rights regarding your personal data:

  • Access: request a copy of the personal information we hold about you
  • Correction: request correction of inaccurate information
  • Deletion: delete your account from within the app (Settings → Account → Delete Account), or request deletion by emailing help@realpic.io
  • Portability: request a copy of your data in a machine-readable format
  • Objection or restriction: object to or request restriction of certain processing, where applicable under GDPR

California residents (CCPA / CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and share
  • Delete your personal information
  • Correct inaccurate personal information
  • Opt out of the sale or sharing of personal information. We do not sell your personal information and we do not share it for cross-context behavioral advertising
  • Limit our use of sensitive personal information
  • Not be discriminated against for exercising these rights

To exercise these rights, email help@realpic.io.

EU and UK residents (GDPR / UK GDPR)

Our legal bases for processing your personal data are: performance of our contract with you (to provide the service), our legitimate interests (security, fraud prevention, and improving the service), compliance with legal obligations (CSAM reporting, tax records), and consent where applicable.

You have the right to lodge a complaint with your local data protection supervisory authority.

Automated decision-making: RealPic computes an internal AI-authenticity certainty score for each photo. Whether a photo displays as “verified” to third parties is determined automatically by this score and by whether the photo has been flagged. If you believe your photo has been incorrectly scored or flagged, you can request human review by contacting help@realpic.io; a member of our team will re-evaluate the photo and may manually confirm it as authentic.

Data controller: RealPic LLC, [FLAG: registered business address]. For GDPR inquiries, contact [FLAG: help@realpic.io or privacy@realpic.io — confirm].

7. Children's Privacy

RealPic is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will delete it. Parents or guardians who believe their child has provided us with information may contact us at help@realpic.io.

Users between 13 and the age of majority in their jurisdiction should only use RealPic with parental or guardian consent.

8. International Users and Data Transfers

If you access RealPic from outside the United States, your information will be transferred to, stored, and processed in the United States. For users in the EU and UK, we rely on Standard Contractual Clauses or other valid transfer mechanisms as appropriate. By using the service, you consent to this transfer.

9. Cookies and Similar Technologies

  • The RealPic iOS app does not use cookies
  • The RealPic website uses essential cookies only, for authentication, session management, and security
  • We do not currently use analytics cookies
  • We do not use advertising or cross-site tracking cookies

10. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you through the app, by email, or by posting a prominent notice on this page before the changes take effect. Your continued use of the service after the effective date constitutes acceptance of the updated policy.

11. Contact

If you have questions about this policy or wish to exercise any of your rights, contact us at:

RealPic LLC
Email: help@realpic.io
[FLAG: registered business address]

For EU or UK residents with GDPR inquiries, you may also contact us at [FLAG: help@realpic.io or privacy@realpic.io — confirm].

You can also reach us through our contact page.