MathGeni Privacy Policy - Appbound Technologies LLC

1. Introduction & Scope

MathGeni – AI Math Solver is a mobile application provided by AppBound Technologies LLC (“AppBound,” “we,” “us,” or “our”), a Delaware, USA company. MathGeni lets you scan or upload math questions and receive clear, step-by-step solutions, plus ask follow-up questions via in-app chat. This Privacy Policy explains what information we collect, how we use it, when we share it, and the choices you have. It applies to your use of the MathGeni iOS app and in-app features, including the scanner, file uploads, solution generation, and chat.

By using MathGeni, you agree to the practices described here. If you do not agree, please do not use the app.

MathGeni is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

For users in regions with privacy rights (e.g., EU/EEA/UK, California), we honor applicable rights such as access, deletion, and portability. We do not sell or “share” personal information as those terms are defined under California law.

Effective Date: 12^th October, 2025

2. Who We Are & How to Contact Us

Data Controller / Provider:
AppBound Technologies LLC
Delaware, United States

Contact for privacy requests and questions:

Email: contact@appbound.app
Contact form: https://appbound.app/contact/
In-app: Settings → Feedback (submit requests/feedback from within the app)

Governing Law:

This Privacy Policy and any disputes arising from it are governed by the laws of the State of Delaware, USA, unless a different law is required by your local regulations.

3. What We Collect

We collect only the information needed to operate MathGeni, improve reliability, and support you. We do not require an account or sign-in.

3.1 User Content (you provide)

Images/files you choose to upload (e.g., photos/PDFs/screenshots of math problems).
Text you type (questions, steps, follow-ups in chat).
In-app deletions: You can delete chat history and uploaded items in the app at any time. (See Data Retention & Deletion for details.)

We do not access your photo library or files except for items you explicitly select, and we do not collect voice/audio.

3.2 Precise Location

What: Device-reported precise location (e.g., GPS).
Why (examples): service reliability and abuse prevention (e.g., detecting automated misuse), diagnostics, analytics, regional compliance/operations.
Controls: You can manage location permissions in iOS settings. If disabled, the app still works, though some diagnostics may be less accurate.

Location data is not used for advertising or cross-app tracking.

3.3 Device Information & Identifiers

Device & app info: model, OS version, app version, language/region, timezone, and basic system settings relevant to performance.
Identifiers: app instance IDs or similar identifiers generated by analytics/crash tools (e.g., Firebase).
Network info: IP address and related metadata captured by our servers and service providers for security and reliable delivery.

We do not collect the advertising identifier (IDFA) for tracking.

3.4 Usage Analytics & Diagnostics

Product interaction: screens viewed, taps/clicks, feature usage, session duration, in-app events (e.g., “scan started/finished”), and anonymized performance metrics.
Diagnostics: crash reports, error codes, stack traces, and performance data.

These help us fix bugs, measure stability, and improve UX. We configure analytics to avoid collecting more than necessary.

3.5 Feedback & Support Communications

Emails you send us, and any information you include (e.g., screenshots, device details).
Metadata associated with your message (date/time, sender address).
We use this to respond to you and to improve support quality.

3.6 Payments (Apple IAP)

Apple handles purchase data (including payment instruments). We receive non-financial purchase confirmations/receipts and subscription status from Apple to unlock features.
We do not collect or store your card numbers or bank details.

3.7 Data We Do Not Collect

No accounts/profile data (no name, avatar, or login required).
No contacts, calendars, or microphone/voice input.
No clipboard reading or background data collection beyond what iOS permits for normal operation.
No advertising data and no cross-app tracking.

4. How We Use Data

We use your information only to operate MathGeni, keep it reliable and secure, and comply with the law. We do not sell your data, do not use it for advertising or cross-app tracking, and do not use your content to train our models.

4.1 Provide and improve the core features

Solve questions & chat: Process the images/files and text you submit to generate step-by-step solutions and follow-ups.
On-device + server processing: Perform operations locally where possible and, when needed, send minimal data to our servers and to our AI provider (OpenAI) to return results.
Quality & UX: Use anonymized/aggregated usage and diagnostics data to improve accuracy, speed, and stability.

4.2 Support, communications, and service-only notifications

Respond to you: Use your support emails and the details you provide to answer questions and fix issues.
Service notices: Send in-app or OS-level service notifications (e.g., critical updates, policy changes). No marketing messages.

4.3 Security, integrity, and abuse prevention

Fraud/abuse detection: Use device data, network metadata (e.g., IP), limited identifiers, and precise location to detect and mitigate spam/automation, misuse, or attacks.
Rate-limiting & reliability: Ensure fair use and platform stability.
Moderation: Filter non-math content and unsafe use; show an error when content is out of scope.

4.4 Compliance and legal obligations

Regulatory needs: Maintain records necessary to comply with applicable laws and app-store requirements.
Requests from authorities: Share data only when legally required (see Section 6).

