Privacy Policy
Last updated: June 9, 2026
Your photos never leave your device. If you turn on Voice Lock, the voice profile that recognises you is biometric data that also stays only on your device and you can delete it any time. To keep the free version running, Tidy shows Google AdMob ads. Where you allow it, those ads are personalised, which means your advertising ID and IP address are shared with Google for advertising. We also keep a little anonymous data for the referral programme, fraud prevention, crash reports, and purchases. You can opt out of personalised/tracking ads and delete your data from Settings → Privacy in the app, or by emailing us. This policy covers the EU/UK (GDPR), California and other US states (CCPA/CPRA), and India (DPDPA).
1. Who we are
Tidy ("Tidy", "the app", "we", "us", "our") is a photo-cleanup app for iOS (Apple App Store) and Android (Google Play). It is developed and operated by Aditya Bhat, an individual based in India. For privacy law, Aditya Bhat is the data controller (GDPR), business (CCPA/CPRA), and Data Fiduciary (India DPDPA) for the limited data described below.
One place for everything. Our data-protection contact and our Grievance Officer (India DPDPA) can be reached directly at support@tidyupapp.online and through our Compliance page, where the current officers and how to exercise your rights are listed. EU/EEA users: for any data-protection matter, including matters that would otherwise be directed to a representative under GDPR Article 27, please contact us at support@tidyupapp.online.
2. What stays on your device and never leaves it
The two most sensitive things Tidy touches are processed only on your device and are never uploaded to us or to anyone else:
- Your photos and videos. Tidy needs access to your photo library so you can review and delete photos. All of this happens locally. When you confirm a deletion, the item is moved to your device's system trash (iOS "Recently Deleted" / Android trash), where it stays recoverable for about 30 days before the operating system removes it.
- Your voice profile (Voice Lock). Voice mode normally just runs on-device speech recognition (so you can say "keep"/"delete"). If you additionally turn on the optional Voice Lock feature, Tidy records a few short audio clips while you enrol and computes a mathematical "voiceprint" (an MFCC voice signature) so that only your voice can drive the session. This voiceprint is biometric data. It is stored only in the app's local storage on your device. The short enrolment audio is used transiently to build the voiceprint and is not retained as a stored recording, and no audio and no voiceprint is ever transmitted off the device. You can delete the voiceprint at any time in Settings (reset voice profile) or by uninstalling the app. See Section 7 for the special legal treatment of this biometric data.
Tidy also uses the accelerometer and gyroscope in Motion mode to detect tilt. That sensor data is used in real time only and is never stored or transmitted.
3. Data we do process — categories, purpose, and lawful basis
Apart from the on-device items above, Tidy processes a small amount of data through the third-party services it relies on. The table below lists every category, why we process it, and our lawful basis under GDPR (mirrored to DPDPA's "consent" and "legitimate uses", and to CCPA's "business purpose").
| Data category | Purpose | Lawful basis |
|---|---|---|
| Anonymous Firebase user ID (random, not your name/email) | Sign you in anonymously so the referral and consent-logging features work without an account | Legitimate interest (GDPR Art. 6(1)(f)) / legitimate use (DPDPA) in providing the requested feature |
| Advertising identifier (Apple IDFA / Google GAID) | Serve and measure ads; where you consent, personalise ads | Consent (GDPR Art. 6(1)(a); ePrivacy; DPDPA consent) |
| IP address | Deliver ads, security/anti-fraud, and to derive approximate location for ad and consent rules | Consent for advertising use; legitimate interest for security |
| Approximate location (country/region derived from IP — not precise GPS) | Show the right consent form, comply with regional ad rules, coarse ad relevance | Consent (ads) / legitimate interest (legal compliance) |
| Device / install fingerprint hash (a one-way hash of coarse device traits + a random install ID) | Detect and prevent referral fraud and abuse | Legitimate interest in preventing fraud (GDPR Art. 6(1)(f)) / legitimate use (DPDPA) |
| Consent log: IAB TCF consent string, iOS App Tracking Transparency (ATT) status, app version, timestamp | Prove and honour your privacy choices (we are required to be able to demonstrate consent) | Legal obligation / legitimate interest (GDPR Art. 6(1)(c)/(f); Art. 7 demonstrability) |
| Referral graph: anonymous install IDs and inviter/invitee links and counts | Run the invite-a-friend programme and grant rewards | Consent / performance of the referral terms you opt into |
| Crash diagnostics (Firebase Crashlytics: device model, OS version, app state, stack traces) | Diagnose and fix crashes and stability problems | Legitimate interest in app reliability (GDPR Art. 6(1)(f)) / legitimate use (DPDPA) |
| Purchase / entitlement data (via Adapty + Apple/Google: transaction and subscription/entitlement status, an anonymous purchaser ID) | Process the Tidy Premium purchase and unlock and restore your entitlement | Performance of a contract (GDPR Art. 6(1)(b)) / DPDPA contractual necessity |
We do not integrate a general product-analytics SDK (no Firebase Analytics, no Mixpanel, no Amplitude). We do not collect your name, email, contacts, social graph, precise GPS location, or account passwords.
