Privacy Policy

Last updated: December 19, 2025

Introduction

Unrot AI ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("the App").

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the App.

1. Information We Collect

We collect several types of information to provide and improve our service to you:

1.1 Personal Information

When you create an account, we collect:

  • Email address (required for account creation and authentication)
  • Account credentials (password, encrypted and hashed)
  • User ID (automatically generated)
  • Account creation date
  • Last login date

1.2 Focus Test Data

When you use the focus training features, we collect and store:

  • Focus test scores and results
  • Test duration and timestamps
  • Historical performance data
  • Progress statistics and trends

This data is stored securely in our database and associated with your account to provide personalized insights and track your progress over time.

1.3 Camera Data

IMPORTANT: The App requires camera access to function, but we handle camera data with strict privacy protections:

  • Camera feed is processed in real-time on your device using Google ML Kit Face Detection
  • NO video recordings are saved or stored
  • NO camera data is transmitted to our servers
  • NO images or video are retained after a test session ends
  • NO facial data, coordinates, or contours are stored
  • Camera analysis is used solely for real-time focus assessment
  • Only computed scores (simple numbers) are stored, never facial data

Your camera permissions can be revoked at any time through your device settings, though this will prevent the App from functioning.

1.3.1 Face Data and Biometric Information

IMPORTANT: While Unrot AI analyzes facial features in real-time for focus assessment, we do not collect, store, or transmit any face data.

What Facial Features Are Analyzed:

To assess your focus and attention during training sessions, our app uses Google ML Kit Face Detection to analyze the following features in real-time:

  • Eye contour position and movement (to assess attention stability)
  • Head orientation angles (3D rotation: pitch, yaw, roll) to detect if you are facing the camera
  • Eye openness probability (to detect blinks and assess alertness)
  • Facial contours and landmarks (to detect presence and positioning)

Critical Privacy Protections:

  • On-Device Processing Only: All facial analysis occurs exclusively on your device using native iOS frameworks
  • No Data Collection: While features are analyzed, NO facial data, templates, or biometric identifiers are extracted or stored
  • No Facial Recognition: We do not identify or recognize individuals
  • No Biometric Enrollment: No facial templates or reference data are created
  • Immediate Discard: Each camera frame is analyzed and immediately discarded
  • No Storage: No video frames, images, or facial information are saved
  • No Transmission: No facial data ever leaves your device
  • Results Only: Only computed metrics are stored (focus score, head/eye stability scores, duration, frame counts, timestamp) — never the facial data, coordinates, or video frames
  • Zero Retention: No face data is retained after your session ends
  • No Third-Party Sharing: Since no face data is collected or stored, none can be shared

Technical Implementation:

The app uses computer vision algorithms running locally on your device to analyze the camera feed frame-by-frame. These algorithms detect facial features momentarily to calculate attention metrics, then immediately discard the frame data. Think of it like looking in a mirror — you see your reflection in real-time, but the mirror doesn't save or remember what it showed.

Purpose: Facial feature analysis is used solely to provide real-time feedback on your attention and focus during voluntary training sessions.

1.4 Device Information

We automatically collect certain information about your device:

  • Device type and model
  • Operating system and version
  • App version
  • Unique device identifiers
  • Mobile network information
  • Time zone and language settings

This information helps us optimize the App for your device and troubleshoot technical issues.

1.5 Usage Data

We collect information about how you interact with the App:

  • Features you use and how often
  • Session duration and frequency
  • Navigation patterns within the App
  • Error logs and crash reports
  • Performance metrics

This data helps us understand how users interact with the App and identify areas for improvement.

2. How We Use Your Information

We use the collected information for the following purposes:

We do NOT use your information for:

  • Selling or renting to third parties
  • Targeted advertising
  • Marketing campaigns (unless you explicitly opt-in)
  • Sharing with partners for their own marketing purposes

3. Data Storage and Security

We take the security of your data seriously and implement multiple layers of protection:

3.1 Data Encryption

  • All data transmitted between your device and our servers is encrypted using TLS/SSL protocols
  • Passwords are hashed using industry-standard algorithms (bcrypt)
  • Sensitive data is encrypted at rest in our databases
  • We use secure authentication tokens that expire regularly

3.2 Data Storage Location

  • Your data is stored on secure servers provided by Firebase (Google Cloud Platform)
  • Servers are located in the United States
  • All data centers meet SOC 2 and ISO 27001 security standards
  • Regular security audits are performed by third-party experts

3.3 Access Controls

  • Only authorized personnel have access to user data
  • Access is limited on a need-to-know basis
  • All access is logged and monitored
  • Multi-factor authentication is required for administrative access

