Privacy Policy for Giforia

Last updated: Mar 31, 2026

Giforia ("Giforia," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you use the Giforia mobile application and any related services (the "App").

Giforia is a media creation and editing app that allows users to import photos, Live Photos, videos, and similar content; edit or transform that content into GIFs or still images; save outputs locally; and share or export those outputs.

By using the App, you agree to the collection, use, and disclosure of information as described in this Privacy Policy.

1. Information We Collect

The information we collect depends on how you use the App and which permissions you grant.

A. Media You Choose to Provide

When you use Giforia, you may choose to provide or allow access to media stored on your device, including:

• photos
• Live Photos
• videos
• GIFs
• edited or exported outputs created using the App

We access media you intentionally select, or media made available to the App under permissions you grant through your device operating system.

B. Purchase and Subscription Information

If you make in-app purchases or subscribe to paid features, we and our service provider RevenueCat may process information related to your purchase or subscription status, such as product identifiers, entitlement status, transaction-related metadata, and app-user identifiers used to manage access to paid features. RevenueCat states that apps using its SDK must disclose collection of "Purchases" information in App Store privacy details.

C. Advertising and Device-Related Information

If the App displays advertising through Google AdMob, AdMob and its partners may collect or receive certain information for ad delivery, measurement, fraud prevention, frequency capping, and, where permitted, personalized or targeted advertising. Depending on platform, region, settings, and permissions, this may include device identifiers, IP address, approximate location derived from IP, app interactions, ad performance data, and similar identifiers or signals. Apple defines "tracking" as linking app data with third-party data for targeted advertising or advertising measurement, and Apple requires ATT permission where tracking occurs.

D. Analytics and Diagnostics Information

We use analytics and diagnostics tools, including PostHog, to understand app usage, measure feature adoption, improve performance, and debug issues. This may include event data, device and app version information, coarse technical metadata, and usage patterns. PostHog documents that anonymous events are captured by default in its mobile SDKs, while person-profile settings can affect whether events are associated with a user profile.

E. Crash and Error Reports

We may collect crash logs, error reports, and related diagnostic information to maintain, secure, and improve the App.

F. Information We Do Not Intend to Collect

Giforia is not designed to require users to create a traditional account or provide unnecessary personal details such as a home address, date of birth, or government-issued identification, unless those features are added in a future version.

2. How We Use Information

We use information to:

• provide, operate, and maintain the App
• enable media import, editing, GIF generation, still-frame extraction, subject extraction, export, sharing, and local saving features
• process and manage purchases, subscriptions, and entitlements
• serve advertising, including personalized advertising where allowed by law and by your choices
• measure ad performance and app performance
• understand usage of features and improve product quality
• detect bugs, security incidents, abuse, and fraud
• comply with legal obligations and enforce our terms

3. Advertising, Tracking, and Consent

Giforia uses Google AdMob and may display advertising, including targeted or personalized advertising where permitted. Google provides Privacy & Messaging tools and the User Messaging Platform (UMP) SDK to support consent collection for GDPR and U.S. state privacy laws.

Where required by applicable law, we will request your consent before using personal data for personalized advertising or related tracking. Depending on your region, you may also have the right to opt out of certain targeted advertising or the sale/sharing of personal information as defined by applicable law. Google notes that U.S. state privacy messaging and related controls remain the publisher's responsibility to configure correctly.

On Apple platforms, if the App engages in tracking as defined by Apple, we will request permission through Apple's App Tracking Transparency framework before accessing the Identifier for Advertisers (IDFA) or engaging in tracking. If you do not grant permission, personalized advertising and certain measurement features may be limited or unavailable.

We may also use privacy-preserving attribution technologies such as SKAdNetwork or similar Apple attribution frameworks to measure campaign performance without relying on device-level tracking.

4. Analytics

Giforia uses PostHog for product analytics and app improvement. We use analytics to understand which features are used, how the App performs, and where users encounter errors or friction.

Depending on our configuration, analytics data may be processed in the region where your data is hosted. PostHog states that for robust GDPR compliance, PostHog Cloud EU is available with hosting in Frankfurt, and PostHog offers DPA support for customers.

We configure analytics with the goal of minimizing personal data where reasonably possible. However, analytics data may still constitute personal data under applicable law if it can be linked to a user or device.

5. In-App Purchases and Subscriptions

Giforia uses RevenueCat to help manage in-app purchases, subscriptions, and entitlement status. RevenueCat may process purchase-related information, app user identifiers, and technical metadata required to validate transactions and manage access to paid features. RevenueCat states that, for GDPR purposes, it may act as a processor in relation to end-user personal data provided by app developers, and it provides a Data Processing Addendum.

