← SGfoto

Privacy Policy

This Privacy Policy explains how the SGfoto mobile application (the “App”) handles your personal data. The App is published by SGfoto (“we”, “us”, or “our”) and complies with the Singapore Personal Data Protection Act 2012 (PDPA).

1. What we collect

• Photos you choose or capture. When you generate an ID photo, the App accesses the specific photo you select from your library or the photo you take with the in-app camera. The App does NOT scan or upload any other photos.
• On-device face detection results. The App runs Apple’s Vision framework (or CIDetector on simulators) locally on your device to check that exactly one face is present in the photo you selected. These detection results are computed and used only on your device.
• Generation history. Each generated ID photo, along with its source photo, document type, country, and timestamp, is stored locally on your device using Apple SwiftData. This history is visible in the “History” tab and never leaves your device unless you explicitly share or save a file.
• Purchase status. When you buy a credit pack, Apple’s StoreKit handles the transaction. We receive a verification receipt from Apple but no card details. SGfoto sells one-time credit packs only — there is no subscription.
• Sign-in identifier. If you use Sign in with Apple, we receive the stable, app-specific identifier Apple provides (not your name or email unless you choose to share it) to keep track of your credit balance on our backend.

2. How we use your data — and your consent to AI processing

• Photo generation. To create your ID photo, the photo you select (which contains your face) and the prompt we build from the document specification are sent off your device: through our own backend and relay service to OpenAI’s image-generation model (“gpt-image”), which generates the photo, and to our own compositing server, which aligns your real face onto the result. Before your first generation, the App asks for your explicit consent to send your photo to OpenAI for this purpose. You can decline, but then the App cannot generate a photo. The generated result is returned to your device.
• We do not actively use or keep your face. We do not store your photos on any server we operate, and we do not use your face for any purpose other than generating the photo you asked for. Our compositing server processes your photo in memory only and does not save it. The photo is processed by OpenAI under its API terms, which by default do not use API inputs to train its models.
• Local storage. Every photo you capture and every photo we generate is stored only on your own device (using Apple SwiftData), visible in the “History” tab. It never leaves your device except (a) the transient generation request described above, or (b) when you yourself choose to share or save a file.
• Service operation. Your credit / purchase status is checked against Apple’s servers and our backend to determine your usage allowance.

3. Data we do NOT collect

• We do not collect your name, email address, phone number, or location, beyond the app-specific identifier Apple provides for sign-in and the receipt Apple provides for purchase verification.
• We do not embed third-party analytics SDKs, advertising SDKs, or social-media SDKs.
• We do not access your contacts, calendars, or any photos other than the one you specifically pick or capture for each generation.

4. Third-party processors

• OpenAI — its “gpt-image” model receives your photo and prompt to generate the ID-photo image. OpenAI processes API inputs under its API data-usage policy and, by default, does not use them to train its models. OpenAI’s privacy policy: openai.com/policies/privacy-policy.
• Our relay and compositing services — operated by us; they pass your photo to OpenAI and composite your real face onto the result, in memory, without storing it.
• Apple — handles Sign in with Apple and in-app purchase verification, and provides on-device frameworks (Vision, CIDetector, SwiftData, StoreKit).

5. International transfers

Your photo is transmitted to OpenAI’s servers (located in the United States) and to our compositing server, which may be located outside Singapore, solely to generate your photo. We take steps so these transfers meet the PDPA’s cross-border requirements, including relying on OpenAI’s API terms and its contractual data-protection commitments.

6. Retention

• Generated and captured photos are stored on your device until you delete them. You can delete any photo from the History tab, or delete your whole account from Settings.
• Your photo is sent to OpenAI and our compositing server only for the duration of the generation request; we do not retain it on any server we operate.
• Your credit-balance record on our backend is deleted when you delete your account in the App.
• OpenAI retains and deletes API inputs in accordance with its own API data policy.

7. Your rights under PDPA

You have the right to:

• Access the personal data we hold about you.
• Correct any inaccurate personal data.
• Withdraw consent to processing (note: this will prevent further photo generation).
• Request that we cease using your data, and delete your account and its server-side record from within the App (Settings → Delete account).

To exercise any of these rights, contact us at the email below.

8. Security

• All network traffic between the App and our backend, and between our backend and the AI generation service, uses HTTPS / TLS encryption.
• Photos stored in the History tab are kept inside your app’s sandbox, protected by iOS file-system encryption.
• Your sign-in session token is stored in the iOS Keychain.

9. Children

The App is intended for users aged 13 and above. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has used the App, please contact us so we can delete the relevant data.

10. Changes to this policy

We may update this Privacy Policy from time to time. The “Effective date” at the top reflects the latest version. Material changes will be announced in the App’s release notes.

11. Contact

You may also lodge a complaint with the Personal Data Protection Commission of Singapore at pdpc.gov.sg.