Klipo / Legal
Klipo Privacy Policy
1. About this policy
This Privacy Policy explains how Furkan Tosun ("Furkan Tosun," "I," "me," or "my") handles information when you use the Klipo iOS application and related services (together, the "Service"). Klipo lets you create AI-generated images and videos from photos that you choose or capture.
Klipo automatically creates an anonymous guest account so it can protect your media, generation history, credits, and subscription state. You do not need to provide an email address, phone number, or social-media login to use Klipo. Although the account is anonymous in the everyday sense, its random account and device identifiers can still link records to the same user or device and are treated as personal data where applicable.
2. Information Klipo handles
Photos, videos, and other user content
- Photos you specifically select from your photo library or capture with the camera for a generation.
- Temporary processing files, intermediate AI-generation artifacts, and videos generated for you.
- Optional report categories and notes that you submit about a generated result.
Klipo does not automatically upload your entire photo library. It receives only the photo or video that you choose for a feature that requires it.
Your photos may show faces or other sensitive information. Klipo does not use them to identify people, create a face-recognition profile, or create a biometric identity template. If you upload a photo of another person, you are responsible for having the permission required to use and process that photo.
Anonymous account and device identifiers
- A Supabase anonymous account ID used to authenticate requests and enforce ownership.
- A random UUID stored in the iOS Keychain and used for account continuity and as the Adapty customer/app-account identifier.
- A pseudonymous PostHog identifier used for first-party diagnostics and, where configured, product analytics.
- An Apple Push Notification service (APNs) device token if you allow notifications, used to notify you that a generation is ready or has failed.
Purchases, subscriptions, and credits
Apple and Adapty process in-app subscription purchases. Klipo receives product, transaction, entitlement, billing-period, and subscription-status information and maintains a credit ledger. Klipo does not receive your full payment-card or bank-account details from Apple.
Usage and diagnostics
Klipo stores operational information needed to provide the Service, such as the selected template, generation status, timestamps, credit use, subscription state, and Library history. PostHog may receive pseudonymous error and crash diagnostics, including a bounded error fingerprint, error code, affected component, app/device technical properties, and stack information where available. Session replay and automatic app-lifecycle capture are disabled.
Network information
When Klipo communicates with a service provider, that provider may receive network information such as an IP address, request metadata, and approximate region as part of delivering and securing its service. Klipo's application tables are not designed to store IP addresses. Provider logging and retention are governed by the applicable provider's privacy notice and service configuration.
3. How Klipo uses information
- Create, authenticate, and protect your anonymous Klipo account.
- Process the selected media and deliver the requested AI-generated result.
- Store and display your generation history, credits, subscription state, and reports.
- Send optional push notifications about generation status.
- Process purchases, restore entitlements, prevent abuse, and protect the Service.
- Troubleshoot errors, maintain reliability, and improve Klipo through first-party analytics where enabled.
- Comply with applicable law, enforce our terms, and respond to valid legal requests.
4. AI processing and consent
Before the first AI generation, Klipo asks for permission to send the selected photo to its AI processing service. If you decline, you can continue browsing Klipo but cannot start that generation. You can revoke AI data consent in Settings; revocation blocks new AI generations but does not by itself delete existing videos.
The selected input photo and generation inputs are sent to fal.ai to produce the requested output. Klipo does not use your uploaded content to train Klipo-owned AI models or for advertising. fal.ai and any model providers or subprocessors involved in the selected pipeline may process the content under their own terms and privacy notice.
5. Service providers and sharing
Klipo shares information only with providers needed to operate the Service, complete a user-requested generation, process a purchase, deliver a notification, or diagnose a technical problem. Klipo does not sell your personal data.
| Provider | Role |
|---|---|
| Supabase | Anonymous authentication, database, Edge Functions, Realtime, and private storage for account data, credits, jobs, reports, and media. |
| fal.ai | AI image/video generation. Receives the selected input media, generation instructions, intermediate inputs, and request identifiers needed to return the result. |
| Adapty | Paywalls, purchases, subscriptions, entitlements, and purchase restoration. Receives the random customer identifier and purchase-related information. |
| PostHog | First-party diagnostics and, where configured, product analytics. Receives pseudonymous identifiers and bounded diagnostic or interaction properties. |
| Apple | App Store/StoreKit purchases, APNs delivery, and user-directed saves to the iOS Photo Library. Klipo does not receive full payment-card details. |
These providers may use subprocessors or independently collect information when you use their services. Their own privacy notices apply to their independent processing. Where Klipo directs a provider to process Klipo data, the provider is expected to protect that data consistently with this policy and applicable law.
6. Tracking, advertising, and IDFA
Klipo does not use the Identifier for Advertisers (IDFA), does not sell personal data, and does not combine Klipo data with data from other companies' apps, websites, or offline properties for targeted advertising or advertising measurement. Klipo's analytics are first-party analytics and diagnostics, not cross-app tracking. Klipo does not request App Tracking Transparency permission for tracking.