4. Advertising and tracking — Google AdMob
Tidy's free tier is supported by ads served by Google AdMob. We want to be clear and correct here: where you have consented, Tidy serves personalised ads. We do not force "non-personalised only." Your consent is gathered through Google's UMP consent form (for EU/UK/Swiss and US-state privacy frameworks) and, on iOS, through Apple's App Tracking Transparency prompt. Personalised advertising means your advertising identifier (IDFA/GAID) and IP address are shared with Google and used for ad targeting and measurement, including cross-context behavioural advertising.
If you do not consent (or you deny tracking), Tidy still shows ads, but they are non-personalised. You can change your choice at any time:
- In the app: Settings → Privacy → manage ad/tracking consent (this re-opens Google's consent form).
- iOS: Settings → Privacy & Security → Tracking, and Settings → Privacy & Security → Apple Advertising.
- Android: Settings → Privacy / Ads → delete or reset advertising ID.
Google's processing of this data is governed by Google's Privacy Policy and how Google uses data from apps that use its services. Buying Tidy Premium removes all ads.
5. "Sale" / "Sharing" of personal information (CCPA/CPRA)
California and several other US states give you the right to opt out of the "sale" and "sharing" of your personal information. Under those laws' broad definitions, our use of AdMob for personalised (cross-context behavioural) advertising counts as "sharing," and may count as a "sale," of personal information.
- What is shared/sold: your advertising identifier (IDFA/GAID) and IP address.
- To whom: Google, acting as an advertising third party.
- For what: cross-context behavioural advertising and ad measurement.
We do not sell or share any other category of data, and we never sell or share your photos or your voice profile. We do not knowingly sell or share the personal information of consumers under 16.
Do Not Sell or Share My Personal Information. You can exercise this right at no cost and without creating an account: open Settings → Privacy in the app and decline/withdraw advertising consent in Google's consent (UMP) form, and/or use the device controls in Section 4. Doing so stops the sharing of your advertising ID and IP for personalised advertising. We also honour the Global Privacy Control (GPC) and equivalent opt-out preference signals where they are transmitted to us as a valid opt-out of sale/sharing.
6. Your privacy rights
Depending on where you live, you have some or all of the rights below. They apply to the limited data in Section 3 (your on-device photos and voiceprint are already only in your hands).
- Access / know what we process about you and request a copy (portability).
- Deletion / erasure of your data.
- Correction of inaccurate data.
- Opt out of sale/sharing and of personalised advertising (see Section 5).
- Withdraw consent at any time (this does not affect processing already done).
- Limit use of Sensitive Personal Information (CPRA) — see Section 7.
- Non-discrimination — we will not penalise you for exercising any of these rights.
How to exercise them:
- In the app: Settings → Privacy → "Delete my data / Request my data" and the consent controls.
- By email: write to support@tidyupapp.online describing your request.
For CCPA/CPRA requests we will confirm receipt and respond within 45 days (extendable by a further 45 days where permitted, with notice). For GDPR and DPDPA we respond without undue delay and within one month / the statutory period. Because most of our data is anonymous or pseudonymous, we may need additional information to locate or verify it; if we genuinely cannot identify you in our records, we will say so.
