Privacy Policy

Tokut ("we," "our," or "the App") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect information when you use our photo and media management application. The App is designed to operate without requiring user registration or account creation. Your use of the App indicates your acceptance of this Privacy Policy.

We comply with applicable United States privacy laws, including the California Consumer Privacy Act (CCPA) and other state and federal regulations. This policy applies to all users of the Tokut application regardless of location, though certain provisions may vary based on jurisdictional requirements.

Tokut prioritizes local data storage. The majority of your information never leaves your device. We collect and process the following categories of information:

• Photos and Videos: Media files you add to the App are stored locally on your device. We do not upload, transmit, or store your photos or videos on our servers. Processing occurs entirely on-device.
• App Preferences: Settings such as virtual currency balance, feature usage preferences, and encryption preferences are stored locally using device storage mechanisms.
• Purchase Information: When you make in-app purchases, the transaction is processed by Apple or Google. We receive only anonymized transaction confirmations necessary to deliver purchased virtual currency. We do not store payment card details.
• Device Information: We may collect device type, operating system version, and app version for compatibility and crash reporting purposes. This data is limited and non-identifying.

The App requests certain permissions to provide core functionality. Each permission serves a specific purpose:

• Photo Library Access: Required to display, organize, process, and export your photos and videos. We access only the media you select or that exists in your library. You may revoke this permission in your device settings at any time.
• Camera Access: Optional; used when you choose to add new photos or videos directly through the App.
• App Tracking Transparency (iOS): On iOS, we may request permission to track your activity across apps and websites. This is optional and used only if we implement advertising or analytics. You may decline without affecting core App functionality.

We use the information we collect solely to operate and improve the App:

• To display, organize, and manage your photos and videos within the App
• To perform duplicate detection, batch processing, and export operations locally on your device
• To deliver in-app purchase benefits when you buy virtual currency
• To maintain encryption and privacy protection features you enable
• To diagnose and fix technical issues and improve app performance

We do not sell your personal information. We do not share your photos, videos, or personal data with third parties for marketing or advertising purposes.

All media and app data are stored on your device. We employ industry-standard security measures for data we handle:

• Local Encryption: When you enable privacy protection, we use device-native encryption (AES) to protect hidden albums and sensitive data. Encryption keys are derived from your passphrase and never transmitted.
• Biometric Lock: Optional fingerprint or face recognition provides an additional layer of access control. Biometric data is processed by your device's secure enclave and is never shared with us.
• No Cloud Sync: The App does not sync your data to cloud servers. Uninstalling the App removes locally stored app data. Your original media in the device photo library is unaffected.

We use a limited set of third-party services essential for App operation:

• Apple App Store / Google Play: For distributing the App and processing in-app purchases. Their privacy policies govern transaction data.
• Platform APIs: We use system APIs for photo library access, file management, and permissions. These do not transmit your content to external servers.

We do not integrate advertising networks, analytics SDKs that track behavior across apps, or social sharing services unless explicitly disclosed in an App update. Any future integration would be disclosed in an updated Privacy Policy.

Depending on your residence, you may have the following rights:

• Access: Request information about what personal data we hold. Given our minimal collection, most data resides on your device under your control.
• Deletion: Request deletion of any personal data we retain. Uninstalling the App removes local app data.
• Non-Discrimination: We do not discriminate against users who exercise their privacy rights.
• Do Not Sell: We do not sell personal information. California residents: we have not sold personal information in the past 12 months.

To exercise these rights, contact us using the information below. We will respond within the timeframe required by applicable law (e.g., 45 days under CCPA).

We retain only the minimum data necessary to operate the App. Local app data (preferences, virtual currency balance, album metadata) persists until you uninstall the App or clear app data. We do not retain copies of your media. Purchase records are held by Apple or Google per their respective retention policies.

The App is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us. We will delete such information promptly.

We may update this Privacy Policy from time to time. Material changes will be reflected by an updated "Effective Date" at the top. We encourage you to review this policy periodically. Continued use of the App after changes constitutes acceptance of the updated policy.