Privacy Policy

Effective Date: October 17, 2025
Last Updated: October 17, 2025

Core Principle: MoodMirror performs emotion detection locally on your device using ML Kit. Photos are processed in memory and not uploaded to external servers unless you choose to share generated cards through system sharing functions.

1. Information We Collect

1.1 Device and Identifiers

Advertising Identifiers: Google Advertising ID (GAID) collected by integrated ad SDKs for ad serving and frequency capping.
Device Information: Device model, OS version, screen size, language settings collected for app functionality and analytics.
App-specific Identifiers: Anonymous installation ID generated by Firebase Analytics for usage tracking.

1.2 Runtime Permissions

The app requests the following permissions:

Permission	Purpose	Data Processing
Camera	Capture photos for emotion detection	Local processing only; not uploaded
Read/Write External Storage (Android 12 and below)	Save generated share cards to device storage	Files saved locally; user-controlled
Internet	Serve ads, send analytics events, download ad creatives	Network requests to ad networks and Firebase
Access Network State	Check network availability for ad loading	Local status check only

1.3 Data Categories and Usage

Data Collected:

Photos: Captured via camera or selected from gallery. Processed locally by ML Kit for facial expression analysis. Not stored permanently or uploaded unless user shares generated card.
Usage Data: App events (e.g., photo_captured, emotion_analyzed, card_shared) sent to Firebase Analytics for usage statistics.
Diagnostic Data: Crash reports and performance metrics sent to Firebase Crashlytics and Performance Monitoring.
Ad Interaction Data: Ad impressions, clicks, rewards collected by ad SDKs (TopOn, AdMob, Meta, Unity, Pangle) for ad delivery optimization.

Data Usage:

App Functionality: Emotion detection, card generation, camera preview.
Ad Serving: Deliver personalized or non-personalized ads based on user consent. Frequency capping to limit ad repetition.
Analytics: Understand user behavior, improve app features, measure engagement (anonymous aggregated data).
Crash and Performance Monitoring: Identify bugs, improve app stability.

2. Data Processing Location and Association

2.1 Local Processing

Emotion Detection: Performed entirely on-device using Google ML Kit. Face detection and expression analysis happen in memory; raw photos are not retained or uploaded.
Card Generation: Generated locally and saved to device storage only if user initiates share action.

2.2 Data Uploaded to Third Parties

Firebase (Google LLC): Anonymous analytics events, crash reports, performance metrics. Not linked to personal identity unless user signs in (authentication not implemented in v1.0).
Ad Networks: Advertising ID, device info, ad interaction data sent to TopOn, AdMob, Meta Audience Network, Unity Ads, Pangle for ad serving and attribution.

2.3 Cross-App Tracking

Ad SDKs may use Advertising ID for cross-app tracking to deliver personalized ads. Users can:

Android: Disable ad personalization in Settings → Google → Ads → Opt out of Ads Personalization.
Reset Advertising ID: Settings → Google → Ads → Reset advertising ID.

3. Third-Party SDKs

3.1 Ad SDKs

SDK	Purpose	Privacy Policy
TopOn (Thinkup)	Ad mediation platform	TopOn Privacy
Google AdMob	Ad serving	Google Privacy
Meta Audience Network	Ad serving	Meta Privacy
Unity Ads	Ad serving	Unity Privacy
Pangle (ByteDance)	Ad serving	Pangle Privacy

3.2 Analytics and Performance SDKs

SDK	Purpose	Privacy Policy
Firebase Analytics	Usage tracking	Firebase Privacy
Firebase Crashlytics	Crash reporting	Firebase Privacy
Firebase Performance	Performance monitoring	Firebase Privacy

3.3 Functional SDKs

SDK	Purpose	Data Collected
Google ML Kit	On-device face detection	Processed locally; not sent to Google
CameraX	Camera functionality	Local only

4. User Consent and Control

4.1 GDPR Compliance (EU/EEA/UK Users)

For users in the European Economic Area (EEA) and United Kingdom:

Consent Dialog: On first launch, a consent dialog powered by Google UMP (User Messaging Platform) is displayed.
Choices: Accept personalized ads, manage options, or decline personalized ads (non-personalized ads may still be shown).
Withdraw Consent: Clear app data or contact us to reset consent preferences.

4.2 Personalized vs. Non-Personalized Ads

Personalized Ads: Use Advertising ID and behavioral data for targeted ads (higher relevance, higher revenue).
Non-Personalized Ads: Generic ads not based on user behavior (lower relevance).

