1. Information We Collect

1.1 Account Information

Data Type	Purpose	Required/Optional
Email Address	Account creation, verification, communication	Required
Username	Account identification and personalization	Required
Language Preference	Service localization (Kurdish Sorani/Badini)	Required
Profile Image	Account personalization	Optional

1.2 Usage Information

• Chat Messages: Your conversations with the AI assistant
• File Uploads: Documents, images, and files you share for analysis
• Usage Statistics: Feature usage, session duration, interaction frequency
• Error Logs: Technical issues and crash reports for service improvement

1.3 Device and Technical Information

• Device type, operating system, and version
• App version and build information
• IP address and general location (country/region)
• Network connection type
• Device identifiers for push notifications (OneSignal)

1.4 Subscription and Payment Information

• Subscription plan and status
• Payment transaction data (processed by RevenueCat, Apple, Google)
• Purchase history and renewal information

2. How We Use Your Information

2.1 Service Provision

• Providing AI chat responses and conversations
• Processing and analyzing uploaded files and images
• Document generation and OCR services
• Maintaining conversation history
• Managing user accounts and authentication

2.2 Service Improvement

• Analyzing usage patterns to improve AI responses
• Identifying and fixing technical issues
• Developing new features and capabilities
• Optimizing performance and user experience

2.3 Communication

• Sending verification codes and security notifications
• Service updates and feature announcements
• Subscription and billing communications
• Customer support responses

3. Information Sharing and Disclosure

3.1 Service Providers

We share information with trusted third-party services:

• RevenueCat: Subscription management and analytics
• OneSignal: Push notification delivery
• Apple/Google: App store services and payments
• AI Service Providers: Processing chat requests (data anonymized when possible)
• Cloud Storage: Secure data storage and backup

3.2 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes and government requests
• Protect our rights, property, and safety
• Prevent fraud and abuse of our services
• Enforce our Terms of Service

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction.

4. Data Security and Protection

4.1 Security Measures

• Encryption: Data encrypted in transit and at rest
• Authentication: JWT tokens and biometric authentication support
• Access Controls: Limited access on need-to-know basis
• Regular Audits: Security assessments and monitoring
• Secure Infrastructure: Industry-standard cloud security

4.2 Data Breach Response

In the unlikely event of a data breach, we will:

• Immediately investigate and contain the breach
• Notify affected users within 72 hours
• Report to relevant authorities as required
• Implement additional security measures

5. Data Retention and Deletion

5.1 Retention Periods

Data Type	Retention Period	Reason
Account Information	Until account deletion	Service provision
Chat Messages	Until user deletion or account closure	Conversation history
Usage Analytics	24 months	Service improvement
Verification Codes	24 hours	Security verification
Error Logs	12 months	Technical support

5.2 Data Deletion

You can request deletion of your data by:

• Using the in-app account deletion feature
• Contacting our support team
• Sending an email request to our privacy team

6. Your Privacy Rights

6.1 California Privacy Rights (CCPA)

California residents have additional rights including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights

6.2 Exercising Your Rights

To exercise your privacy rights:

1. Contact us using the information provided below
2. Verify your identity for security purposes
3. Specify which rights you wish to exercise
4. We will respond within 30 days (or as required by law)

7. Children's Privacy

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by relevant authorities
• Other legally approved transfer mechanisms

9. Biometric Authentication

If you enable biometric authentication (Touch ID, Face ID):

• Biometric data is processed locally on your device
• We do not collect or store biometric information
• Authentication is handled by your device's secure enclave
• You can disable this feature at any time in app settings

10. Third-Party Services

10.1 Integrated Services

Our app integrates with the following third-party services:

• RevenueCat: Privacy Policy
• OneSignal: Privacy Policy
• Apple App Store: Privacy Policy
• Google Play Store: Privacy Policy

10.2 AI Service Providers

We use third-party AI services to provide intelligent responses. These providers may have access to your messages but are bound by strict confidentiality agreements.

11. Cookies and Tracking

Our mobile app does not use cookies, but we may use similar technologies for:

• Maintaining user sessions
• Storing user preferences
• Analytics and performance monitoring
• Push notification management

12. Updates to This Privacy Policy

• We may update this Privacy Policy from time to time
• Material changes will be notified through the app or email
• Continued use after updates constitutes acceptance
• Previous versions are archived and available upon request

13. Contact Information