MaybeReal

Privacy Policy

Last updated: 2025-12-25

This Privacy Policy explains how Cerebri Virtual Corporation (“we”, “us”, “our”) collects, uses, and protects your information when you use the MaybeReal mobile application (the “App”).

1Information we collect

1.1 Account and authentication information

  • Email address and/or authentication identifiers (for login and account management).
  • Basic profile information if you sign in with a third-party provider (e.g., Apple, Google), as allowed by that provider.

1.2 Content you upload and generated content

  • Images and other media that you upload to use the App's features (enhancement, upscaling, filters, colorization, etc.).
  • Generated outputs produced by the App (processed images, thumbnails/previews).
  • Technical processing metadata needed to run the service (e.g., request identifiers, processing status, timestamps).

1.3 Face data (images containing faces)

The App may process images that contain a face to apply visual effects (filters, enhancement, upscaling, colorization, alignment, artistic transformations).

What we collect:

  • Images uploaded by you that may contain faces. The “face data” is the image content itself.
  • We do not extract, create, or store separate biometric identifiers (such as face templates, embeddings, or faceprints).

How we use face data:

  • Solely to apply visual effects and AI transformations requested by you.
  • If face detection is used (e.g., for alignment or positioning), any derived data is used only during real-time processing and is not stored.
  • We do not use face data to identify or authenticate any person.
  • We do not use face data for advertising, marketing, or user profiling.

Storage and retention:

  • Uploaded images are stored temporarily using time-limited signed URLs.
  • Uploaded images are retained for up to 1 hour, then automatically deleted.
  • Generated results are retained for up to 24 hours, then automatically deleted.

1.4 Purchase and subscription information

  • We use RevenueCat to manage in-app purchases and subscriptions.
  • RevenueCat receives a unique anonymous user identifier to track your subscription status.
  • We do not receive or store your full payment card details.

1.5 Usage and device data

  • Technical information: device model, operating system version, app version, approximate timestamps of use.
  • Non-identifying information about how you use the App (e.g., which features are triggered).

2How we use your information

  • Provide and operate the App's core features (image enhancement, upscaling, colorization, filters, etc.).
  • Authenticate you and secure your account.
  • Store content temporarily so you can retrieve your results.
  • Manage your subscriptions and in-app purchases.
  • Monitor performance and improve the App.
  • Prevent abuse, spam, fraud, and misuse of the service.
  • Comply with legal obligations and enforce our terms.

3Third-party services

3.1 Supabase

Backend services, database, authentication, and storage. Uploaded images and generated results are stored using time-limited signed URLs.

supabase.com/privacy →

3.2 Google Cloud Run

Backend processing infrastructure. Your images may be temporarily processed on Google Cloud.

policies.google.com/privacy →

3.3 AI Service Providers

To generate requested results, we use external AI service providers:

Note: These providers may use submitted content for training and improvement of their AI systems, in accordance with their respective privacy policies. By using the App, you agree to this processing.

3.4 RevenueCat

Subscription and purchase management. Receives an anonymous user identifier only.

revenuecat.com/privacy →

4Legal bases (EU/EEA)

  • Contract: to provide the App and deliver requested features.
  • Legitimate interests: to secure, maintain, and improve the service.
  • Consent: where required (e.g., access to photos/camera permissions).
  • Legal obligations: where we must comply with applicable laws.

5Data retention

Account dataKept while your account is active
Uploaded imagesUp to 1 hour, then auto-deleted
Generated resultsUp to 24 hours, then auto-deleted
Subscription dataRetained by RevenueCat as needed
Logs & technical dataUp to 90 days

6Data security

  • Restricted access controls to backend systems and storage.
  • Use of signed, time-limited URLs for temporary access.
  • Encryption in transit (HTTPS/TLS) for all communications.
  • Regular review of our security practices.

7Your rights

Access

Request a copy of your data

Correction

Request correction of inaccurate data

Deletion

Request deletion of your data

Portability

Request your data in a portable format

Objection

Object to certain processing

Withdraw consent

Where processing is based on consent

8Children

The App is not intended for children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will take appropriate steps to delete that information.

9International transfers

Your information may be processed in countries other than your own, including the United States. Where required by law, we rely on appropriate safeguards for such transfers, including standard contractual clauses.

10Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the App. Your continued use of the App after an update means you accept the updated Privacy Policy.

11Contact

If you have any questions about this Privacy Policy, contact us at:

maybereal.app@gmail.com