This policy explains how your personal data is processed when you use Morphica. By using the app, you agree to the processing activities described in this policy.
1. Data Controller
The data controller of the Morphica app is the app developer.
Contact: omeer85@gmail.com
Web: https://komutbilisim.com
2. Categories of Processed Data
- Account data: Firebase user ID (UID), anonymous or Apple login information.
- Content data: Uploaded images, prompt texts, generation request logs, generated output URLs.
- Purchase/credit data: Product ID, transaction IDs, credit balance, refund/revocation records.
- Notification data: FCM token, device ID (identifierForVendor), language settings.
- Technical data: App error/log data and operational telemetry (limited analytics events).
3. Purposes of Data Processing
- To provide app functionalities (image/video generation, result delivery, notifications).
- To process credit balance, purchases, and refunds.
- To maintain account security, prevent abuse, and keep an audit trail.
- For customer support and error resolution.
- To measure app performance and purchase conversion (limited analytics).
4. Third-Party Services and Data Transfer
Morphica works with the following services:
- Google Firebase (Auth, Firestore, Cloud Functions, Cloud Messaging, Remote Config, Analytics)
- Fal.ai (image/video generation processing infrastructure)
- OpenAI (optional "magic prompt" enhancement)
- Apple (App Store payment and refund processes)
In this context, data may be transferred to servers abroad for the service to function.
5. Photo, Camera Permissions, and Face Data
The camera and photo permissions required for the app to function, and the face data processed in this context, are as follows:
- Collection and Use of Face Data: Images containing faces uploaded by users are collected solely for AI-based image/video generation processes. Our app does not train any AI models using your face data on its own; this process is carried out entirely through our third-party provider (Fal.ai) solely to generate the requested media. There is no other biometric verification, advertising, or profiling purpose.
- Sharing with Third Parties: Your face data is transmitted securely (via HTTPS) directly to Fal.ai (a third-party API provider) servers. Morphica does not store the face data you upload on its own servers, nor does it share them with any other parties. Fal.ai processes data on its servers in the United States and other countries.
- Retention Period: Your face data is retained by Fal.ai only for the duration necessary to complete the processing. Morphica does not permanently retain any face data after processing.
- Permission Management: Camera and photo library permissions are obtained with the user's explicit consent and can be managed at the iOS system level.
For detailed processing and international data transfer information, please review the Fal.ai Privacy Policy.
6. Payments and Refunds
- Purchases are processed through the Apple App Store.
- Credit adjustments may be made based on Apple refund/revocation notifications.
- Purchase and refund records may be retained for fraud prevention and accounting/dispute processes.
7. Retention Periods
- Local device data (saved prompts, small previews, certain generation logs): until deleted by the user or the app is uninstalled.
- Server-side operational records (work/purchase/refund): for the time necessary to provide service continuity, security, and comply with legal obligations.
Records may be kept longer if legally required.
8. Security
Data is protected via HTTPS/TLS during transmission. Access controls (authentication, Firestore rules, App Check, etc.) are implemented. However, 100% risk-free transmission over the internet cannot be guaranteed.
9. User Rights
Under applicable legislation, you may have rights such as access, correction, deletion, restriction of processing, and objection. You can submit your requests to the contact address.
10. Account Deletion
An account deletion feature is provided within the app. After account deletion, certain legal/audit records (e.g., payment-refund records) may be retained as required by law.
11. Children's Privacy
The app is not designed for children. Users under the appropriate age should not use the app without parental consent.
12. Policy Changes
This policy may be updated. The current version becomes effective on the date it is published within the app or on the website.