Privacy Policy

We collect the following categories of information: (a) Account Information. When you create an account we collect your email address and display name. If you sign in via Apple Sign-In or other third-party identity providers, we receive an opaque user identifier and, where you consent, your name and email. (b) User Content. Videos and images you upload for analysis. These files are transmitted over encrypted connections (TLS) and processed on our servers solely for the purpose of providing the Service. (c) Usage Data. Information about how you interact with the App, including analysis history, feature usage, timestamps, session duration, and crash/diagnostic logs. (d) Device Information. Device model, operating system version, unique device identifiers (e.g., IDFV), language setting, and time zone. (e) Purchase Information. If you subscribe to a paid plan, Apple processes and stores all payment data. We receive only a transaction confirmation and subscription status; we never receive or store your credit card or payment instrument details. (f) Push Notification Tokens. If you opt in to push notifications, Apple's Push Notification service provides us with an anonymous device token.

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases: - Contract performance — to provide the Service you requested (Art. 6(1)(b) GDPR). - Legitimate interests — analytics, fraud prevention, and service improvement, balanced against your rights (Art. 6(1)(f)). - Consent — where required, for example for push notifications or optional analytics (Art. 6(1)(a)). You may withdraw consent at any time. - Legal obligation — where we must comply with applicable law (Art. 6(1)(c)).

We use the information we collect to: - Provide, operate, and maintain the Service, including generating AI-based virality predictions and content recommendations. - Process and analyze your uploaded videos using automated AI/ML pipelines (speech-to-text, image recognition, trend analysis). Decisions produced by these systems are informational only and do not have legal or similarly significant effects on you. - Manage your account, authenticate sessions, and process subscription entitlements. - Send transactional communications (analysis results, account alerts) and, with your consent, promotional messages. - Monitor and analyze usage trends, diagnose technical issues, and improve the App. - Detect, prevent, and address fraud, abuse, and security incidents. - Comply with legal obligations, enforce our Terms of Service, and protect our rights.

We do not sell, rent, or trade your personal data. We may share information in the following limited circumstances: (a) Service Providers. We use third-party processors that operate under written data-processing agreements: cloud infrastructure providers (servers, storage), AI/ML model providers (for video analysis), analytics services, and email delivery services. (b) Legal Requirements. We may disclose information when required by law, subpoena, court order, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others. (c) Business Transfers. In connection with a merger, acquisition, or sale of all or a portion of our assets, your data may be transferred as part of the transaction. We will notify you of any change in ownership or control. (d) Aggregated/Anonymized Data. We may share aggregated or de-identified data that cannot reasonably be used to identify you.

- Uploaded Videos: temporarily stored during analysis processing and automatically deleted from our servers within 48 hours of analysis completion. - Analysis Reports: retained in your account for as long as your account is active. - Account Data: retained until you delete your account or request erasure. - Server Logs: retained for up to 90 days for security and debugging purposes, then deleted or anonymized. When you delete your account, we erase or anonymize your personal data within 30 days, except where retention is required by law.

We implement industry-standard technical and organizational measures, including: encryption in transit (TLS 1.2+) and at rest (AES-256), access controls and least-privilege principles, regular security audits and vulnerability assessments, and incident response procedures. Despite these measures, no system is 100% secure. We cannot guarantee absolute security and disclaim liability for unauthorized access resulting from circumstances beyond our reasonable control.

Our servers are located in the European Union. If you access the Service from outside the EU, your information may be transferred to, stored, and processed in the EU. For transfers out of the EEA/UK we rely on Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms.

The Service is not directed to children under 13 (or under 16 in the EEA/UK where required). We do not knowingly collect personal information from children. If we learn that we have collected data from a child below the applicable age, we will promptly delete such information. If you believe a child has provided us with personal data, please contact us at privacy@beviralapp.com.

Depending on your jurisdiction, you may have the following rights: (a) EEA/UK (GDPR). Right of access, rectification, erasure ("right to be forgotten"), restriction of processing, data portability, objection, and the right not to be subject to solely automated decision-making. (b) California (CCPA/CPRA). Right to know what personal information is collected, the right to delete, the right to opt out of the sale or sharing of personal information (we do not sell your data), and the right to non-discrimination. (c) Brazil (LGPD). Similar rights to access, correction, anonymization, portability, deletion, and information about shared data. To exercise any of these rights, contact us at privacy@beviralapp.com. We will respond within the time frame required by applicable law (typically 30 days). We may ask you to verify your identity before processing your request.

Our website (beviralapp.com) uses only essential cookies necessary for the site to function (e.g., language preference). We do not use advertising cookies or third-party tracking pixels on our website.

The App or website may contain links to third-party websites or services (e.g., social media platforms). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the App and updating the "Effective date" above. If a change materially affects your rights, we will also send you a notification via the App or email. Your continued use of the Service after the effective date constitutes acceptance of the revised policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: BeViral Email: privacy@beviralapp.com For EEA/UK users: you also have the right to lodge a complaint with your local data protection supervisory authority.