Privacy Policy
This Privacy Policy describes how Jorge Castillo Pérez ("we", "us") collects, uses, and shares information when you use the Yellow Teeth mobile application (the "App").
1. Information we collect
Photos of your teeth
When you complete the onboarding flow, the App asks you to take or select a photo of your teeth. This photo is sent to a third-party AI provider (see Section 3) for the sole purpose of generating your personalized whitening routine. The photo is not stored on our servers after the analysis completes.
Subscription and purchase information
If you subscribe, your purchase is processed by Apple's App Store. We do not receive your payment card details. Apple shares a transaction identifier and subscription status with our subscription management provider (RevenueCat) so we can grant you access to paid features.
Device and usage data
The App stores your routine, completed tasks, and a copy of your teeth photo locally on your device (in iOS UserDefaults). This data does not leave your device unless you contact us with it for support purposes.
Notification permission
If you grant permission, the App schedules local push notifications to remind you about your daily routine. These notifications are generated on your device — we do not send remote push notifications.
2. How we use information
- To generate your personalized teeth whitening routine.
- To grant access to subscription features after a successful purchase or trial.
- To send local reminder notifications, if you opt in.
- To respond to your support inquiries.
3. Third-party services
The App uses the following third-party services. Each of them processes your data subject to its own privacy policy:
- Apple App Store — handles all purchases and subscriptions. See Apple's privacy policy.
- RevenueCat — manages subscription state and entitlement validation. See revenuecat.com/privacy.
- OpenAI and/or Google Gemini — receives your teeth photo for AI analysis. See openai.com/policies/privacy-policy and policies.google.com/privacy. Per OpenAI's API policy, photos sent through the API are not used to train their models.
- Cloudflare — hosts a request proxy used to route AI requests. See cloudflare.com/privacypolicy.
4. Data retention
We do not retain your teeth photos on our infrastructure after analysis. Subscription metadata is retained by RevenueCat for as long as your subscription exists, plus the period required for tax and bookkeeping. Local data on your device is retained until you delete the App or clear its data from Settings.
5. Children
The App is not directed to children under 13 (or the equivalent minimum age in your country). We do not knowingly collect personal information from children. If you believe a child has provided data, please contact us so we can delete it.
6. Your rights
Depending on your jurisdiction, you may have the right to access, correct, or delete the personal data we hold about you, to restrict or object to processing, and to data portability. To exercise these rights, contact us at the email below. Because most data lives on your device, the fastest way to delete it is to uninstall the App.
7. Security
We use HTTPS for all data in transit. We do not operate a backend database holding personal user data — the only persisted personal data outside your device is your subscription record at RevenueCat, which is encrypted at rest.
8. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated via the App or App Store update notes.
9. Contact
Questions about this policy? Email jorge.castillo.prz@gmail.com.