Complaints. If you are in the EU/EEA or UK, you may also complain to your local data protection supervisory authority. If you are in India, you may raise a grievance with our Grievance Officer at support@tidyupapp.online and, if unresolved, complain to the Data Protection Board of India. If you are in California, you may contact the California Privacy Protection Agency or Attorney General.
7. Sensitive / special-category data — your voice profile
The Voice Lock voiceprint is biometric data: it is "special category" data under GDPR Article 9, "Sensitive Personal Information (SPI)" under the CPRA, and sensitive personal data in spirit under the DPDPA. We treat it accordingly:
- It is created only if you opt in to Voice Lock (GDPR Art. 9(2)(a) explicit consent).
- It is processed and stored only on your device — we never receive it.
- It is never sold, shared, or used for advertising, and it is used only to verify it is you during a voice session.
- You can delete it any time in Settings, satisfying the CPRA right to "limit the use of my sensitive personal information" and your erasure rights.
8. Who receives data (sub-processors / recipients)
We share the limited Section 3 data only with the service providers needed to run those features:
- Google — AdMob (advertising), Firebase Authentication (anonymous sign-in), Cloud Firestore (referral/consent records), Crashlytics (crash diagnostics).
- Adapty — purchase and entitlement management for Tidy Premium.
- Apple — App Store in-app purchases (iOS).
- Google Play — in-app billing (Android).
Each provider processes data under its own terms and privacy policy and, where it acts on our behalf, under data-processing terms that restrict use to providing the service.
9. International data transfers
We are based in India and use global services, so your data may be processed outside your country, including in the United States. Our Cloud Firestore data is stored in Google's us-central1 region; AdMob and Crashlytics operate globally. Where personal data is transferred out of the EEA/UK, the transfer relies on appropriate safeguards — principally Google's and our other processors' Standard Contractual Clauses (SCC)-based data transfer terms. You can request more detail on these safeguards by emailing us.
10. How long we keep data (retention)
- Photos & voiceprint: kept on your device only, for as long as you keep them; deleted when you delete them or uninstall.
- Anonymous Firebase ID, referral graph: kept while the referral programme is active for your install; deleted on request or when no longer needed.
- Consent log: kept as long as needed to demonstrate your choices and meet our legal record-keeping duties.
- Fraud / install fingerprint hash: kept for the limited period needed to detect abuse.
- Crash diagnostics: retained per Firebase Crashlytics' default retention (around 90 days).
- Purchase / entitlement data: kept for the life of the entitlement and as required for tax, accounting, and store-policy reasons.
- Advertising identifier / IP held by Google: retained by Google per its own policies.
You can exercise your right to erasure at any time as described in Section 6.
11. Children and minors
Tidy is a general-audience utility and is not directed to children. We do not knowingly collect personal data from children, and we do not knowingly serve personalised ads to, or "sell/share" the data of, minors.
- India (DPDPA): a "child" is anyone under 18. Processing a child's data requires verifiable parental/guardian consent, and we do not do behavioural tracking or targeted advertising directed at children.
- EEA/UK (GDPR): the digital-consent age is up to 16 (varies by country). Children under that age need a parent/guardian to consent.
- US (COPPA): we do not knowingly collect data from children under 13.
If a user indicates they are a minor, the app disables personalised ads and tracking and switches to child-safe / non-personalised ad settings. If you believe a minor has provided us data (for example through the referral feature), email support@tidyupapp.online and we will delete it promptly.
12. Managing consent and ad/tracking choices
You are always in control. To grant or withdraw consent, or change personalised-ad and tracking choices, go to Settings → Privacy in the app (which re-opens Google's consent form), or use the iOS/Android device controls in Section 4. Withdrawing consent stops the relevant future processing; it does not undo processing already lawfully carried out.
13. Changes to this policy
If we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the app. Continued use of Tidy after an update means you accept the revised policy.
14. Contact
Privacy questions, requests, or complaints — and our data-protection contact and India Grievance Officer, as well as EU/EEA data-protection matters under GDPR Article 27 — all reach us at support@tidyupapp.online (see the Compliance page). We aim to respond within 48 hours and within the statutory deadlines noted in Section 6.