Apple and Google may also process transaction data directly when you purchase through their app stores, subject to their own privacy practices.

6. Local Storage and On-Device Content

Giforia may store created GIFs, exported images, and related outputs locally on your device. Locally stored content generally remains available until you delete it or uninstall the App.

Some media processing may occur on-device, while other processing, analytics, advertising, purchase validation, or service-related events may involve third-party SDKs or remote services as described in this Privacy Policy.

If you export or share content from the App to another app, platform, or service, that content becomes subject to the privacy practices of those third parties.

7. Legal Bases for Processing

Where required by applicable law, we rely on one or more of the following legal bases to process personal data:

• your consent
• performance of a contract with you
• compliance with legal obligations
• our legitimate interests, such as operating, securing, improving, and monetizing the App, provided those interests are not overridden by your rights

Where processing relies on consent, you may withdraw that consent at any time through available settings or choices, subject to the limits of the relevant platform and applicable law.

8. How We Share Information

We do not sell your personal information for money.

We may disclose or make information available in the following circumstances:

A. Service Providers and Processors

We may share information with vendors and service providers that help us operate the App, including:

• Google AdMob for advertising, ad delivery, and measurement
• PostHog for analytics and product improvement
• RevenueCat for purchases, subscriptions, and entitlement management
• infrastructure, hosting, security, and support providers where applicable

B. Legal and Safety Reasons

We may disclose information if required by law or where reasonably necessary to:

• comply with legal obligations
• respond to lawful requests by authorities
• protect our rights, users, or the public
• investigate fraud, abuse, or security incidents

C. Business Transfers

If Giforia is involved in a merger, acquisition, financing, restructuring, or sale of assets, information may be transferred as part of that transaction, subject to applicable law.

9. International Data Transfers

Your information may be processed in countries other than the country where you live. Where required by law, we take steps intended to provide appropriate safeguards for international transfers.

Because your third-party providers may host or process data in different regions, your data may be transferred internationally depending on the provider configuration you choose. PostHog specifically notes EU hosting availability for Cloud EU, and both PostHog and RevenueCat provide DPA-related materials.

10. Data Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

• provide the App and its features
• manage subscriptions and entitlements
• support advertising and analytics operations
• maintain security and prevent abuse
• comply with legal obligations
• resolve disputes and enforce agreements

Locally stored media remains on your device until you delete it or uninstall the App. Third-party providers may retain data according to their own retention settings and legal obligations.

11. Your Rights and Choices

Depending on your location, you may have rights regarding your personal data, including the right to:

• access personal data
• request correction of inaccurate data
• request deletion
• withdraw consent
• object to or restrict certain processing
• opt out of targeted advertising or certain sale/sharing activities as defined by law
• appeal certain privacy decisions, where applicable

You may also have device-level controls, including:

• ad tracking permissions on Apple devices
• ad personalization settings
• system permission controls for photos, notifications, and tracking

If you want to exercise privacy rights, contact us using the details below. We may need to verify your request and may direct certain requests to relevant service providers where appropriate.

12. Children's Privacy

Giforia is not directed to children under the age of 13, or a higher minimum age where required by applicable law, and we do not knowingly collect personal data from children without appropriate authorization.

If you believe a child has provided personal data unlawfully, contact us and we will take appropriate steps.

13. Security

We take reasonable administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, misuse, alteration, or disclosure. However, no method of storage or transmission is completely secure, and we cannot guarantee absolute security.

You are responsible for protecting access to your device and any accounts or app-store credentials you use with the App.

14. Region-Specific Disclosures

Where required by applicable law, we provide additional notices and choices for users in certain jurisdictions, including the EEA, UK, Switzerland, California, and other U.S. states with applicable privacy laws.

For example:

• we may request consent for personalized ads where required
• we may honor opt-out rights relating to targeted advertising or sale/sharing where required
• we may provide data access, deletion, and correction rights where required

Because privacy laws differ by jurisdiction and change over time, these rights may vary depending on your location and the nature of our processing.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date above and may provide additional notice where required by law.

Your continued use of the App after an updated Privacy Policy becomes effective means you acknowledge the revised policy, to the extent permitted by law.

16. Contact Us

If you have questions or privacy requests, contact us at:

Email: monolith.glitch@gmail.com

Business name: Monolith Glitch ABN 25 124 113 942