4.5 Personalization limited to functionality (not ads)

Session tailoring: Remember in-app choices (e.g., last used mode) to streamline your experience.
No advertising profiles, no sale/share under CPRA.

4.6 Anonymization and aggregation

Where feasible, we aggregate and/or de-identify usage/diagnostic data so it no longer reasonably identifies you, and use it for analytics, quality metrics, and capacity planning.

4.7 Automated decision-making

We do not make decisions that have legal or similarly significant effects on you based solely on automated processing. AI outputs are provided to help explain math; you control how you use them.

Lawful bases (GDPR/UK GDPR), where applicable:

Performance of a contract (provide the app/services you request).
Legitimate interests (security, fraud prevention, service quality, de-identified analytics).
Legal obligations (comply with law, tax, accounting, lawful requests).
Consent (iOS permissions such as precise location; you can withdraw in Settings).

5. AI Processing & Third-Party Processors

We use carefully selected service providers (“processors”) to run MathGeni. We share only the minimum necessary data with them, under contracts that require confidentiality, security, and use only for our instructions. We do not sell your data.

5.1 OpenAI (AI inference for solutions & chat)

Purpose: Generate step-by-step solutions and chat responses.
Data we send: The text you enter (questions/chats) and images/files you explicitly select for solving.
- We do not send your precise location to OpenAI.
- We do not send support emails to OpenAI.
Redaction & minimization (default-safest practice):
- Strip obvious personal identifiers from prompts where feasible (e.g., emails, phone numbers) and avoid including metadata not required for solving.
- Send only the content needed to generate the result (no background/system data beyond what the API call requires).
Training: We do not allow your content to be used by OpenAI to train or improve their models (where provider settings make this controllable, we disable training use).
Retention: We request providers to retain only as needed to deliver results and meet security/fraud controls. We do not instruct providers to keep your content for longer than necessary.

5.2 Firebase (Analytics & Crash Reporting)

Purpose: Understand stability and basic feature usage; diagnose crashes and performance issues.
Data we send/collect: App events (feature usage, screens, session stats), anonymized or pseudonymous app instance identifiers, device/app metadata (model, OS version, app version), IP-derived network metadata, and crash traces.
Linkage: We configure analytics and diagnostics to avoid collecting more than necessary. We do not use this data for advertising or cross-app tracking.
Retention: Typical analytics retention is up to 26 months; crash logs up to 24 months (see Section 8 for our retention policy).

5.3 Cloud hosting, storage, and delivery

Purpose: Operate servers, databases, storage, and content delivery needed for MathGeni (e.g., to receive uploads, return results, enforce rate limits, and protect against abuse).
Data we process: User content you submit (until you delete it), minimal logs/metadata (IP, timestamps, request IDs), and security telemetry used to keep the service reliable.
Location: Infrastructure may be in the United States and other jurisdictions as needed for reliable delivery (see Section 11 on international transfers).

5.4 Other disclosures to service providers

We may share limited data with additional vendors who help with: security and anti-abuse, customer support email handling, error monitoring, and audit logging—always limited to what’s necessary for their tasks and bound by confidentiality and data-processing terms.

5.5 Your choices and controls

In-app deletion: You can delete chat history and submitted items in the app at any time.
Permissions: You can manage precise location and other iOS permissions in Settings.
Support & privacy requests: Contact us by email at support@appbound.app, the Contact Form athttps://appbound.app/contact/, or via Settings → Feedback in the app(see Section 13).

5.6 Safeguards with processors

Contracts: We use data-processing agreements requiring confidentiality, appropriate security, and use only on our documented instructions.
Security: TLS in transit; encryption at rest where supported; least-privilege access; administrative access is logged and reviewed.
No sale/share: We do not sell data or “share” it for cross-context behavioral advertising under CPRA.

We may update our list of processors as our service evolves. Material changes will be reflected in this Policy (see Section 14: Changes).

6. Data Sharing & Disclosure

We share your data only as described below. We do not sell your personal information and do not “share” it for cross-context behavioral advertising under CPRA.

6.1 Service providers (processors)

We share limited data with vendors who help us operate MathGeni (e.g., cloud hosting, storage/CDN, OpenAI for inference, Firebase analytics/crash reporting, security/anti-abuse, email/support). They may process:

User Content you submit (to return results);
Precise location, device, usage, and diagnostics needed for reliability, security, and analytics;
Minimal network metadata (e.g., IP, timestamps) for fraud/abuse prevention.
Providers are bound by confidentiality, security, and use-limitations consistent with this Policy.

6.2 Legal, safety, and compliance

We may disclose information if we believe in good faith that it is reasonably necessary to:

Comply with applicable laws, regulations, legal process, or enforceable governmental requests;
Protect the rights, property, or safety of AppBound, our users, or the public;
Detect, prevent, or address fraud, abuse, security, or technical issues.

