Privacy Policy

    Reveria Privacy Policy

    Last updated: 2026-03-02

    Back to Home

    1. Information We Process

    • Account identifiers: email and OAuth identifiers
    • Profile data: name (nickname), date of birth, gender, optional birth time
    • Generation inputs: text and optional photo submitted for past-life generation
    • Automatic data: usage history, diagnostics, device/app information
    • Billing/subscription data: subscription status, entitlement state, billing outcomes
    • Generated output data: past-life outputs and related metadata

    2. Purposes and Legal Bases

    • Account authentication and service delivery
    • Past-life generation output delivery and record management
    • Service reliability/security operations, quality improvements, abuse prevention
    • Billing processing and subscription entitlement checks
    • Support, policy notices, and legal compliance
    • Legal bases may include contract performance, legitimate interests, legal obligations, and consent where required.

    3. Processors and International Processing

    Due to infrastructure architecture, personal data may be processed outside your country.

    • Supabase: authentication, data storage, session handling
    • Vercel: API execution and hosting
    • Google Gemini API: past-life generation processing
    • RevenueCat: subscription and entitlement management
    • Apple App Store / Google Play: billing, refunds, cancellations
    • OAuth providers: social login authentication

    4. Original Photo Handling

    • Original photos are used transiently for past-life generation processing.
    • Original photos are not used for biometric identification.
    • Photo retention is handled within the scope disclosed by service policy and technical operation status.

    5. Retention and Deletion

    • Personal data is retained only as long as needed for stated purposes or legal obligations.
    • Upon account deletion, related data is logically deleted under policy; backup copies may be removed on system cycles.
    • Records needed for billing, disputes, or legal obligations may be retained for statutory periods.

    6. Your Rights

    • Request access, correction, deletion, or restriction of processing
    • Withdraw consent where processing relies on consent
    • Submit privacy inquiries or objections
    • To request account deletion, send a deletion request email to torymakerapp@gmail.com.

    7. Security Measures

    We apply reasonable safeguards such as HTTPS encryption, access controls, role separation, and data minimization.