7. Storage and retention
- Input photos in Klipo storage: the private Supabase input-photo copy is normally deleted at the end of the generation lifecycle and is subject to a maximum 24-hour cleanup window.
- Recent Faces: optional processed copies may be kept locally in iOS Application Support, excluded from iCloud backup, limited to five per photo type, manually deletable, and automatically purged after 30 days of age.
- Generated videos: Klipo's private result video is retained for up to 30 days unless you delete the job or account earlier. A video you explicitly save to the iOS Photo Library is controlled by you and is outside Klipo's storage.
- Account and operational records: profile, job, credit, subscription, report, and diagnostic records are retained while needed to provide, secure, troubleshoot, and reconcile the Service.
- Subscription audit records: normalized operational webhook audit records are retained for up to 90 days.
- Financial reconciliation: after account deletion, a limited, de-identified ledger record may be retained for up to 10 years where needed for financial reconciliation, fraud prevention, chargebacks, tax, accounting, or other legal obligations. It is detached from your active account and device identifiers.
- Deletion safeguards: a one-way suppression record may be retained for up to 400 days to prevent a deleted subscription identity from being recreated by a late provider callback. A completed deletion receipt hash may be retained on the server for up to 30 days.
- PostHog analytics: historical analytics and diagnostic events are not deleted solely because you delete your Klipo account. Klipo removes the PostHog person-profile properties, applies a generic anonymous display name, deletes its own mappings to the former random identifier, and never links that identifier to a fresh account. The retained history remains subject to Klipo's PostHog project-retention settings.
fal.ai, Supabase, Adapty, PostHog, Apple, and their subprocessors may have separate backup, security-log, and service-retention periods. Those periods are governed by their applicable terms and privacy notices.
8. On-device information and permissions
Klipo uses the iOS Keychain/Secure Store for the anonymous device identifier, session material, and deletion receipt. It uses local files and MMKV for consent, onboarding, feed/Library snapshots, pending generation state, and bounded media caches. Camera and Photo Library access is used only when you choose a photo, capture a photo, or save a generated video. Notifications are optional and can be disabled in iOS Settings.
Uninstalling Klipo does not necessarily delete your server-side account or media. Use Settings → Delete Account to request account-wide deletion.
9. Account and data deletion
Because Klipo automatically creates an anonymous guest account, you can initiate deletion directly in the app. Go to Settings → Delete Account and complete the confirmation steps. You do not need to email support to start the deletion.
Once accepted, the request immediately blocks new generation, credit, job, and private-media activity. Klipo processes the asynchronous deletion within 30 days of acceptance and shows the status in the app.
Deletion removes Klipo-controlled photos and videos, jobs, reports, APNs registration, profile data, local files and caches, the former Keychain identifier, and the Adapty profile. In PostHog, Klipo retains historical analytics while removing all person-profile properties, applying a generic anonymous name, and destroying Klipo-side mappings to the former random identifier. The identifier is not reused for a fresh account. The old anonymous account is deleted after the cleanup stages complete. A separate opaque receipt lets the app show only pending, completed, or failed status after a restart; the server stores only a hash of that receipt.
The minimum de-identified financial records described in Section 7 may remain for the stated retention period. A copy saved to the iOS Photo Library remains under your control and must be deleted by you from the Photo Library if desired.
Deleting Klipo data does not cancel an Apple auto-renewable subscription. If you have an active or trial subscription, Klipo provides a Manage Subscription option, or you can manage it at Apple's subscription page. You may still delete your Klipo account immediately.
10. Your choices and privacy rights
Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or receive a copy of personal data, and to appeal a decision about a privacy request. You can:
- Delete individual Recent Faces or eligible generated jobs in Klipo.
- Revoke AI data consent in Settings.
- Disable notifications or media permissions in iOS Settings.
- Initiate permanent account-wide deletion in Settings.
- Contact support@tulparfoundry.com with a privacy question or request.
Because Klipo uses an anonymous account, I may ask for the account or device identifier shown in Settings to locate an active account. After deletion is accepted, status checks use only the opaque deletion receipt.
11. Security
Klipo uses HTTPS/TLS in transit, iOS Keychain/Secure Store for sensitive local session material, private storage buckets, authenticated access controls, row-level security, and bounded local retention. No method of transmission or storage is completely secure. If you believe your information has been misused or your account is compromised, contact support@tulparfoundry.com.
12. International processing
Klipo and its service providers may process information in countries other than the country where you live. Where required, transfers are made using safeguards recognized by applicable data-protection law. You can contact me for more information about the safeguards applicable to your request.
13. Children
Klipo is not directed to children under 13, and I do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to Klipo, contact support@tulparfoundry.com.
14. Changes to this policy
I may update this policy when Klipo's features, providers, data practices, or legal obligations change. The effective date at the top of this page will be updated, and additional notice will be provided where required by law. App Store privacy disclosures will also be updated when the app's data practices change.
15. Contact and data controller
Data controller / operator: Furkan Tosun (independent developer)
Email: support@tulparfoundry.com