3.4 Data Retention

We retain your information for as long as your account is active or as needed to provide you services. Specifically:

  • Account data: Retained until you delete your account
  • Focus test data: Retained until you delete your account
  • Usage logs: Retained for up to 90 days
  • Crash reports: Retained for up to 90 days

When you delete your account, we will permanently delete your data within 30 days, except where we are required by law to retain certain information.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

4.1 Service Providers

We may share data with third-party service providers who perform services on our behalf:

  • Firebase/Google Cloud (hosting and authentication)
  • Cloud storage providers
  • Analytics services (anonymized data only)
  • Customer support tools

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

4.2 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities, including:

  • Compliance with legal obligations
  • Protection of our legal rights
  • Investigation of potential violations of our Terms
  • Protection of the safety of users or the public
  • Prevention of fraud or illegal activity

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

5. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

5.1 Access and Portability

  • You have the right to access your personal information
  • You can request a copy of your data in a portable format
  • You can view your focus test history directly in the App

5.2 Correction and Update

  • You have the right to correct inaccurate personal information
  • You can update your email address through the App settings
  • You can contact us to request corrections to other data

5.3 Deletion

  • You have the right to request deletion of your personal information
  • You can delete your account directly in the App settings
  • Upon deletion, all your data will be permanently removed within 30 days
  • Some information may be retained as required by law

5.4 Restriction and Objection

  • You have the right to restrict or object to certain processing of your data
  • You can opt-out of non-essential data collection
  • You can disable analytics tracking in the App settings

5.5 Withdraw Consent

  • You can withdraw consent for optional data collection at any time
  • You can revoke camera permissions through device settings
  • Withdrawing consent may limit App functionality

6. Children's Privacy (COPPA Compliance)

The App is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13.

If we discover that we have collected personal information from a child under 13 without verifiable parental consent, we will delete that information as quickly as possible.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at support@unrotai.com.

7. International Data Transfers

Your information may be transferred to and maintained on servers located outside your country of residence. By using the App, you consent to the transfer of your information to the United States.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

8. European Economic Area (EEA) Users - GDPR Rights

If you are located in the EEA, United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

8.1 Legal Basis for Processing

We process your data based on:

  • Consent: You have given clear consent for us to process your personal data for specific purposes
  • Contract: Processing is necessary to fulfill our contract with you
  • Legal obligations: We must process your data to comply with the law
  • Legitimate interests: Processing is in our legitimate interests and does not override your rights

8.2 Your GDPR Rights

Under GDPR, you have the right to:

  • Be informed about data collection and use
  • Access your personal data
  • Rectify inaccurate personal data
  • Erase your personal data ("right to be forgotten")
  • Restrict processing of your data
  • Data portability
  • Object to processing
  • Rights related to automated decision-making

To exercise these rights, please contact us at support@unrotai.com. We will respond to your request within 30 days.

8.3 Data Protection Officer

You have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data properly.

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

9.1 Categories of Information

We collect the following categories of personal information:

  • Identifiers (email, user ID)
  • Internet activity (usage data, device information)
  • Sensory data (camera access for real-time on-device facial feature analysis using Google ML Kit - NO face data, facial coordinates, or video frames collected, extracted, or stored)
  • Inferences (focus scores and performance metrics)

9.2 Your CCPA Rights

California residents have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of personal information
  • Opt-out of the sale of personal information (we do not sell your data)
  • Non-discrimination for exercising CCPA rights

To exercise these rights, contact us at support@unrotai.com or through the App settings.

10. Cookies and Tracking Technologies

The App uses limited tracking technologies:

We do not use:

11. Third-Party Links and Services

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties.

We encourage you to review the privacy policies of any third-party services before providing them with your information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

We will notify you of any material changes by:

Your continued use of the App after changes are posted constitutes your acceptance of the updated Privacy Policy.

13. Do Not Track Signals

Some web browsers and mobile devices have a "Do Not Track" feature that signals to websites and apps that you do not want to be tracked.

Currently, there is no universally accepted standard for how to respond to Do Not Track signals. We do not currently respond to Do Not Track signals, but we do not track users across third-party websites or apps.

14. Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

You will be notified via email and/or in-app notification with details about what information was affected and what steps we are taking.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@unrotai.com

Data Protection Inquiries: support@unrotai.com

We will respond to all inquiries within 48 hours for general questions and within 30 days for formal data subject rights requests.

16. Consent

By using the App, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

For camera access, you will be prompted to provide explicit consent when you first attempt to take a focus test. You can withdraw this consent at any time through your device settings.

Summary of Key Points