Privacy Policy for Rosetta Lens App

Rosetta Lens ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, Rosetta Lens (the "App"). The App is designed to provide real-time text translation using your device's camera, with features like translation history and optional user accounts for saving preferences.

This Privacy Policy is drafted to comply with the General Data Protection Regulation (GDPR) (EU) 2016/679, as well as other applicable privacy laws. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, this policy outlines your rights as a data subject.

If you do not agree with the terms of this Privacy Policy, please do not download, install, or use the App. By using the App, you consent to the practices described herein.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy in the App and updating the "Effective Date" above. For significant changes, we may also notify you via email (if provided) or through a prominent notice in the App. Your continued use of the App after such changes constitutes your acceptance of the updated policy.

1. Data Controller Information

Rosseta Lens is the data controller for the personal data processed through the App.

2. Types of Data We Collect

We collect personal data and non-personal data to provide and improve the App. "Personal data" means any information relating to an identified or identifiable natural person.

Personal Data We May Collect:

  • Account Information: If you create an account, we may collect your email address, username, and password.

  • User-Provided Data: Text or images you input for translation, translation preferences, or feedback you submit.

  • Device and Usage Data:** Automatically collected information such as device ID, IP address, operating system, app version, language settings, and usage statistics (e.g., frequency of use, features accessed).

  • Camera and Media Data:** With your permission, access to your camera for scanning text, and any images or photos processed for translation. We do not store images unless you choose to save a translation history.

  • Location Data: If enabled (optional), approximate location to suggest relevant languages or improve translations. This is based on your device settings and is not precise geolocation.

  • Analytics Data: Aggregated data from third-party tools (e.g., Google Analytics for Firebase) to understand app performance.

We do not collect sensitive personal data (e.g., racial or ethnic origin, health data) unless explicitly provided by you in translations, in which case it is processed only for the translation service and not stored.

We may collect anonymized or aggregated data that does not identify you, such as app crash reports or general usage trends.

If the App is used by children under 16 (or the applicable age in your jurisdiction), parental consent is required for any personal data collection. We do not knowingly collect data from children without such consent.

3. How We Collect Your Data

  • Directly from You: When you register, input data, or grant permissions.

  • Automatically: Through device sensors, logs, and cookies or similar technologies in the App.

  • From Third Parties: If you link external services (e.g., Google account for login), we may receive data from them.

4. Legal Basis for Processing Your Personal Data (GDPR-Specific)

Under GDPR, we process your personal data only where we have a valid legal basis:

  • Consent: For optional features like location data or saving translation history (you can withdraw consent at any time via app settings).

  • Contractual Necessity: To provide the core translation services you request.

  • Legitimate Interests: For improving the App, analytics, and security (e.g., fraud prevention), where your interests do not override ours.

  • Legal Obligation: To comply with laws, such as responding to regulatory requests.

  • Vital Interests: In rare cases, to protect your or others' safety.

We will not process your data for new purposes without notifying you and obtaining consent if required.

5. How We Use Your Personal Data

We use your data to:

  • Provide and maintain the App's translation features.

  • Personalize your experience (e.g., remember language preferences).

  • Improve the App through analytics and bug fixes.

  • Communicate with you (e.g., updates, support responses).

  • Comply with legal requirements.

  • Prevent misuse or enforce our terms.

We do not use your data for automated decision-making that affects you.

6. Sharing and Disclosure of Your Personal Data

We do not sell your personal data. We may share it with:

  • Third parties like cloud hosting (e.g., AWS), AI translation APIs (e.g., Google Translate API), and analytics tools (e.g., Firebase). These are data processors bound by GDPR-compliant contracts.

  • If we merge, acquire, or sell assets, your data may be transferred (we'll notify you).

  • To comply with laws, court orders, or government requests.

  • For any other purpose you approve.

For transfers outside the EEA (e.g., to US-based providers), we use Standard Contractual Clauses (SCCs) or other GDPR-approved mechanisms to ensure adequate protection.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined above:

  • Account data: Until you delete your account.

  • Translation history: As long as you choose to keep it (deletable anytime).

  • Usage data: Up to 24 months for analytics.

After this, data is anonymized or deleted securely. Longer retention may apply for legal reasons.

8. Your Data Protection Rights

If you are in the EEA, UK, or Switzerland, you have the following rights:

  • Request a copy of your personal data.

  • Correct inaccurate data.

  • Delete your data in certain circumstances.

  • Limit processing in specific cases.

  • Receive your data in a structured format.

  • Object to processing based on legitimate interests or for direct marketing.

  • At any time, without affecting prior processing.

You also have the right to lodge a complaint with your local supervisory authority.

9. Security of Your Data

We implement reasonable technical, administrative, and physical measures to protect your data, such as encryption for data in transit and at rest, access controls, and regular audits. However, no system is completely secure, and we cannot guarantee against all risks.

In case of a data breach, we will notify you and authorities as required under the GDPR.

10. International Data Transfers

If your data is transferred outside the EEA, we ensure GDPR compliance through adequacy decisions, SCCs, or binding corporate rules.

11. Third-Party Links and Services

The App may integrate third-party services (e.g., translation APIs). These have their own privacy policies, and we are not responsible for their practices.

12. Children's Privacy

The App is not intended for children under 13 (or 16 under GDPR). We do not knowingly collect their data without verifiable parental consent. If we discover such data, we will delete it.