Privacy Policy
Last updated Nov 15, 2024
This Privacy Policy outlines the privacy practices of GigaBody regarding our mobile applications (each, an “App” and collectively, the “Apps”) and the GigaBody.app website (the “Site”).
Summary
If you don't have time to read this entire Privacy Policy, here are a few key points regarding GigaBody's privacy practices:
- Our Apps are photo editors that allow users to apply different muscle to their photos and estimate body composition metrics
- Our app collects photographs including facial data to create an embedding that allows us to apply the desired transformations, such as enhancing muscle definition, increasing muscle size, and fixing double chins.
- For health estimation features, we collect basic user data including age, gender, height, and weight
- We utilize third-party cloud providers, including Firebase Runpod, and Alibaba Cloud to process and edit photographs.
- We do not share collected photographs including face data with any third parties, except for our cloud providers like Firebase, Runpod, and Alibaba Cloud which are used to store processed images and support our functionality.
- Uploaded photographs are stored on cloud servers and protected by Firebase's security measures.
- Processed images are stored on firebase storage with user authenticated access only.
- Processed photos are kept for caching purposes for a year and will be immediately deleted when a new photo is processed.
1. Information We Collect
1.1. When you use the App and select photographs for editing, we save them for processing to provide the requested editing service:
The photographs you choose through the Apps, whether from your camera or camera roll (if you've granted the Apps permission), or via the in-App internet search functionality, are processed only if you specifically select them for editing. We understand that photographs can contain sensitive information, including facial data and other personal details. We collect and process this data solely to provide the muscle enhancement and photo editing functionality of our app. We do not collect your entire photo album even if access is granted. Each photograph is protected with Firebase's built-in security mechanisms, ensuring that only you can view it. While we do not require or request any metadata attached to the photographs, such metadata (e.g., geotags) may still be associated with your photographs by default. This metadata may include precise location data if your device settings allow it.
1.2. When you use the App and the Site, we may collect certain information, including:
- App usage information and online activity data, such as how you interact with the App, the features you use, your preferred language, and the dates and times of your App installations and launches.
- App-related purchase history: If you purchase consumable items in the App, we do not receive billing information such as your address or credit card details (as we don't handle subscriptions directly). We only receive confirmation from the relevant application store that you are a paid customer, enabling us to provide rendering services.
- Device data, such as your operating system type and version, manufacturer and model, push tokens, Google Advertising ID, Apple ID for Advertising, browser type, screen resolution, IP address (and the associated city/country), and the website you visited before ours.
Only online identifiers such as IP address, App Instance ID (assigned to an App copy on your device), and Advertising ID are generally considered personal data. However, we cannot directly identify you as a data subject based on these identifiers.
1.3. When you use the App and the Site, we may collect additional information, including:
Contact information, such as your name and email address, and information related to your communication with us.
1.4. When you use the App and the Site, we collect your photographs for the following reasons:
Selected photographs, including facial data, are converted into an embedding format specific to our model. This allows us to apply transformations such as enhancing muscle definition, increasing muscle size, and fixing double chins naturally.
1.5. When you use the App's health estimation features, we collect: Age, Gender, Height, and Weight.
This data is processed within the app solely for the purpose of generating body fat and muscle mass estimates. We employ VLLM technology to process these inputs and generate health-related estimations. All data processing occurs locally or within our secure systems, and no personally identifiable information is disclosed during this process.
2. How We Use Your Information
2.1. We use the photographs you provide in the Apps to offer editing functionality and enhance photo quality. This includes analyzing facial features and body proportions to apply the desired transformations, such as enhancing muscle definition, increasing muscle size, and addressing other aspects of your physique as selected within the app. We do not use facial recognition technology to identify individuals or match photos to other datasets. We do not access, store, or utilize any location data that may be embedded in the metadata of your photographs.
2.2. We may use other information you provide for the following purposes:
To operate and improve the Apps and the Site. We use your personal information to operate, maintain, and provide you with the Apps and the Site. Specifically, we will use your personal information to fulfill our contractual obligations under our Terms of Use, such as:
- Enabling you to use the features of the Apps and visit the Site.
- Communicating with you about the Apps and the Site, including sending you announcements (if you chose to share your email address), updates, and security alerts through push notifications, and responding to your requests, questions, and feedback.
- Providing technical support and maintenance for the Apps.
To improve, monitor, and protect our Apps and the Site. It is in our legitimate business interests to enhance and secure our services for our users. We achieve this by:
- Performing statistical analysis on aggregated data relating to the use of the Apps and the Site (including through third-party services).
- Troubleshooting, testing, and conducting research.
For compliance, fraud prevention, and safety. We may use and disclose the information we collect (such as device data and app usage information) where it is in our legitimate business interests to: (a) protect our, your, or others' rights, privacy, safety, or property (including making and defending legal claims); (b) enforce the terms and conditions governing the Apps and the Site; and (c) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity. We may disclose this information to government authorities and other third parties as required by applicable law.
