Welcome to Shentsoft Applications. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use any mobile application developed or published by Oleg Sentev ("Developer", "we", "our", or "us"), including but not limited to applications distributed under the Shentsoft brand (each, an "App" and collectively, "Developer Apps"), available on iOS and Android.
By downloading or using any App, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the App.
This policy applies globally to all users of Developer Apps, including users in the European Union/EEA, the United Kingdom, Switzerland, California (USA), and all other regions.
This Privacy Policy is incorporated by reference into our Terms of Service, available at: https://shentsoft.com/legal/terms.
Data Controller: Oleg Sentev ("Developer") is the Data Controller responsible for the processing of your personal data under this Privacy Policy, as defined under the General Data Protection Regulation (GDPR) and equivalent applicable data protection laws. For contact details, see Section 17.
EU Representative (Article 27 GDPR): The Developer is based in Israel and serves users globally, including in the EU/EEA. At the current scale of operations, the Developer considers that a formal EU Representative under GDPR Article 27 is not required, on the basis that: (a) processing of EU users' data is not carried out on a large scale; (b) no special category data (as defined in GDPR Article 9) is intentionally processed; and (c) processing does not include systematic monitoring of individuals. Should the scale or nature of processing change materially, the Developer will reassess this position and appoint an EU Representative if required. If you are an EU/EEA user with a data protection concern, you may contact the Developer directly at support@shentsoft.com or lodge a complaint with your local supervisory authority (see Section 8.6).
We do not require account registration and do not directly collect identifiers such as your name or email address through the App. However, certain technical data (such as device identifiers, analytics data, and subscription status) may be processed through our third-party service providers as described below. Such data may constitute personal data under applicable law, including the GDPR, and is handled accordingly.
When you use an App's identification or analysis feature, you may take a new photo using your camera or upload an image from your photo library. These images are:
OpenRouter is a platform that provides unified access to multiple AI model providers via a single API. Your images may be processed by one of these underlying AI models. We have configured our OpenRouter integration with prompt logging disabled, meaning your images and AI-generated responses are not retained by OpenRouter after your request is processed. Only non-identifiable technical metadata — such as token counts, latency, and timestamps — may be logged by OpenRouter for service performance purposes. We configure requests to minimize data retention where supported by providers, including use of OpenRouter's Zero Data Retention (ZDR) routing where available, which routes requests exclusively to AI model providers that do not store prompt content. OpenRouter's Privacy Policy is available at: https://openrouter.ai/privacy.
If you choose to save items to your personal collection within an App, that collection data (including item details and any associated images you save) is stored locally on your device only. We do not have access to your saved collection data.
Firebase (Google LLC): We use Firebase Analytics and Google Crashlytics to collect anonymous usage statistics and crash reports. This data does not identify you personally and is used solely to improve the stability and user experience of the App. Firebase may collect device identifiers and usage events as described in Google's Privacy Policy (https://policies.google.com/privacy). Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Mixpanel: We use Mixpanel to collect anonymous, aggregated analytics about how users interact with the App (e.g., which features are used most, user flow). This data does not identify you personally. Mixpanel's Privacy Policy is available at: https://mixpanel.com/legal/privacy-policy/.
Analytics data collected through Firebase and Mixpanel is used solely to understand how the App is used and to improve its functionality and stability. We do not use analytics data for advertising purposes, and we do not build advertising or behavioral profiles based on your usage of the App. When required by applicable ePrivacy rules, we obtain your consent through an in-app dialog before activating analytics SDKs.
In-app subscriptions are managed via RevenueCat, a subscription management platform. RevenueCat receives your subscription status, purchase events, and a device-level identifier. We do not collect or store your payment card details. Billing is processed entirely by the Apple App Store or Google Play, and their respective privacy policies govern payment data. RevenueCat's Privacy Policy is available at: https://www.revenuecat.com/privacy.
The App requires the following permissions to function:
These permissions are used only for the stated purposes. You can revoke them at any time in your device settings, though doing so may limit the App's functionality.
We use the information we collect for the following purposes:
We do not sell, rent, or trade your personal data to any third party for marketing purposes.
The core feature of Developer Apps — item identification and analysis — is performed entirely by automated AI processing through OpenRouter. When you submit a photo, the AI system analyzes the image and generates informational results relevant to the App's specific purpose. No human reviews your image or verifies the output before it is returned to you.
