Privacy Policy — Social Wizard AI

Last Updated: February 13, 2026Effective Date: February 13, 2026

1. Introduction & Scope

1.1 About This Policy

This Privacy Policy explains how Social Wizard AI ("we," "us," "our") collects, uses, shares, and protects your information when you use our mobile application ("the App"). Social Wizard AI is an AI-powered mobile assistant that helps users improve their social interactions by generating reply suggestions, conversation starters, captions for social media, and advice for awkward social situations.

1.2 Who This Policy Applies To

This policy applies to all users of the Social Wizard AI mobile application, including anyone who downloads, installs, accesses, or interacts with the App on any supported device (iOS or Android).

1.3 Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will:

  • Update the "Last Updated" date at the top of this document.
  • Notify users of material changes through an in-app notification.
  • For significant changes, provide at least 14 days notice before the new terms take effect.

Your continued use of the App after the effective date of a revised Privacy Policy constitutes your acceptance of the changes.

2. Data Collection

2.1 Data Collected Automatically

When you use Social Wizard AI, we may automatically collect the following data:

  • Anonymous User ID — We create an anonymous user identifier via Firebase Authentication. This is not linked to your name, email, phone number, or any other personally identifiable information.
  • Device Platform — We identify whether you are using iOS or Android to serve the correct application configuration.
  • App Usage Timestamps — We record when your account was created and your last active timestamp in Firebase Firestore.
  • Server-Side Logs — Our Firebase Cloud Functions generate logs for security, debugging, and abuse prevention. These may include request metadata (e.g., timestamps, function names, error details).
  • Crash Logs & Performance Data — Standard crash and performance data may be collected by the platform (Apple/Google) and Firebase for stability monitoring.

We do NOT collect:

  • Your name, email address, phone number, or other contact information (the App uses fully anonymous authentication).
  • Precise geolocation data.
  • Contacts, calendar data, or browsing history.

2.2 User-Provided Data

You may voluntarily provide the following data while using the App:

  • Text Prompts — Descriptions of social situations, relationship context, or chat messages you type into the App for AI analysis.
  • Uploaded Images — Screenshots of chat conversations or photos of people/scenes, uploaded via the image picker for AI analysis (e.g., reply suggestions, conversation starters, captions).
  • Chat Messages — In the Chat Helper feature, you may input a conversation (messages marked as sent or received) for AI-powered guidance.
  • Profile Information — You may create profiles within the App containing a display name, personalization notes, and preferred tonality. This data is stored locally on your device only.
  • Language Preference — Your selected language for AI outputs.
  • Custom Tonalities — Any custom communication styles you create.

2.3 Sensitive Data

We do not intentionally collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health information, or sexual orientation.

However, because the App allows free-form text input (e.g., describing awkward situations or social contexts), you may voluntarily include sensitive information in your prompts. We strongly advise against including sensitive personal data in your inputs. Any such data included in prompts is processed solely to generate the requested AI output and is handled with the same security measures as all other data.

2.4 Data from Integrations

Social Wizard AI does not integrate with or connect to any third-party social media accounts (such as Instagram, WhatsApp, TikTok, etc.). The App operates independently. Any screenshots or images you upload are selected manually from your device's photo library — we do not access your social media accounts or import data from them.

3. Use of Data

3.1 Primary Purpose

We use collected data for the following purposes:

  • Generating AI Outputs — Your text prompts, uploaded images, and context are sent to our secure server (Firebase Cloud Functions) and processed using the OpenAI API to generate reply suggestions, conversation starters, captions, situational advice, and chat analysis.
  • Providing the Service — Anonymous authentication, subscription verification, and request routing.
  • Maintaining Security — Firebase App Check verification to ensure requests come from legitimate instances of our App, and server-side logging for abuse prevention.
  • Improving App Stability — Crash logs and error data help us identify and fix bugs.

3.2 AI Training

✅ We do NOT use your personal prompts, uploaded images, or AI-generated outputs to train or fine-tune our AI models.

We may use anonymized, aggregated, and de-identified usage data (such as feature usage frequency, error rates, and general content categories) to improve the Service. No individual user's data is identifiable in this process.

Regarding our AI provider (OpenAI): Your data is sent to OpenAI's API for processing. OpenAI's data usage policies apply to how they handle API requests. As of the date of this policy, OpenAI states that data submitted through their API is not used to train their models. We encourage you to review OpenAI's API Data Usage Policy for the most current information.

3.3 Analytics, Marketing & Advertising

  • Analytics — We may collect aggregated, anonymized analytics (e.g., which features are most used) to improve the App. We do not use third-party analytics tools that track individual users.
  • Marketing — We do not use your personal data for marketing purposes.
  • Advertising — Social Wizard AI does not display advertisements and does not use your data for targeted advertising.

