This Privacy Policy explains how the Mochi application (“Mochi”, “the Application”, “we”, “us”, “our”) collects, uses, stores, and protects your information when you use the Service.

By downloading or using the Application, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Application.

1. About the Application

Mochi is an iOS application that transforms your photos into kawaii and anime-style artwork using AI.

The Application is developed and operated by Martin Málek (support@mochiapp.eu).

2. Data We Collect

Mochi is designed to collect only the minimum amount of data required to operate the Service.

We do not collect names, email addresses, phone numbers, contact lists, GPS location, or other direct identifiers.

We collect the following categories of data:

2.1 User Identifier (User ID)

• A pseudonymous identifier generated when you start using the Service

• Stored securely on your device

• Used for subscription validation, rate limiting, and preventing misuse

Under GDPR, this may be considered personal data.

2.2 Time Zone

• Automatically provided by your device

• Used to calculate weekly and annual credit resets

• Not used for geolocation or tracking

2.3 Subscription Information

Provided via RevenueCat:

• Pseudonymous user identifier (separate from our User ID)

• Subscription status (active/inactive, type of subscription)

• Purchase metadata

We do not receive or store your payment card details or billing information (handled by Apple).

2.4 Photos and Image Data

Original Photos (uploaded by you)

• Used solely to generate AI artwork

• Temporarily processed on our Vercel backend and forwarded to the OpenAI API for generation

• Automatically deleted from our backend immediately after processing is completed

• Not stored by us or used by OpenAI to train their models

Generated Images

• Saved only on your device

• Never uploaded unless you choose to share or export them

• Not synced to iCloud by the Application

Local Metadata

Stored only on your device:

• Selected style

• Generation timestamps

• Processing-related metadata

This data is never transmitted to third parties.

2.5 Usage Information (pseudonymous)

Tied only to your User ID:

• Number of AI generations

• Subscription tier

• Reset periods and remaining quota

We do not use analytics SDKs, advertising identifiers, tracking pixels, or behavioral analytics.

3. What We Do NOT Collect

Mochi does not collect or store:

• Name

• Email

• Phone number

• Address

• Contacts

• GPS or background location

• Payment card details

• Advertising identifiers

• Browsing history

• Crash analytics

• Behavioral tracking

We do not use any third-party advertising or marketing tools.

4. How Your Data Is Used

We use your data only to:

• Provide and operate the Service

• Generate AI artwork from your photos

• Validate and manage subscriptions

• Enforce rate limits and fair use

• Ensure security and prevent abuse

• Improve reliability and performance

We do not use your data for advertising, profiling, or marketing.

5. Data Sharing

We do not sell, rent, or trade your data.

We share data only with essential service providers:

5.1 Subscription Management – RevenueCat

Shared data:

• User ID (pseudonymous)

• Subscription status

No photos or generated images are ever shared with RevenueCat.

5.2 Cloud Hosting & AI Processing – Vercel + OpenAI

Used to process your photos into artwork.

Shared temporarily during processing:

• Uploaded photo

• Selected style

• User ID (pseudonymous)

Photos are deleted immediately after processing.

OpenAI does not store your data or use it to train their models.

5.3 Apple (App Store Payments)

Apple processes all payment information.

We do not receive or store your card details or billing address.

6. Data Storage and Retention

On Your Device

• Generated images: stored until you delete them

• Settings and styles: stored locally

• Temporary task data: removed automatically

On Our Servers

• Uploaded photos: deleted immediately after processing

• Usage data and rate limits: kept only as needed to operate the Service

• Subscription logs: retained as required for service integrity

RevenueCat

Subscription records are retained according to their policies.

7. Data Security

We implement technical and organizational measures, including:

• Encryption in transit (HTTPS)

• Pseudonymized identifiers (User ID)

• Minimal backend retention

• Secure local storage

• Limited access to backend systems

No system can guarantee absolute security, but we take appropriate measures.

8. International Data Transfers

Data may be processed on servers outside your country, including outside the EU/EEA.

Such transfers rely on:

• Standard Contractual Clauses (SCCs)

• Encryption

• Pseudonymization

• Other appropriate safeguards

9. Your Rights

Depending on your jurisdiction (GDPR, CCPA), you may have the right to:

• Access your personal data

• Request deletion

• Request correction

• Request data portability

• Object to certain processing

To exercise your rights: support@mochiapp.eu

A built-in “Delete My Data” feature will be added to the Application. Until then, deletion requests will be processed manually.

10. Children’s Privacy

Mochi is not intended for children under 13.

We do not knowingly collect personal data from children.

If you believe a child under 13 has used the Service, contact us for deletion.

11. Changes to This Privacy Policy

We may update this Policy.

When updates occur, we will:

• Update the “Last updated” date

• Notify users in the Application when legally required

Continued use of the Application after updates constitutes acceptance.

12. Contact

For questions or data requests, contact:

Email: support@mochiapp.eu

Developer: Martin Málek