To create anonymous, aggregated, or de-identified data. We may create and use anonymous, aggregated, or de-identified data where it is in our legitimate business interests, and share it with third parties.
2.3. We will only process personal information based on our legitimate interests where such interests are not overridden by your interests or fundamental rights and freedoms.
2.4. Health Estimation Feature Usage: We use the health-related data you provide (age, gender, height, and weight) exclusively for: Generating body fat estimates Calculating muscle mass estimates Providing personalized fitness insights This feature uses VLLM technology to process your inputs and generate estimates. Please note that these estimates are not intended to replace medical consultation, and the information provided should not be used for medical advice or decision-making.
3. How We Share Your Information
3.1. We do not share user photographs with third parties, except with our cloud providers, Firebase and Runpod, Alibaba Cloud, to provide the photo editing features of the Apps.
3.2. We may share your non-photo and non-video information under the following circumstances:
- Affiliates: We may share your information with our subsidiaries and affiliates for purposes consistent with this Privacy Policy.
- Service Providers: We may share your information with service providers that perform services on our behalf or assist us in operating the Apps (e.g., customer support, hosting, analytics, email delivery, marketing, and database management services). These third parties are only permitted to use your information as directed or authorized by us and in accordance with this Privacy Policy. They are prohibited from using or disclosing your information for any other purpose.
- Third-Party Platforms and Social Media Networks: If you choose to post an edited photograph or video to your social media account, we do not control how the third-party platform uses your information. Their use of your information is governed by their privacy policy and terms and conditions.
- Professional Advisors: We may disclose your information to professional advisors, such as lawyers and auditors, when necessary for the professional services they provide to us.
- Business Transfers: In connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy or dissolution, we may sell, transfer, or otherwise share some or all of our business or assets, including your information.
4. Compliance with Law
We may need to disclose your information to comply with applicable laws, legal requests, and legal processes, such as responding to subpoenas or requests from government authorities, or for compliance, fraud prevention, and safety reasons as described above.
5. Data Minimization and Security
5.1 We strive to minimize the collection and storage of sensitive data. We only retain your photos for as long as necessary to provide the editing service and for caching purposes, as outlined in Section 8 (Retention) of this Privacy Policy. We employ industry-standard security measures to protect your photo data, both in transit and at rest. This includes encryption of data and secure storage using Firebase provided robust infrastructure. You can control the photos you choose to upload and edit within our app. You can also delete your processed photos at any time using the functionality provided within the app.
5.2. Health Estimation Data: For our health estimation feature: We collect only essential data (age, gender, height, and weight) needed for generating body fat and muscle mass estimates. All data is processed locally or within our secure systems using VLLM technology. No personally identifiable information is disclosed or transferred during the estimation process. Data is not shared with third parties unless explicitly permitted by you or required by law. Health estimation data is not used for advertising purposes or external user profiling. You may request deletion of your health estimation data at any time using the functionality provided within the app's settings page. The feature's estimates are not intended for medical consultation or decision-making.
6. Your Choices
Opting out of push notifications: You can opt out of push notifications by changing the settings on your mobile device.
Device permissions: You can revoke any permissions you previously granted, such as access to your camera, camera roll, or microphone, through your mobile device settings.
Personal information requests: Depending on your jurisdiction, you may have rights regarding your personal information, including:
- Information about how we collect and use your personal information. This information is available in this Privacy Policy.
- Access to a copy of the personal information we have collected about you, provided in a portable, machine-readable format where applicable.
- Correction of inaccurate or outdated personal information.
- Deletion of personal information that is no longer necessary for providing services or other lawful purposes.
- Additional rights, such as objecting to and requesting that we restrict our use of your personal information.
To make a request, please email us at contact@gigabody.app. We may ask for specific information to help confirm your identity. California residents can authorize an agent to submit requests on their behalf. We will require authorized agents to confirm their identity and authority in accordance with applicable laws. You are entitled to exercise your rights free from discrimination.
If you wish to submit a complaint about our use of your personal information or our response to your requests, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In Europe, you can find your data protection regulator through the European Data Protection Board (EDPB).
Choosing not to share your information: If we require your information to provide services or to comply with legal obligations, and you do not provide it (or later request its deletion), we may not be able to offer you our services.
Limits on your choices: In some cases, your choices may be limited if fulfilling your request affects the rights of others, our ability to provide a requested service, or our compliance with legal obligations and enforcement of legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as outlined in the “How to Contact Us” section below. We may require additional information to verify your identity and process your request.
7. California Privacy Rights
If you are a resident of California, the California Consumer Privacy Act (CCPA) provides you with certain rights regarding your personal information. These rights include:
What "Sharing" Means Under the CCPA: The CCPA defines "sharing" as disclosing or making available a consumer's personal information to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.
We do not share your personal information with third parties for cross-context behavioral advertising.
What "Selling" Means Under the CCPA: The CCPA defines"selling" broadly as disclosing or making available a consumer's personal information to a third party for monetary or other valuable consideration.
