Nerole Faceless brand mark Nerole Faceless Privacy Policy

Privacy Policy

Effective date: March 24, 2026. This policy describes how Nerole Faceless collects, uses, retains, shares, and protects data.

1. Scope

This Privacy Policy applies to the Nerole Faceless app, the website at faceless.neroleai.com, and related support, legal, and billing interactions. It covers data we control directly and data processed on our behalf by approved service providers.

2. The service model

Nerole Faceless is built around anonymous authentication, App Store billing, and privacy-first media handling. Standard generated photos are intended to remain on the device or in iCloud Sync if the user enables it. We do not operate a permanent normal-use server-side photo library for users.

3. Data categories we may process

Anonymous account and device data

  • Anonymous user identifier
  • Installation identifier
  • App version, locale, timezone, and limited device metadata needed to run the service
  • Theme, accessibility, and app language preferences

Purchase and subscription data

  • Entitlement state, product identifiers, transaction identifiers, and credit sync metadata
  • Limited billing support records needed to resolve disputes, failed purchases, or account restrictions

Generation-related data

  • Reference media submitted for generation
  • Prompt instructions, style IDs, and technical request metadata
  • Safety, moderation, and failure diagnostics

Reports and abuse handling

  • Reported asset identifiers
  • Reason and supporting description
  • Optimized preview imagery when needed for limited moderation review

Support and legal communication

  • Email contents and attached materials you choose to send to us
  • Case notes used to respond to support, privacy, abuse, or billing issues

4. How we use data

  • Authenticate the user anonymously and keep the app session functional.
  • Process AI generation requests and return results.
  • Enforce safety, moderation, fraud prevention, and rate limits.
  • Operate purchases, subscriptions, and credit synchronization.
  • Provide support, respond to legal requests, and investigate failures or abuse.
  • Maintain service reliability, maintenance messaging, and operational controls.

5. Where user media is stored

Generated media is designed to remain on the device or in iCloud Sync. We do not store standard user-generated photo outputs as a permanent server-side media library.

However, limited content copies may be processed or temporarily retained when strictly necessary to deliver generation, investigate a report, resolve a technical failure, prevent fraud, or comply with law.

6. Third-party processors and infrastructure

We use a small number of service providers to operate the product. Depending on the action taken, data may be processed by:

  • Apple, for App Store billing, subscriptions, and platform services
  • RevenueCat, for subscription and entitlement management
  • Cloudflare, for edge delivery, worker execution, and abuse protection
  • Supabase (self-hosted), for authentication and application data
  • Third-party AI inference providers, for image generation

Appleā€™s App Review Guidelines require that third parties who receive user data provide the same or equal protection described in the privacy policy. We select providers with that expectation in mind and limit shared data to what is operationally necessary.

7. Retention

  • Anonymous account records are kept while needed to operate the account or until deletion is requested, subject to lawful retention duties.
  • Standard generated photos are not retained as a permanent server-side user library.
  • Report-related preview images are automatically deleted after a short retention period. Our current operational target is 3 days for report preview data retained for moderation review.
  • Support and legal communications may be retained for as long as reasonably necessary to resolve the issue, protect the service, or comply with law.
  • Security and fraud-prevention logs are retained only for limited operational windows unless longer storage is required for abuse investigation or legal defense.

8. User rights and choices

  • Delete local content from the device.
  • Delete or reset the anonymous account, subject to retention obligations.
  • Contact us to request access, deletion, or privacy support where applicable law provides those rights.
  • Manage App Store subscriptions through Apple.

9. Children and age restrictions

The service is not designed for unlawful or unsafe use by minors. Users must comply with local age and consent requirements. The service must not be used to create exploitative or sexualized content involving minors under any circumstances.

10. Security

We use layered operational controls including anonymous auth, rate limiting, Cloudflare protection, account restrictions, runtime maintenance controls, and limited retention of support or report data. No system is perfectly secure, but we take reasonable technical and organizational measures to reduce risk.

11. International processing

Depending on the provider involved, data may be processed in different jurisdictions. We limit processing to what is required to operate the service and support lawful product delivery, security, and billing.

12. Changes to this policy

We may update this Privacy Policy to reflect infrastructure, legal, operational, or product changes. Material changes may be posted here and, when appropriate, surfaced inside the app before continued use.

13. Contact

For privacy requests or questions, email privacy@neroleai.com. For general support, use support@neroleai.com.