Under GDPR Article 22 and equivalent laws, you have the right to request a human review of any automated result that has produced a legally significant effect. To request this, or to contest or query any identification result, please contact us at support@shentsoft.com.
We do not use automated decision-making to make decisions about you as a person (e.g., creditworthiness, eligibility, profiling). Automated processing is limited to analyzing the item in the image you submit.
We use trusted third-party services to power certain features of Developer Apps. These services may receive limited data as described below and are governed by their own privacy policies.
When you submit an image for identification, it is transmitted securely to OpenRouter (openrouter.ai), a third-party AI routing service. OpenRouter routes your request to one or more underlying AI model providers — which may include OpenAI, Anthropic, Google, Meta, or other providers available through the OpenRouter platform — and returns the identification result to you. The specific provider used for a given request may vary and is determined by OpenRouter's routing logic. We have configured our OpenRouter integration with prompt logging disabled. This means your images and the AI-generated responses are not retained by OpenRouter after your request is processed. Only non-identifiable technical metadata — such as token counts, latency, and timestamps — may be logged by OpenRouter for service performance purposes. We configure requests to minimize data retention where supported by providers, including use of OpenRouter's Zero Data Retention (ZDR) routing where available, which routes requests exclusively to AI model providers that do not store prompt content. For full details on OpenRouter's data practices, please review their Privacy Policy at: https://openrouter.ai/privacy.
We use Firebase Analytics for anonymous usage tracking and Google Crashlytics for crash reporting. See Google's Privacy Policy: https://policies.google.com/privacy. You may opt out of analytics data collection by contacting us at support@shentsoft.com.
We use Mixpanel for anonymous behavioral analytics. See Mixpanel's Privacy Policy: https://mixpanel.com/legal/privacy-policy/.
We use RevenueCat to manage in-app subscriptions and entitlements. RevenueCat receives purchase events and device-level identifiers. See RevenueCat's Privacy Policy: https://www.revenuecat.com/privacy.
In-app subscriptions and purchases are processed by Apple Inc. and Google LLC respectively. Their privacy policies govern all billing and payment data:
We retain data only as long as necessary:
Where we no longer have a legitimate purpose to retain your data, we will delete or anonymize it. If you would like us to delete any data associated with your use of the App, please contact us at support@shentsoft.com. We will respond to your request within 45 days as required by applicable law.
Depending on your location, you may have the following rights regarding your data:
To exercise any of these rights, please contact us at support@shentsoft.com. We will respond within 30 days to privacy-related requests, and within 5 business days to general inquiries.
If you are located in the European Union or European Economic Area, you have rights under the General Data Protection Regulation (GDPR). The UK GDPR (as retained in UK law following Brexit) applies to users in the United Kingdom, and the Swiss Federal Act on Data Protection (nFADP) applies to users in Switzerland. The rights described in this section apply to users in all three jurisdictions.
We process your data on the following legal bases:
Your images and usage data may be transferred to and processed by OpenRouter, Firebase, Mixpanel, and RevenueCat on servers that may be located outside the EU/EEA, including in the United States. We take steps to ensure that any such transfers are conducted in accordance with applicable data protection laws, including relying on Standard Contractual Clauses (SCCs) or equivalent safeguards where required. We have entered into, or rely upon, appropriate Data Processing Agreements (DPAs) with our third-party service providers as required by applicable data protection laws, including GDPR Article 28.
Nothing in this Privacy Policy limits or excludes any right you may have under GDPR Article 82 to claim compensation from the Developer for material or non-material damage resulting from an infringement of the GDPR. Such rights cannot be waived by contract.
We have conducted a Data Protection Impact Assessment (DPIA) for our AI image processing feature and concluded that the processing does not result in a high risk to users' rights and freedoms, given that: (a) images are not retained on our servers after analysis is complete; (b) no special category data (as defined in GDPR Article 9) is intentionally processed; (c) we do not use facial recognition technology; and (d) processing is limited to analysis of the submitted item. We will reassess this position if the nature, scope, context, or purposes of our processing change materially.
The App requires users to be at least 16 years of age globally. This meets the GDPR Article 8 age of consent requirement in all EU/EEA Member States (which ranges from 13 to 16 depending on the Member State). We do not knowingly collect personal data from anyone under 16 anywhere in the world. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at support@shentsoft.com.
