Last updated: April 8, 2026

Version: 1.1

This Privacy Policy explains how Trouveris processes personal data in compliance with the EU General Data Protection Regulation "GDPR", the Swiss Federal Act on Data Protection "FADP", and other applicable privacy laws.

Data Controller

For the purposes of applicable data protection laws, the Company, defined as [LEGAL ENTITY NAME], acts as the Data Controller for personal data processed through the Service once the legal entity is duly constituted and identified in these documents. Until then, contact details below remain valid for privacy requests.

1. Data Controller and contact

Designated contact for privacy inquiries: privacy@trouveris.com

For the exercise of rights under Section 18, you may use the same address and should identify your account email or user identifier.

2. Scope and roles

- For account, billing, authentication, subscription, and communications processed on Trouveris systems, the Company generally acts as Controller or determines purposes and means together with infrastructure providers as described below.

- For personal images and files that remain on your device and are processed locally by the application, you typically act as Controller of that content; the application operates on your instructions as a tool. This does not limit the Company's responsibilities for personal data that the Company itself processes on its servers e.g. account record, payment metadata.

3. Data processing principles

Lawfulness, fairness, and transparency

Purpose limitation

Data minimization

Accuracy

Storage limitation

Integrity and confidentiality

On-device processing for your library content whenever technically feasible

4. Categories of personal data

Depending on how you use the Service, we may process:

Identity and account data: email address, display name, user identifiers, authentication provider, session tokens as needed

- Security data: login timestamps, hashed IP addresses see below, failed-login indicators, device or client metadata necessary for fraud prevention

- Subscription and billing data: tier, status, Stripe customer or subscription identifiers, verification timestamps, grace-period flags processed via Stripe and our backend

Communication data: marketing preferences where collected, email opens/clicks if measured by our tools, support and contact form content

Technical logs: application and server logs as described in Section 12

- Local content: your photos and derived on-device data e.g. embeddings remain on your device unless you explicitly use a feature that uploads content not required by default for core library processing

We do not sell your personal data.

5. Personal images and on-device processing

Trouveris does not require uploading your personal image library to our servers for default indexing and search. If you choose to use features that involve uploading or syncing content, such processing will be described at the point of collection or in product notices.

6. Facial images and biometric data

Trouveris does not provide biometric identification or identity verification services. Face-related features e.g. grouping are assistive and probabilistic. You are responsible for lawful grounds and consent where required for images of identifiable persons.

7. Purposes and legal bases (summary)

Performance of a contract: providing the Service, authentication, subscription verification

- Legitimate interests: security, fraud prevention, service improvement, analytics in aggregated or pseudonymous form where appropriate, and enforcing our terms balanced against your rights

Consent: where required for marketing, optional cookies, or specific optional features

Legal obligation: tax, accounting, or regulatory retention where applicable

8. Retention (indicative)

- Account and subscription records: for the life of the account and thereafter as required for legal, tax, or dispute resolution purposes typically limited years after closure unless a longer period is mandatory

- Security logs including hashed IP: typically 30–90 days unless a longer retention is justified by security incidents or legal holds

Failed login counters: typically 24–48 hours or until successful login

Contact form and related server records: for the time needed to handle your request and for a limited backup period, unless a longer period applies by law

Marketing suppression lists: as long as needed to honor unsubscribe requests

Exact periods may be refined in internal policies; you may request details for your data.

9. Account activity and security

To ensure proper functioning of the Software and maintain account security, Trouveris collects and stores certain information related to your account activity.

9.1 Last login

We record the date and time of your last successful login including from the website where applicable for account management, security monitoring, and audit. Retention is tied to the active account unless a longer period is required by law.

9.2 Authentication provider

We store the authentication provider used e.g. Google where applicable. Passwords for third-party login are not stored by us.

9.3 Hashed IP

We may store a one-way hash of your IP address SHA-256, truncated for storage efficiency in line with other security logs to detect abuse and fraud. The hash is not used to identify you directly.

9.4 Failed login attempts

Temporary counters or records may be kept for fraud prevention and cleared after success or within a short window.

9.5 Legal basis

These items are processed under legitimate interests in security and service integrity, and where applicable to perform the contract.

10. Subscription and service metadata

We process limited metadata for subscription management tier, status, last verification, grace status. We do not upload your photo library, embeddings, semantic search queries, or similar content from your device for those purposes. Metadata is used for billing, entitlements, and continuity. We do not sell subscription metadata for third-party advertising.

11. Push notifications, email, and in-app messages

We may send operational messages security, receipts, verification and, where permitted, product, pricing, or marketing communications. You can disable push at the device level; marketing email will include unsubscribe where required. Essential transactional messages may continue.

12. System logs and activity records

We may retain logs relating to app and server operations timestamps, identifiers, action types for reliability, security, debugging, and compliance. Logs are minimized and are not used to reconstruct your photo contents beyond what is necessary for the logged event.

13. Website contact form and server-side records (PostgreSQL)

When you use the contact form on our website, we process the information you submit such as name, email, and message, and may associate your Firebase user ID if you are logged in. We also store a hashed representation of your connection IP same method as other security-related IP hashes—not the raw IP and user-agent string for abuse prevention and support. These records are stored in our PostgreSQL database and may be mirrored in aggregated logging systems.

We may also append entries to an activity log including hashed IP and user-agent for security and audit when you submit the form.

14. Processors and sub-processors

We use trusted infrastructure and service providers who process personal data on our instructions, including for example:

- Google Firebase / Google Cloud authentication, database, hosting-related services — see Google's data processing terms and privacy documentation

- Stripe payment processing

- Email delivery providers e.g. SMTP or transactional email services

Hosting and database providers for our website and APIs

A current list may be provided upon request; we will inform you of material changes to processors where required by law.

15. International transfers

Your data may be processed in Switzerland, the European Economic Area, the United Kingdom, the United States, and other countries where our providers operate. Where transfers occur to countries not subject to an adequacy decision, we rely on appropriate safeguards such as Standard Contractual Clauses SCCs or equivalent mechanisms offered by our providers, supplemented by technical and organizational measures.

16. Automated processing

Some features use automated or AI-assisted processing on-device or on our infrastructure as described in the Terms and EULA. No solely automated decision is intended to produce legal or similarly significant effects concerning you without human review where such review is required by law.

17. Security

We implement technical and organizational measures appropriate to the risk, including encryption in transit where applicable, access controls, and least-privilege access for personnel.

18. Your rights

Subject to applicable law, you may have the right to: access, rectification, erasure, restriction of processing, data portability, objection including to processing based on legitimate interests, and withdrawal of consent where processing is consent-based. You may exercise these rights by contacting privacy@trouveris.com. You may also lodge a complaint with a supervisory authority in your country or region.

19. Changes to this Policy

We may update this Policy. We will publish the new version with an updated date. Where a change is material and requires renewed consent or additional notice under applicable law, we will provide such notice or obtain consent as required. Continued use after non-material updates may be subject to the updated Policy as permitted by law.

20. Liability disclaimer (privacy)

You remain responsible for lawful processing of content you control on your devices. The Company is not liable for unlawful use of the Service by users, except as required by mandatory law.

Trouveris – Privacy Policy