We do not sell your personal information.
- Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which we collected the information, the business or commercial purpose for collecting or selling your personal information, the categories of third parties with whom we share your personal information, including whether we share your information for cross-context behavioral advertising, and the categories of personal information that we have sold or disclosed for a business purpose.
- Right to Delete: You have the right to request that we delete any personal information about you that we have collected from you, subject to certain exceptions.
- Right to Opt-Out of Sale: You have the right to opt-out of the sale of your personal information, as defined by the CCPA. While GigaBody does not currently sell your personal information, we want to ensure you are aware of this right.
- Right to Non-Discrimination: You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA.
For CCPA requests, you can reach us at: contact@gigabody.app
8. Virginia Privacy Rights
If you are a resident of Virginia, the Virginia Consumer Data Protection Act (VCDPA) provides you with certain rights regarding your personal information, including:
- Right to Access: You have the right to confirm whether we process your personal information and to access such information.
- Right to Correction: You have the right to correct inaccuracies in your personal information that we process, taking into account the nature of the information and the purposes of the processing.
- Right to Deletion: You have the right to request that we delete your personal information, subject to certain exceptions.
- Right to Data Portability: You have the right to receive your personal information, which you have provided to us, in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the information to another controller without hindrance.
- Right to Opt-Out: While GigaBody does not currently sell your personal information, engage in targeted advertising using your data, or use profiling for decisions with significant legal effects, you have the right to opt-out of such processing should our practices change.
How to Exercise Your Virginia Privacy Rights
To exercise any of your rights under the VCDPA, please contact at: contact@gigabody.app
9. GDPR Rights
If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). These rights include:
- Right to Access: You have the right to request access to the personal data we hold about you.
- Right to Rectification: You have the right to request the correction of any inaccurate or incomplete personal data we hold about you.
- Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data, under certain conditions.
- Right to Restriction of Processing: You have the right to request the restriction of processing of your personal data, under certain conditions.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit this data to another controller.
- Right to Object: You have the right to object to the processing of your personal data, under certain conditions.
- Rights Related to Automated Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
To exercise any of your GDPR rights, you can reach us at: contact@gigabody.app
10. LGPD Rights
If you are a resident of Brazil, the Lei Geral de Proteção de Dados (LGPD) provides you with certain rights regarding your personal information. These rights include:
- Right to Confirmation: The right to confirm whether or not we process your personal data.
- Right to Access: The right to access your personal data that we hold.
To exercise any of your LGPD rights, you can reach us at: contact@gigabody.app
11. No Sale of Data, Targeted Advertising, or Legal Profiling
We do not sell your personal data to any third parties. We also do not engage in targeted advertising practices or profiling that supports decisions producing legal or similarly significant consequences for you. Your privacy is important to us, and we are committed to being transparent about our data practices.
12. Other Sites, Mobile Applications, and Services
The App may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third-party websites, mobile applications, or online services, and we are not responsible for their actions. Other websites, mobile applications, and online services follow different rules regarding the collection, use, and sharing of your personal information. We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use.
13. Security Practices
We employ commercially reasonable security measures to protect the information collected through our services. However, GigaBody cannot guarantee absolute security of your information, as malicious actors may attempt to access, disclose, alter, or destroy it.
Please help us by safeguarding your information. You are responsible for maintaining the confidentiality of your information and controlling access to communications between you and GigaBody at all times. We are not responsible for the functionality, privacy, or security measures of any other organization.
14. Retention
We configure Firebase to process photographs, and the associated information is stored in the cloud.
Processed photos are kept for caching purposes for a year and will be immediately deleted when a new photo is processed.
15. Cross-Border Data Transfers
If we transfer your personal information internationally, the destination countries may not offer the same data protection laws as your home country. When transferring information internationally, we ensure that:
- Data transfers comply with applicable laws; and
- Relevant safeguards are in place to provide adequate protection for your personal information.
Additionally, our technical support team may access your information, such as App usage data, from locations outside of your state, province, or country.
16. Children
Our Apps and Site are not intended for children under the age of 13. We do not knowingly collect data from individuals under 13. If you are under 13, do not use our Apps and Site. If you are a parent or guardian of a child under 13, please ensure they do not use our Apps and Site. In some regions, the minimum age may be higher due to local regulations.
17. Changes to the Privacy Policy
We reserve the right to update this Privacy Policy at any time. If we make significant changes, we will notify you by updating the date of this Privacy Policy and posting it on the App and Site. We may also provide additional notification through the Apps or other means as required by law.
Any changes to this Privacy Policy will become effective upon posting the new terms on the Site and/or implementing them on the Apps and Site. Your continued use of our services after the posting of any changes indicates your acceptance of the modified Privacy Policy.
18. How to Contact Us
GigaBody is responsible for processing your personal information and acts as the data controller. If you have any comments, questions, or concerns about this Privacy Policy, or if you wish to make a complaint about how your personal data is being processed, please email us at contact@gigabody.app