Ruvy AI logo
Ruvy AI Privacy Policy · GagaSoft
Last updated:
Table of Contents
  1. Overview
  2. 1. Data We Collect
  3. 2. How We Use Data
  4. 3. Sharing & Third Parties
  5. 4. Retention & Deletion
  6. 5. Your Rights & Choices
  7. 6. Security Measures
  8. 7. International Transfers
  9. 8. Children’s Privacy
  10. 9. Changes to This Policy
  11. Appendix: AI & Google Play Policy Compliance

Privacy Policy

This Privacy Policy explains how GagaSoft (“we”, “us”, “our”) collects, uses, and shares information when you use Ruvy AI (the “Service”). This is a template based on your specifications and must be reviewed and adapted to applicable laws and your final product configuration before release.

Overview

We collect certain information to provide core functionality (accounts, chat/AI features, subscriptions and payments), secure our systems, and improve quality. Some data is processed by trusted service providers such as OpenAI, Amazon S3, Firebase, Google Play Billing, AdMob, and ipdata.co, as detailed below.

1. Data We Collect

1.1 Automatically collected during sign-up and use

  • Device information: IP address, operating system, app version, language, time zone, device model, install source, last access time.
  • Identifiers: app‑internal random UID, advertising identifier (if ads are used).
  • Telemetry: access logs, usage records, and crash/error logs.

1.2 Profile

  • Nickname and gender (when you create or edit your profile).

1.3 Chat & AI features

  • Chat room information, sender type, persona ID, message content, and message type.
  • Prompts/messages used for AI generation (see Sharing & Third Parties).

1.4 Images

  • Images you upload or generate are stored in Amazon S3 using keys that include your user ID.

1.5 Subscriptions & payments

  • Subscription/order information: order ID, plan, purchase token, start and end dates (via Google Play Billing).
  • Payment‑related records: amount charged, revenue/benefit, payment method type. We do not receive full payment card details.

1.6 Security & misuse detection

  • On certain requests, we collect User‑Agent, headers, remote IP, request parameters and body through security filters.

2. How We Use Data

  • Service delivery & user identification (accounts, sessions, device recognition).
  • Content creation and storage, subscription and payment management.
  • Security and fraud prevention, system monitoring, and operations.
  • Analytics and improvements to enhance quality and performance.

3. Sharing & Third Parties

We share information with service providers that help us operate the Service. Where feasible, we minimize or pseudonymize data.

ProviderPurposeData Categories
OpenAI API AI content generation (text/image) User prompts/messages, model inputs/outputs, minimal metadata
Amazon S3 (AWS) Storage for uploaded/generated images Image files; object keys may include user ID
ipdata.co IP‑based geolocation IP address
Firebase Analytics / Crashlytics Usage analytics & crash diagnostics App/device info, event logs, crash traces, app instance ID
Google AdMob Ad delivery and measurement Advertising identifier, device info, coarse location, ad performance
Google Play Billing In‑app purchases & subscriptions Order ID, plan, purchase token, status, start/end dates

Each provider maintains its own privacy policy and processing terms. Where required, we enter data processing agreements and implement transfer safeguards.

4. Retention & Deletion

  • We keep personal data only as long as necessary to fulfill the purposes above or as required by law.
  • Upon account deletion or purpose fulfillment, we delete or anonymize your data without undue delay, except where retention is legally required.

5. Your Rights & Choices

  • You may request access, correction, or deletion of your personal data at any time via the in‑app settings.
  • Depending on your region, you may have additional rights (e.g., portability, restriction, objection). We will verify requests and respond per applicable laws.
  • You can manage analytics/ads consent where provided and control notifications within the app or OS settings.

6. Security Measures

We implement appropriate technical and organizational measures including:

Access controls

Role‑based access, least privilege, credential hygiene.

Encryption

TLS in transit; encrypted storage for sensitive records where appropriate.

Monitoring & logging

Audit logs, anomaly detection, and incident response workflows.

Secure development

Regular reviews, dependency updates, and vulnerability scanning.

7. International Data Transfers

Your information may be processed outside your country of residence. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) and assess local legal environments.

8. Children’s Privacy

The Service is not directed to children under the age specified by local law. Where parental consent is required (e.g., under 14), requests by legal guardians to access, correct, or delete a child’s data will be honored.

9. Changes to This Policy

We may update this policy to reflect legal, technical, or operational changes. We will provide notice (e.g., in‑app notice) when changes are material, and indicate the “Last updated” date at the top.

Appendix: AI & Google Play Policy Compliance

Because this app uses generative AI, we follow Google Play policies for AI‑generated content and incorporate safety controls so content is appropriate and lawful.

  • Content Safety: Filters/classifiers to reduce harmful inputs/outputs (sexual content involving minors, dangerous acts, harassment, explicit violence, election disinformation, fraud, malware, cheating, etc.).
  • Provider Guidance: We align with safety resources published by model providers and industry frameworks such as Google’s SAIF and the OWASP Top 10 for LLMs.
  • Abuse Prevention: Rate limiting, anomaly detection, user reporting, and human review for escalations.
  • Transparency: Clear labeling of AI features and user controls to report or block problematic content.
  • Data Handling: Prompts and outputs may be sent to model providers for inference. We minimize data sent, apply retention limits, and restrict access.
  • Family & Ads Policies: If targeting families or showing ads, we comply with Google Play’s Families Policy and restricted content rules.

Note: This is a policy template. Confirm final compliance with Google Play Developer Program Policies and your legal counsel before release.