Privacy Policy

Govu (we, us, our) builds an iOS app that lets you create AI generated photos and videos. This Privacy Policy explains what data we collect, why we collect it, and the choices you have. By using Govu you agree to the practices described here.

Information we collect

• Account. Govu signs you in anonymously on first launch using Firebase Authentication. We store a generated user id, your credit balance, and a credit ledger. We do not collect your name, email, or phone number.
• Content you generate. When you create an image or video, the prompt and any input photo are sent over an encrypted (HTTPS/TLS) channel to Govu’s secure API backend, which runs the AI generation. Generated outputs are stored under your private account in our backend so you can access them later, and your uploads and results are protected by access rules that only authorise your own account to read them.
• Purchases. Purchases are processed by Apple. We receive a receipt and a product identifier through RevenueCat in order to grant credits. We do not receive your payment card details.
• Device and diagnostic data. We collect minimal information needed to deliver push notifications and Live Activities (APNs tokens) and to debug crashes.

Face data

Govu lets you optionally upload a photo of yourself or another person so a generative AI model can re-imagine that photo in a different artistic style. The photo may contain a face. This section explains, in detail, how those photos are handled, secured, and deleted. We take this responsibility seriously and have designed the feature so that no face analysis of any kind is performed on the images you submit.

What face data the app collects

Govu collects only the photographs that you explicitly choose from your iOS Photos library and submit to a generation. The photo may contain a face. Govu performs no face analysis whatsoever on those photos. In particular:

• Govu does not run face detection, face recognition, face matching, face clustering, age or gender estimation, emotion detection, liveness detection, or any other face-analysis algorithm on uploaded photos.
• Govu does not use Apple’s TrueDepth camera, Face ID, ARKit face tracking, or the Vision framework’s face-detection or face-landmark APIs.
• Govu does not compute, derive, store, or transmit any biometric template, face print, face embedding, face signature, face mesh, depth map, or other unique facial identifier.
• Govu does not attempt to identify, recognise, verify, authenticate, match, cluster, or attribute a name or identity to any person in a photo.
• Govu does not use face data for advertising, profiling, or training third-party AI models.

From Govu’s perspective, an uploaded portrait is treated the same as any other photograph: a pixel image passed straight through to the generative model as input.

How the collected photos are used

An uploaded photo is used for one purpose only: to produce the AI-generated image or video you requested. Concretely:

1. You pick a photo in the app and tap Send.
2. The photo is uploaded over encrypted HTTPS/TLS to Govu’s secure backend into a private, access-controlled folder scoped to your anonymous account. Storage access rules permit only your own account to read it.
3. Govu’s secure server-side API hands the photo, together with your text prompt, to our generation engine, which runs the image-to-image model and returns the stylised result. API keys live only on our servers and never on your device.
4. The result is saved back to your account so you can view it in History, save it to Photos, or share it.

The photo is never used to identify or recognise the person in it, never matched against any database, never used to train any AI model, and never reused for any purpose other than producing the specific generation you asked for.

Sharing and storage

Photos you upload are stored on Govu’s backend infrastructure, in private, access-controlled storage. The only systems that touch an uploaded photo are:

• Govu’s own backend — the secure API and storage that hold your upload while a generation is in flight and while it sits in your History.
• Govu’s server-side AI generation pipeline — an internal, signed, server-to-server call that runs the image-to-image model and returns the result. This pipeline is operated for Govu under a data-processing arrangement that prohibits using your photo for any purpose other than producing your generation, and prohibits retention beyond what is needed to deliver the result.

Photos are not shared with advertisers, analytics vendors, data brokers, social platforms, or any other third party. Photos are not sold. Photos are not used to train Govu’s own AI models or any third-party AI model.

How long face data is retained

We minimise how long face data lives on our servers and we automatically delete it on a schedule. Specifically:

• Source photos you upload are automatically deleted from Govu’s servers within 30 days of upload. This deletion is automatic and unconditional — you do not need to ask. Generated results stay in your History so you can view, save, or re-share them, until you delete them.
• In the generation pipeline, the photo is processed transiently to produce your result and is not retained for model training.
• You can delete any individual generation from the History screen at any time, which immediately removes both the source upload and the generated result from our servers.
• You can request full account erasure at any time by emailing privacy@govu.ai. We will delete your entire account, every uploaded photo, and every generated result within 30 days of the request, except where retention is required for legal, accounting, or fraud-prevention purposes.

Because Govu never extracts, derives, or stores any biometric face template or face embedding, there is no separate biometric record to retain or delete — deleting the photo deletes the data.

Security

Uploads travel over encrypted HTTPS/TLS. Storage is private and access-controlled so only your anonymous account can read your uploads and results. Generation requests run on Govu’s server-side infrastructure; API credentials and signing keys live only on our servers, never on your device. The data path is signed and authenticated end-to-end.

Where this is documented in the policy

The complete description of Govu’s collection, use, disclosure, sharing, and retention of photos that may contain a face is in this section, titled “Face data”, above. Additional, non-face-specific detail about the same data flows appears under “Third parties” and “Data retention” below.

How we use information

• To process your generation requests and return results to your device.
• To debit, credit, and reconcile your credit balance.
• To send completion notifications and Live Activity updates.
• To prevent abuse, detect fraud, and keep the service running.

Third parties

We rely on the following processors. They handle data only on our behalf and only to provide their service:

• Cloud infrastructure providers (authentication, database, server-side functions, secure storage, and messaging that power Govu’s backend).
• Govu’s server-side AI generation pipeline (image and video generation models, invoked only via signed server-to-server calls; bound by a data-processing arrangement that prohibits use of your content for model training or any purpose other than producing your generation).
• RevenueCat (in-app purchase receipts).
• Apple Push Notification service (notifications and Live Activities).

Data retention

We retain only what we need to run the service. Specifically:

• Source photos you upload are automatically deleted from Govu’s servers within 30 days of upload, regardless of whether you take any action.
• Generated results remain in your private History until you delete them, or until you request full account deletion.
• Your credit ledger is retained for as long as your account is active so we can reconcile purchases and refunds.
• You can request full erasure at any time by emailing privacy@govu.ai. We delete your account and associated content within 30 days, except where retention is required for legal, accounting, or fraud-prevention purposes.

Your choices

• You can revoke notification permissions any time in iOS Settings.
• You can request export or deletion of your data at support@govu.ai.
• You can stop using the app and uninstall it at any time.

Children

Govu is not directed to children under 13 and we do not knowingly collect personal information from them. If you believe a child has provided us data, contact us and we will delete it.

Changes

If we make material changes to this policy we will update the date above and, where appropriate, notify you in the app.

Contact

Questions: support@govu.ai.