6.3 Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will require the recipient to honor this Policy or provide notice of materially different practices with choices where required.

6.4 Aggregated or de-identified information

We may share aggregated or de-identified information (that cannot reasonably identify you) for analytics, research, or product improvement.

6.5 What we don’t do

No selling of personal data.
No sharing for cross-app advertising or tracking.
No disclosure of precise location to advertisers.
No disclosure of support emails or other communications except to provide support or as required by law.

7. Security

We use administrative, technical, and physical safeguards designed to protect your information from unauthorized access, loss, misuse, or alteration. No system can be 100% secure, but we aim for industry best practices and continual improvement.

7.1 Encryption

In transit: All data transmitted between your device, our servers, and service providers is protected by TLS.
At rest: Data stored on our infrastructure (including user content you choose to keep) is encrypted at rest where supported by the platform.

7.2 Access Controls

Least privilege: Employee and contractor access is limited to the minimum necessary to operate the service or provide support.
Authentication: Administrative access requires strong authentication and is restricted to vetted personnel.
Logging & review: Administrative actions are logged and periodically reviewed.

7.3 Application & Infrastructure Security

Segregation: Production systems are segregated and monitored.
Patching & hardening: We apply regular security updates and follow hardening guidelines for OS, runtimes, and dependencies.
Backups & continuity: Encrypted backups and recovery procedures are maintained to support continuity.

7.4 Data Minimization & Redaction

We send only the minimum data necessary to third-party processors (e.g., OpenAI, Firebase).
We avoid including personal identifiers in AI prompts where feasible and do not transmit precise location to OpenAI.

7.5 Network & Abuse Protections

Rate limiting, anomaly detection, and automated anti-abuse checks help protect service availability.
IP and telemetry may be used to detect suspicious activity.
Precise location (if permissioned) may be used for fraud prevention and integrity signals; we do not share precise location with advertisers.

7.6 Responsible Disclosure

If you believe you have found a security vulnerability in MathGeni, please share the details at appbound.app/contact/ or email contact@appbound.app.. Do not publicly disclose until we confirm and address the issue.

7.7 Your Responsibilities

Keep your device OS updated and use device-level security (passcode/biometrics).
Review your iOS permissions (e.g., location) and disable any you do not wish to grant.
Only upload content you are comfortable storing under this Policy; you can delete items in-app at any time.

8. Data Retention

We keep data only as long as needed for MathGeni to function, for security/reliability, or as required by law. You can delete most content in-app at any time, and you can also email us for additional deletion requests.

8.1 Retention by category

User Content (images/files, questions, chats): Until you delete it in-app or request deletion by email.
Precise Location signals: Retained only as needed for security/diagnostics; typically up to 90 days in logs, then deleted or aggregated.
Usage Analytics (Firebase): Up to 26 months (standard analytics window) for aggregated measurement and product reliability.
Diagnostics/Crash Logs (Firebase Crashlytics or equivalent): Up to 24 months to investigate stability issues.
Device/Network Logs (e.g., IP, timestamps, request IDs): Up to 90 days for security, abuse prevention, and operational troubleshooting.
Support Emails/Attachments: Up to 24 months to track issue history and improve support quality.
Purchases/Subscriptions (Apple IAP): We receive non-financial receipt/status data and keep it as long as your entitlement needs verification and for legal/accounting purposes where applicable.

8.2 Backups

Encrypted backups may retain deleted items for a limited window (typically 30–90 days) before they cycle out. We don’t actively restore individual deleted items from backups unless necessary for security, legal, or continuity reasons.

8.3 Deletion & response timelines

In-app delete: Removes your selected chats/uploads from active systems.

Send requests via any of these:

In-app: Settings → Feedback
Contact form: https://appbound.app/contact/

Email: support@appbound.app
We will verify and complete the deletion of eligible data within 30 days (may extend where permitted for complex requests; we’ll notify you if so).

8.4 Aggregation & de-identification

Where feasible, we transform data into aggregated or de-identified form and may retain those statistics beyond the periods above because they no longer reasonably identify you.

9. Your Rights

Depending on where you live, you may have rights over your information. We honor these rights to the extent required by law and, where reasonable, for all users.

9.1 Access, correction, deletion

Access: You can request a copy of the personal data we hold about you.
Correction: You can request that we correct inaccurate data.
Deletion:
- In-app: Delete specific chats/uploads directly in the app.
- By email: Request broader deletion at https://appbound.app/contact/.
- We’ll verify and complete eligible deletion within 30 days (see Section 8.3).

9.2 Portability

You may request an export of your personal data in a machine-readable format where required by law.

9.3 Consent withdrawal & permissions

If you’ve granted device permissions (e.g., precise location), you can withdraw them anytime in iOS Settings. Some features may be limited without certain permissions.

