⚠️ Draft for review, not legal advice. This document describes how Ghim handles data, but it is a starting template. Bracketed placeholders must be filled in and the document reviewed by a qualified lawyer before it is final.

1. The short version

Ghim lets you save real-world places you spot in screenshots. We designed it to keep as much on your device as possible:

2. Who we are

Ghim is provided by [LEGAL ENTITY / DEVELOPER NAME], [BUSINESS ADDRESS]. For any privacy question or request, contact support@pinit.app.

3. What we collect and why

DataWhyWhere it lives
Account identity — the identifier, and any email/name, provided by Sign in with Apple or Google when you sign in To create and secure your account Supabase (our auth/database provider)
Username & home city you choose To set up your profile and center your map Supabase
Extracted text from a screenshot you choose to scan To identify the place you want to save Sent to our server, then to OpenAI for extraction (see §5); not stored after processing beyond your resulting pin
Saved pins — place name, address, coordinates, category, and any notes/"vibe" text generated for that place, plus timestamps This is the core feature: your saved places Supabase, scoped to your account
Basic diagnostic logs — non-identifying events (e.g. a scan succeeded/failed) To keep the service working and debug problems Our server logs / error monitoring (Sentry, if enabled); never include your screenshots or raw text

4. What we deliberately do not collect

5. On-device processing and third-party services

To provide the service we rely on a small number of providers ("sub-processors"). We share only what each needs:

We do not sell your personal data, and we do not share it for advertising.

6. Permissions we ask for (only in context, only if used)

You can change these anytime in iOS Settings → Ghim.

7. How long we keep data

8. Deleting your data

You can delete your account at any time from Settings → Account. Deleting your account permanently removes your profile and all of your pins (enforced by a cascading delete). This action cannot be undone.

9. Security

Traffic between the App and our server is encrypted in transit (HTTPS/TLS). Server secrets are stored in a managed secret store and never ship inside the App. Access to your pins is scoped to your authenticated account.

No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. International data transfers

Our backend is hosted in the asia-southeast1 region, and our providers (Apple, OpenAI, Supabase, Google) may process data in other countries. Where required, transfers rely on appropriate safeguards under applicable law.

11. Children's privacy

Ghim is not directed to children under [13 / 16 — per your jurisdiction], and we do not knowingly collect personal data from them. If you believe a child has provided us data, contact support@pinit.app and we will delete it.

12. Your rights

Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can exercise access/deletion directly in the App (see §8), or contact support@pinit.app for any other request. We will not discriminate against you for exercising these rights.

13. Changes to this policy

We may update this policy as the App evolves. Material changes will be reflected by updating the effective date and, where appropriate, notifying you in the App. Continued use after an update means you accept the revised policy.

14. Contact

Questions or requests: support@pinit.app
[LEGAL ENTITY / DEVELOPER NAME], [BUSINESS ADDRESS].