3.4 Data Retention

  • User Inputs (Prompts & Images) — Text prompts and uploaded images are sent to our servers for real-time processing and are not stored persistently on our servers after the AI output is generated. Server-side logs may retain request metadata for a limited period (up to 30 days) for debugging and abuse prevention.
  • Local History — The App stores your last 50 interactions (prompts and results) locally on your device using on-device storage (AsyncStorage). This data never leaves your device unless you initiate a new request. You can clear this history at any time from the App's settings.
  • User Records — Your anonymous user record (anonymous ID, creation date, last active date) is stored in Firebase Firestore for as long as your account exists. Upon account deletion, this data is removed within 30 days.
  • Subscription Data — Subscription and purchase information is managed by RevenueCat and the respective app stores (Apple/Google). We do not store payment details.

4. Sharing & Disclosure

4.1 Third-Party Service Providers

We share data with the following third-party service providers, strictly for the purpose of operating the Service:

ProviderPurposeData Shared
OpenAIAI content generationText prompts, uploaded images (base64-encoded), tonality, context, and language preferences
Google FirebaseAuthentication, Cloud Functions, Firestore, App CheckAnonymous user ID, timestamps, request metadata
RevenueCatSubscription management and payment processingAnonymous user ID, subscription status, purchase history
Apple / Google PlayPayment processing, app distributionPayment and device information (managed by Apple/Google directly)

4.2 Circumstances for Sharing

We may share your data under the following circumstances:

  • Service Providers — As described above, to operate the App.
  • Legal Requirements — If required by law, regulation, legal process, or governmental request.
  • Safety & Security — To protect the rights, property, or safety of Social Wizard AI, our users, or the public.
  • Business Transfers — In connection with a merger, acquisition, reorganization, or sale of assets, your data may be transferred to the acquiring entity. We will notify users before their data is transferred and becomes subject to a different privacy policy.

4.3 Sale of Data

✅ We do NOT sell your personal data. We have never sold personal data, and we have no plans to do so.

4.4 International Data Transfers

Your data may be processed in the United States (where our Firebase Cloud Functions are hosted in the us-central1 region) and in any jurisdiction where our third-party service providers operate (e.g., OpenAI in the US).

For users in the European Economic Area (EEA) or the United Kingdom, such transfers are conducted in compliance with applicable data protection laws, using appropriate safeguards such as Standard Contractual Clauses (SCCs) or reliance on adequacy decisions where available.

5. Data Security & Storage

5.1 Security Measures

We implement the following measures to protect your data:

  • Firebase App Check — Ensures that only legitimate instances of our App can communicate with our backend services, preventing unauthorized access.
  • Anonymous Authentication — No personally identifiable credentials (email, phone, password) are collected or stored. Users are identified only by a randomly generated anonymous ID.
  • HTTPS/TLS Encryption — All data transmitted between the App and our servers is encrypted in transit using industry-standard TLS encryption.
  • Serverless Architecture — Our backend uses Firebase Cloud Functions, which are ephemeral (stateless) and do not persistently store user inputs after processing.
  • Access Controls — Backend services are protected by Firebase security rules and authentication requirements.
  • Image Processing — Uploaded images are converted to base64 on your device, transmitted securely to our servers, processed by the AI, and discarded. Images are not stored on our servers.

5.2 Data Storage Location

  • Server-Side — Firebase Cloud Functions and Firestore are hosted in Google Cloud's us-central1 region (United States).
  • Local (On-Device) — User preferences (language, tonalities, profiles), interaction history, and onboarding status are stored locally on your device using AsyncStorage. This data remains entirely on your device.

5.3 Data Breach Response

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Investigate and contain the breach promptly.
  • Notify affected users within 72 hours of becoming aware of the breach (as required by GDPR) via in-app notification or other available means.
  • Notify the relevant supervisory authority where required by law.
  • Take steps to mitigate the impact and prevent future incidents.

6. User Rights & Controls

6.1 Access, Correction & Deletion

You have the right to:

  • Access your data — You can view your locally stored profile information, preferences, and history directly within the App's Settings screen.
  • Correct your data — You can edit your profiles, tonalities, and language preferences at any time in the App.
  • Delete your data:
    • Local data: You can clear your history from the App's settings. Uninstalling the App deletes all locally stored data.
    • Server-side data: You may request deletion of your anonymous user record and any associated server-side data by contacting us at the email address listed in Section 10. We will process your request within 30 days.

6.2 Opt-Out Options

  • AI Training — We do not use your personal data for AI training, so no opt-out is necessary.
  • Targeted Advertising — We do not serve ads, so no opt-out is necessary.
  • Data Collection — Since the App requires anonymous authentication and server-side AI processing to function, you cannot opt out of these while using the Service. You may stop using the App and uninstall it at any time.

6.3 Data Portability

Your interaction history is stored locally on your device. Since this data is in your control, you can access it at any time. If you need an export of any server-side data associated with your anonymous ID, please contact us at the email address listed in Section 10.

