Skip to content
Orvik Orvik
Download Orvik Free
Theme
Legal

Privacy Policy

Effective date: March 12, 2026

Orvik ("we," "us," or "our") operates the Orvik mobile application ("App"). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use the App. By using the App, you consent to the data practices described in this policy.

We are committed to protecting your privacy and handling your data in an open and transparent manner. Please read this Privacy Policy carefully. If you do not agree with this policy, please do not use the App.

1. Information We Collect

1.1 Information You Provide

  • Account Information — When you create an account, we collect your email address, display name, and authentication credentials managed through Firebase Authentication. You may also sign in using third-party login providers (e.g., Apple, Google), in which case we receive the profile information you authorize those services to share.
  • Photographs and Images — When you use Orvik's identification feature, you submit photos that are transmitted to our cloud-based AI services for processing. Photos are sent to OpenAI ChatGPT API and/or Grok Vision for analysis. Images may be temporarily stored on our servers and by our AI providers during processing.
  • Support Communications — When you contact us for customer support, we collect the information you provide, including your email address, name, and the content of your messages.

1.2 Information Collected Automatically

  • Device Information — Device type, model, operating system and version, unique device identifiers (e.g., IDFA, IDFV, Android Advertising ID), device language, and time zone.
  • Usage Data — App feature usage, session duration, screens viewed, identification requests made, interaction events, and in-app navigation patterns.
  • Crash and Performance Data — Error logs, crash reports, diagnostics, and performance metrics collected through Firebase Crashlytics.
  • Purchase Information — Subscription status, purchase history, transaction identifiers, and billing events processed through RevenueCat and the respective App Store (Apple or Google).
  • Advertising and Attribution Data — Campaign identifiers, referral sources, install attribution data, and ad interaction events collected by AppsFlyer and Facebook SDK / Meta.
  • Network Information — IP address, internet service provider, and general geographic location (city/country level, not precise location).

1.3 Information from Third-Party Sources

We may receive information about you from third-party services integrated into the App, including analytics data from Firebase and AppsFlyer, advertising data from Facebook SDK / Meta, and subscription data from RevenueCat.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Providing and Improving the Service

  • Processing your photos through AI services to deliver identification results;
  • Managing your account, preferences, and identification history;
  • Processing and managing subscriptions and in-app purchases;
  • Analyzing usage patterns to improve app features, accuracy, and user experience;
  • Diagnosing and fixing technical issues, crashes, and bugs;
  • Training and improving our AI identification models and algorithms.

2.2 Communications

  • Responding to your support requests and inquiries;
  • Sending transactional notifications related to your account or purchases;
  • Sending promotional communications about new features or offers (you can opt out at any time).

2.3 Advertising and Analytics

  • Measuring the effectiveness of advertising campaigns;
  • Attributing app installs and engagement to marketing channels;
  • Delivering personalized advertising content;
  • Creating aggregated analytics reports to understand user behavior.

2.4 Legal and Safety

  • Complying with legal obligations and responding to lawful requests;
  • Enforcing our Terms of Service;
  • Protecting the rights, safety, and property of Orvik, our users, and the public;
  • Detecting, preventing, and addressing fraud, abuse, or security issues.

3. How We Share Your Information

We do not sell your personal information. We may share your information with the following categories of third parties:

3.1 AI Processing Providers

Your photos and related data are transmitted to OpenAI (ChatGPT API) and Grok Vision for identification processing. These providers process your images under their respective privacy policies and data processing agreements. Images are transmitted securely and are used solely for generating identification results.

3.2 Analytics and Advertising Partners

  • Firebase Analytics and Crashlytics (Google) — receives device information, usage events, and crash data to help us understand app usage and fix issues.
  • Facebook SDK / Meta — receives device identifiers and app events for advertising measurement, attribution, and targeted advertising.
  • AppsFlyer — receives device identifiers and install/engagement data for marketing attribution and campaign measurement.

3.3 Payment Processors

RevenueCat receives subscription and purchase-related data to manage in-app purchases. Actual payment processing is handled by Apple (App Store) or Google (Google Play), and we do not have access to your full payment card details.

3.4 Legal Disclosures

We may disclose your information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

3.5 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via the App or email before your information becomes subject to a different privacy policy.

4. Data Retention

  • Account Data — retained for as long as your account is active, plus a reasonable period thereafter for legal and operational purposes.
  • Photos Submitted for Identification — photos sent to AI providers are processed in real time. We may retain processed images temporarily (up to 90 days) for service improvement and troubleshooting. AI providers may retain data in accordance with their own retention policies.
  • Usage and Analytics Data — retained in identifiable form for up to 26 months, after which it is aggregated or anonymized.
  • Purchase Records — retained for as long as necessary to fulfill legal, accounting, and reporting obligations.
  • Support Communications — retained for up to 3 years from the date of resolution.

When data is no longer needed for the purposes described in this policy, we delete or anonymize it in accordance with our data retention procedures.