If you believe our processing of your data violates GDPR or the applicable equivalent law in your jurisdiction, you have the right to lodge a complaint with the relevant supervisory authority:
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):
California's "Shine the Light" law (Civil Code Section 1798.83) permits California residents to request, once per year and free of charge, information about categories of personal information we disclosed to third parties for direct marketing purposes. We do not disclose personal information to third parties for direct marketing purposes.
California residents may submit privacy rights requests by emailing support@shentsoft.com. We will respond within 45 days as required by law.
In addition to California, residents of other US states including Colorado, Virginia, Texas, Connecticut, Florida, Oregon, Montana, and others may have rights under their respective state privacy laws. These rights generally include the right to:
To exercise any of these rights, contact us at support@shentsoft.com. We will respond within the timeframe required by your applicable state law (typically 30–45 days).
If we decline to take action on your privacy rights request, you may appeal our decision by emailing support@shentsoft.com with the subject line "Privacy Request Appeal." We will respond in writing with an explanation of our decision within 60 days. If your appeal is denied, you may submit a complaint to your state attorney general.
Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature. At this time, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or other automated mechanisms that communicate your choice not to be tracked online. If a recognized standard is adopted in the future, we will update this Privacy Policy accordingly.
The App is not directed to individuals under the age of 16. We do not knowingly collect personal information from anyone under 16. If you are under 16, you must not use the App.
In compliance with the Children's Online Privacy Protection Act (COPPA) and its implementing regulations:
If you are a parent or guardian and become aware that your child has provided us with personal data without your consent, please contact us immediately at support@shentsoft.com and we will take steps to delete such information promptly.
As the App is operated by a sole proprietor, we may at some point sell, transfer, or otherwise dispose of the App or its associated assets. In the event of a merger, acquisition, asset sale, or other business transfer, your data may be transferred to the acquiring party as part of that transaction. We will notify you of any such change by updating this Privacy Policy and, where required by law, by direct notification. The acquiring party will be required to honor the privacy protections described in this Privacy Policy or notify you of any material changes before those changes take effect.
We implement appropriate technical and organizational measures to protect your information:
While we strive to use commercially acceptable means to protect your data, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security. For specific data retention periods for each category of data, please see Section 6 (Data Retention).
In the event of a third-party service outage, disruption, or breach beyond our reasonable control, we cannot guarantee uninterrupted protection of data in transit through those services. We will notify you of any material security incident affecting your data to the extent required by applicable law. Where required by GDPR, we will report qualifying personal data breaches to the relevant supervisory authority within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.
This Privacy Policy and any disputes arising out of or related to it shall be governed by and construed in accordance with the laws of the State of Israel, including the Privacy Protection Law 5741-1981 (as amended by the Privacy Protection (Data Security) Regulations 5777-2017) and its regulations, without regard to its conflict of law provisions. As a data controller based in Israel, the Developer complies with applicable Israeli privacy law obligations, including implementing appropriate data security measures as required by the Privacy Protection (Data Security) Regulations. Israeli residents may submit requests to access, correct, or delete their personal data held by the Developer by contacting support@shentsoft.com.
For users in other jurisdictions, additional local privacy laws may apply — including GDPR for EU/EEA/UK/Switzerland users, applicable US state privacy laws, and COPPA for users in the United States. Nothing in this clause is intended to waive any rights you have under those laws.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:
For material changes to this Privacy Policy, we will seek your affirmative consent via an in-app dialog before the changes take effect. We encourage you to review this Privacy Policy periodically. Your continued use of the App after non-material changes constitutes your acceptance of the updated policy.
The App may send you push notifications relating to your subscription status, scan results, App updates, and service announcements. You can opt out of non-essential push notifications at any time through your device's notification settings or within the App's settings menu. Disabling notifications will not affect your ability to use the App's core identification features.
We do not send unsolicited marketing communications without your prior consent. Any marketing or promotional communications will comply with applicable laws, including the CAN-SPAM Act (US) and the Privacy and Electronic Communications Regulations (UK/EU). You may withdraw your consent to receive marketing communications at any time by contacting us at support@shentsoft.com or through your device's notification settings.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
We will respond to privacy-related requests within 30 days. General inquiries will be responded to within 5 business days.