6.4 Withdrawing Consent

Where processing is based on your consent, you may withdraw consent at any time by:

  • Adjusting your preferences within the App.
  • Ceasing to use the App and uninstalling it from your device.
  • Contacting us at the email address listed in Section 10 to request deletion of server-side data.

Withdrawal of consent does not affect the lawfulness of processing that occurred before withdrawal.

7. Children's Privacy

7.1 Age Requirement

Social Wizard AI is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 years of age.

In the United States, we comply with the Children's Online Privacy Protection Act (COPPA), which protects children under 13. In the European Union, we comply with GDPR Article 8, which sets the digital age of consent at 16.

7.2 Verification & Enforcement

Due to the nature of anonymous authentication, we do not collect age verification data at sign-up. However:

  • Our Terms of Service explicitly require users to be at least 16 years of age.
  • If we discover that a user is under 16, we will promptly terminate their account and delete any associated data.
  • Parents or guardians who believe their child under 16 has used the App may contact us at the email address listed in Section 10, and we will take immediate action to delete the child's data.

8. Cookies & Tracking Technologies

8.1 Cookies

Social Wizard AI is a native mobile application and does not use cookies in the traditional web sense.

8.2 On-Device Storage

The App uses AsyncStorage (a local key-value storage mechanism on your device) to store:

  • Language preference
  • Custom tonalities
  • User profiles (name, personalization, tonality)
  • Interaction history (last 50 items)
  • Onboarding completion status
  • Active profile selection

This data is stored entirely on your device and is not transmitted to our servers (except when explicitly sent as part of an AI request, such as tonality and language preferences).

8.3 Third-Party Tracking

We do not use third-party tracking pixels, advertising identifiers, or behavioral tracking technologies. We do not use Google Analytics, Facebook Pixel, or similar tools.

8.4 Managing On-Device Data

You can manage or delete on-device data by:

  • Clearing your history in the App's Settings.
  • Uninstalling the App (which removes all locally stored data).

9. Legal Compliance

9.1 Applicable Laws

We are committed to complying with the following privacy regulations:

  • GDPR (General Data Protection Regulation) — For users in the European Union and European Economic Area.
  • UK GDPR — For users in the United Kingdom.
  • CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act) — For residents of California, USA.
  • COPPA (Children's Online Privacy Protection Act) — For protection of children under 13 in the USA.
  • PIPEDA (Personal Information Protection and Electronic Documents Act) — For users in Canada.

9.2 Region-Specific Rights

European Economic Area & United Kingdom (GDPR / UK GDPR)

If you are in the EEA or UK, you have the following rights:

  • Right of Access — Request a copy of the personal data we hold about you.
  • Right to Rectification — Request correction of inaccurate data.
  • Right to Erasure ("Right to be Forgotten") — Request deletion of your personal data.
  • Right to Restriction — Request restriction of processing of your data.
  • Right to Data Portability — Request your data in a structured, machine-readable format.
  • Right to Object — Object to processing of your data based on legitimate interest.
  • Right to Lodge a Complaint — File a complaint with your local Data Protection Authority (DPA).

Legal Basis for Processing:

PurposeLegal Basis
Providing the Service (AI generation, authentication)Contractual necessity
Security & abuse prevention (App Check, logging)Legitimate interest
Compliance with legal obligationsLegal obligation

California (CCPA/CPRA)

If you are a California resident, you have the following rights:

  • Right to Know — Request information about what personal data we collect, use, and share.
  • Right to Delete — Request deletion of your personal data.
  • Right to Opt Out of Sale — We do not sell personal information.
  • Right to Non-Discrimination — We will not discriminate against you for exercising your privacy rights.

9.3 Data Controller

The data controller for Social Wizard AI is:

Roman Micuda

📧 Email: roman.micuda.programator@gmail.com

🏠 Jurisdiction: Slovak Republic

10. Contact & Enforcement

10.1 Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

📧 Email: roman.micuda.programator@gmail.com

10.2 Handling Complaints & Disputes

We take privacy concerns seriously and will respond to your inquiry within 30 days (or within the timeframe required by applicable law).

Our process for handling privacy complaints:

  1. Acknowledgment — We will acknowledge receipt of your complaint within 5 business days.
  2. Investigation — We will investigate the matter and determine what action, if any, is required.
  3. Resolution — We will provide a written response with our findings and any corrective actions within 30 days.
  4. Escalation — If you are not satisfied with our response, you may:
    • For EU/UK users: Lodge a complaint with your local Data Protection Authority (DPA) or use the European Commission's Online Dispute Resolution Platform.
    • For California users: Contact the California Attorney General's Office.
    • For all users: Contact the relevant privacy regulatory authority in your jurisdiction.

© 2026 Social Wizard AI. All rights reserved.