9.4 Objection & restriction (where applicable)

In regions that provide these rights (e.g., GDPR jurisdictions), you may object to or request restriction of certain processing based on our legitimate interests. We will honor such requests where required.

9.5 Non-discrimination

We will not discriminate against you for exercising privacy rights. Certain features may not function if required data is deleted or if permissions are withdrawn.

9.6 California (CCPA/CPRA) disclosures

No “sale” or “sharing” for cross-context behavioral advertising.
You may request access, correction, or deletion as described above.
We may process precise location for security/operations; we do not disclose it to advertisers.
You may use an authorized agent to submit a request; we may require proof of authorization and identity verification.

9.7 Verification

For email requests, we will reasonably verify your identity (e.g., by confirming control of the requesting email and limited device/app details). If we cannot verify, we’ll explain what’s needed.

9.8 Appeals & complaints

If you believe we haven’t resolved your request, you can reply to our response to request an appeal. If applicable in your region, you may also lodge a complaint with your local data protection authority.

How to exercise your rights:
Submit a request via Settings → Feedback in the app, use the contact form at https://appbound.app/contact/, or email support@appbound.app. If your request relates to specific in-app content, include enough detail (e.g., timestamps or brief description) so we can locate it.

10. Children’s Privacy

MathGeni is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us personal information, please contact contact@appbound.app and we will take steps to delete it.

11. International Data Transfers

We may process and store information in the United States and other locations where we or our service providers operate.

Safeguards for EU/EEA/UK users: Where applicable, we rely on Standard Contractual Clauses (SCCs) and comparable safeguards for transfers.
We take steps to ensure your data receives a level of protection consistent with applicable law, regardless of where it is processed.

12. Cookies, Tracking & Ads

MathGeni does not use third-party advertising SDKs and does not engage in cross-app tracking.

We do not collect the IDFA for advertising.
Analytics and diagnostics (e.g., Firebase) may use device/app identifiers for product measurement and stability only, not for ads or tracking across other apps or websites.
On iOS, you control permissions (e.g., precise location) in Settings.

13. Data Deletion, Access & Portability Requests

In-app deletion: You can delete chat history and uploaded items directly in the app.

Submit access/deletion/export requests via any of these:

In-app: Settings → Feedback
Contact form: https://appbound.app/contact/
Email: support@appbound.app
We’ll verify reasonable details and respond within 30 days. Minimal data may be retained where required by law, for security/abuse prevention, or in limited backups (which expire on their cycle).

Limits: We may retain minimal information where required by law, for security/abuse prevention, or in limited backups (which expire on their cycle).

(See Sections 8 and 9 for retention periods and your regional rights.)

14. Changes to This Policy

We may update this Privacy Policy to reflect changes in features, providers, or legal requirements.

Material changes will be highlighted in-app (or via service notice) and will include a new “Effective Date.”
Your continued use of MathGeni after the updated policy takes effect constitutes acceptance of the revised terms.

15. Region-Specific Notices

California (CCPA/CPRA). We do not “sell” personal information and do not “share” it for cross-context behavioral advertising. You have rights to access, correct, and delete your personal information and to use an authorized agent. We will verify requests as required by law. See Sections 9 and 13.

EU/EEA/UK. Where applicable, we process data under lawful bases including performance of a contract, legitimate interests (security, service quality, de-identified analytics), legal obligations, and consent (e.g., device permissions such as precise location). We rely on SCCs (Section 11) for international transfers. You may have rights to access, rectify, erase, restrict, object, and portability (Section 9).

If any local law requires different disclosures or additional rights, we will honor those where applicable.

16. App Store Privacy “Nutrition Labels” (Summary Mapping)

Below is how MathGeni maps to Apple’s privacy categories based on the current design:

Collected & Linked to You

Contact Info: Email (when you contact support/feedback)
User Content: Photos/files you upload; text/questions/chats
Identifiers: App instance IDs or similar (e.g., Firebase)

Collected but Not Linked to You

Usage Data: Product interaction (feature usage, screens, taps)
Diagnostics: Crash/performance data
Location: Precise location (used for reliability/security/analytics; not for ads or tracking)

Not Collected

Contacts, calendars, microphone/voice, clipboard, advertising identifiers (IDFA), financial account data (Apple IAP only)

Tracking

No cross-app tracking; no ad networks; no IDFA.

If you later change what’s collected (e.g., add marketing emails or new SDKs), we’ll update both this section and your App Store listing accordingly.

Contact & Effective Date

Provider (Data Controller): AppBound Technologies LLC, Delaware, USA

Privacy Contact: contact@appbound.app | https://appbound.app/contact/ | In-app: Settings → Feedback

Governing Law: Delaware, USA
Effective Date: 12^th October 2025