4.3 Opt-Out Options

Android Settings → Google → Ads → Opt out of Ads Personalization
Android Settings → Google → Ads → Reset advertising ID
App Settings → Clear Data (resets consent)

5. Data Sharing

5.1 With Whom We Share Data

Ad Networks: TopOn, AdMob, Meta, Unity, Pangle receive device info and ad interaction data.
Analytics Providers: Firebase (Google) receives anonymous usage and diagnostic data.
No Sale of Personal Data: We do not sell user data to third parties.

5.2 Data Retention

Local Data: Generated share cards stored on device until user deletes them or uninstalls the app.
Firebase Analytics: Retained for 60 days (configurable by Firebase project settings).
Crashlytics: Retained for 90 days.
Ad SDK Data: Retention policies vary by ad network; refer to their respective privacy policies.

5.3 Data Security

Encryption: Network transmission uses HTTPS/TLS.
Access Control: App-scoped storage (Android 10+); files not accessible by other apps.
No Cloud Storage: No user data stored on our servers; all processing is local or handled by third-party SDKs per their policies.

6. Regional Compliance and User Rights

6.1 GDPR (EU/EEA/UK)

Users in the EU/EEA/UK have the following rights:

Access: Request a copy of your data (limited to analytics events; contact us).
Rectification: Request correction of inaccurate data.
Erasure: Request deletion of your data (uninstall app or contact us).
Restriction: Request limiting data processing.
Portability: Request data export (if applicable).
Object: Object to data processing for direct marketing.
Withdraw Consent: Withdraw GDPR consent at any time (clear app data or contact us).

6.2 CCPA/CPRA (California, USA)

California residents have the following rights:

Know: Request disclosure of data collected and shared.
Delete: Request deletion of personal information.
Opt-Out: Opt out of sale of personal information (we do not sell data).
Non-Discrimination: Exercise rights without penalty.

6.3 Other Jurisdictions

We comply with applicable data protection laws in all regions where the app is available.

7. Children's Privacy

MoodMirror is designed for general audiences aged 13+. We do not knowingly collect personal information from children under 13 without parental consent. If we become aware of such collection, we will delete the data promptly.

8. Data Processing Summary

Data Type	Processing Location	Linked to Identity	Cross-App Tracking
Photos (camera/gallery)	Local device only	No	No
Emotion detection results	Local device only	No	No
Analytics events	Firebase servers (Google)	No (anonymous)	No
Crash reports	Firebase servers (Google)	No	No
Ad interactions	Ad network servers	Via Advertising ID	Yes (if personalized ads enabled)
Advertising ID	Ad network servers	Pseudonymous	Yes (user can opt out)

9. Changes to This Privacy Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the app after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or requests regarding this privacy policy, please contact us:

Email: caritavalo9@gmail.com
App Name: MoodMirror
Package Name: com.qiqiba.moodmirror

11. Legal Basis for Processing (GDPR)

Our legal basis for processing personal data:

Consent: For personalized advertising (user can withdraw via settings).
Legitimate Interest: For app functionality, analytics, crash reporting (balancing our interest with user privacy).
Contractual Necessity: To provide core app features requested by user.

12. Data Retention Details

Note: Retention periods marked as "default" are set by third-party services (Firebase, ad networks) and are not controlled by our app. These are their standard data retention policies.

Data Type	Retention Period	Deletion Method
Generated share cards	Until user deletes file or uninstalls app	Manual file deletion or app uninstall
Firebase Analytics events	60 days (Firebase default)	Automatic expiration by Firebase
Crashlytics reports	90 days (Firebase default)	Automatic expiration by Firebase
Ad SDK data	Varies by network (see their policies)	Per ad network retention policy
GDPR consent record	12 months or until user resets consent	Clear app data or contact us

13. Third-Party Links

The app may contain links to third-party websites (e.g., ad landing pages). We are not responsible for the privacy practices of external sites. Users should review the privacy policies of any third-party sites they visit.

14. Security Measures

Encryption in Transit: All network communications use HTTPS/TLS.
App Sandbox: Data stored in app-private directory (Android 10+), not accessible to other apps.
Minimal Permissions: Only request permissions necessary for app functionality.
Secure Coding Practices: Input validation, secure random generation for signing keys.

15. International Data Transfers

Data processed by Firebase and ad SDKs may be transferred to and stored on servers located in the United States and other countries. These transfers are subject to:

EU-US Data Privacy Framework (for Firebase/Google services)
Standard Contractual Clauses (SCCs) where applicable
Adequate safeguards per GDPR Article 46

16. Compliance Certifications

This privacy policy is designed to comply with:

GDPR (General Data Protection Regulation, EU/EEA/UK)
CCPA/CPRA (California Consumer Privacy Act)
Google Play Developer Program Policies
IAB Transparency and Consent Framework (TCF) v2.2