5. Data Security

We implement industry-standard technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit using TLS/SSL protocols;
  • Encryption of sensitive data at rest;
  • Access controls and authentication for internal systems;
  • Regular security assessments and monitoring;
  • Secure transmission of photos to AI processing providers via encrypted API connections.

Despite our efforts, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security, and you use the App at your own risk.

6. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States. Our third-party service providers (Firebase, OpenAI, Meta, AppsFlyer, RevenueCat, Grok Vision) operate globally and may process data in various jurisdictions.

When we transfer personal data outside the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on appropriate legal mechanisms, including Standard Contractual Clauses, adequacy decisions, or other approved transfer mechanisms to ensure your data is protected in accordance with applicable law.

7. Your Privacy Rights

7.1 General Rights (All Users)

Regardless of your location, you have the right to:

  • Access — Request a copy of the personal information we hold about you.
  • Correction — Request correction of inaccurate or incomplete personal information.
  • Deletion — Request deletion of your personal information, subject to certain legal exceptions.
  • Data Portability — Request a copy of your data in a structured, machine-readable format.
  • Opt-Out of Marketing — Unsubscribe from promotional communications at any time.

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 30 days.

7.2 European Economic Area, UK, and Switzerland (GDPR)

If you are located in the EEA, UK, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent local laws provide you with additional rights:

  • Legal Basis for Processing — We process your data based on: (a) your consent (e.g., submitting photos for identification); (b) performance of a contract (e.g., providing subscription services); (c) our legitimate interests (e.g., analytics, fraud prevention, service improvement); and (d) legal obligations.
  • Right to Restrict Processing — You may request that we restrict processing of your personal data under certain conditions.
  • Right to Object — You may object to processing based on our legitimate interests, including profiling for direct marketing.
  • Right to Withdraw Consent — Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint — You have the right to lodge a complaint with your local data protection authority.

7.3 California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with the following additional rights:

  • Right to Know — You may request that we disclose the categories and specific pieces of personal information we have collected, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share your data.
  • Right to Delete — You may request deletion of your personal information, subject to certain exceptions.
  • Right to Correct — You may request correction of inaccurate personal information.
  • Right to Opt-Out of Sale/Sharing — We do not sell your personal information as defined under the CCPA. We may share certain data (e.g., device identifiers) with advertising partners such as Meta and AppsFlyer for cross-context behavioral advertising, which may constitute "sharing" under the CPRA. You may opt out by adjusting your device's advertising settings (Limit Ad Tracking on iOS, Opt Out of Ads Personalization on Android).
  • Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA/CPRA rights.

To submit a request, email [email protected] with the subject line "CCPA Request." We will verify your identity before processing your request and respond within 45 days.

7.4 Other Jurisdictions

If you are subject to other data protection laws (e.g., LGPD in Brazil, POPIA in South Africa, PIPEDA in Canada, or the Australian Privacy Act), we will comply with the requirements applicable to your jurisdiction. Contact us at [email protected] to exercise your rights.

8. Cookies and Tracking Technologies

The App may use mobile SDKs and similar tracking technologies to collect usage data. These include:

  • Firebase SDK — collects analytics events, session data, and crash reports;
  • Facebook SDK — collects device identifiers and app events for ad attribution and measurement;
  • AppsFlyer SDK — collects install attribution and engagement data;
  • RevenueCat SDK — collects subscription and purchase events.

You can limit tracking by adjusting your device settings:

  • iOS: Settings > Privacy & Security > Tracking — disable "Allow Apps to Request to Track"
  • Android: Settings > Privacy > Ads — enable "Opt out of Ads Personalization"

9. App Tracking Transparency (iOS)

On iOS 14.5 and later, we request your permission before tracking your activity across other companies' apps and websites through Apple's App Tracking Transparency (ATT) framework. If you deny tracking, we will not use your IDFA for advertising purposes. You can change your tracking preferences at any time in your device Settings under Privacy & Security > Tracking.

10. Children's Privacy

The App is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected], and we will promptly delete such information.

11. Third-Party Links and Services

The App may contain links to third-party websites, services, or content that are not owned or controlled by Orvik. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through the App.

12. Account Deletion

You may request complete deletion of your account and associated data at any time by contacting us at [email protected]. Upon receiving your request, we will:

  • Delete your account and profile information;
  • Delete your identification history and saved collections;
  • Request deletion of your data from our third-party service providers where technically feasible;
  • Retain only the minimum data required by law or for legitimate business purposes (e.g., financial records for tax compliance).

Account deletion is permanent and cannot be reversed. Active subscriptions should be cancelled through your App Store settings before requesting account deletion.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Effective date" at the top of this page;
  • Notify you through the App via an in-app notification or banner;
  • For significant changes affecting your rights, seek your consent where required by law.

We encourage you to review this Privacy Policy periodically. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Orvik
Email: [email protected]
Website: https://orvik.app

We aim to respond to all inquiries within 30 days.