Privacy Policy
Effective date: 4 May 2026 · Last updated: 4 May 2026
This Privacy Policy describes how the mobile application Scale for Grams ("the App", "we", "our") handles information when you use it. The App is published by Pixoo LLC (the "Company") and is available for iOS and Android. By installing or using the App, you agree to the practices described below.
1. Summary
- The App lets you take or pick a photo and uses an AI vision model to estimate the object's weight, dimensions, count, plant species, coin / currency, or color palette.
- We do not require an account, and we do not collect your name, email, address, location, contacts, or social media identifiers.
- The photo you submit is sent over HTTPS to our AI provider Replicate, which runs a Google Gemini 2.5 Flash vision model on it and returns a result. The photo is held by Replicate only as long as needed to process the request.
- Subscriptions and in-app purchases are handled by RevenueCat (in turn by Apple App Store / Google Play). We never see your card details.
- Your scan history, app settings, and premium status are stored only on your device. We do not sync them to a server.
2. What permissions the App requests, and why
| Permission | Why the App needs it |
|---|---|
android.permission.CAMERAiOS: NSCameraUsageDescription |
So you can take a photo of the object you want to scan. The App opens the camera only when you tap a capture button. The App does not record video, run the camera in the background, or stream the camera feed. |
READ_EXTERNAL_STORAGE / Photo LibraryiOS: NSPhotoLibraryUsageDescription |
So you can pick an existing photo from your library instead of taking a new one. The App reads only the photo you explicitly select; it does not scan or index your library. |
| Internet | To send the photo to our AI provider for processing and to receive the result. Also used by the in-app subscription system. |
The App does not request location, microphone (except as auto-declared by the system camera framework — we do not use it), contacts, calendar, Bluetooth, NFC, SMS, call logs, accessibility services, or any other sensitive permission.
3. What information is processed
3.1 Photos and AI results
When you tap "Scan", the photo you took or selected is uploaded over HTTPS (TLS) to our AI provider, Replicate, Inc. (replicate.com/privacy), which forwards the image to Google's Gemini 2.5 Flash vision model. The model returns a structured JSON description (e.g. estimated weight range, dimensions, color palette). The JSON is shown to you and stored locally in your scan history on your device.
We do not view, retain, or analyze your photos on our own servers — we do not operate a backend that stores user images. Replicate may retain the uploaded image temporarily for the duration of the prediction and short-term operational purposes (caching, abuse prevention) and may share the image with Google as a sub-processor for the Gemini model. Please review their respective policies: Replicate Privacy, Google Privacy.
Please do not photograph people, sensitive documents, or any content you would not want sent to a third-party AI provider.
3.2 Subscription / purchase data
In-app subscriptions and one-time purchases are handled by RevenueCat, Inc. (revenuecat.com/privacy), which in turn relies on Apple App Store (iOS) or Google Play Billing (Android). RevenueCat receives an anonymous app-user ID, the products you bought, transaction receipts, and basic device/platform information so it can verify and restore purchases. Payment card details are handled exclusively by Apple or Google — neither we nor RevenueCat ever see them.
3.3 On-device data
The following data is created by the App and kept only on your device in standard system stores
(AsyncStorage and SecureStore):
- Your scan history (the photos you scanned and the AI's responses), capped at a small number of recent items.
- App settings (units, selected scan mode, calibration preference).
- An anonymous on-device identifier used for free-tier daily rate limiting. This identifier never leaves the device.
- Whether your premium subscription is currently active (a flag mirrored from RevenueCat).
Uninstalling the App, or clearing its app data from system settings, removes all of this on-device data.
3.4 What we do NOT collect
- We do not run any analytics, telemetry, or crash reporting beyond what the iOS / Android operating system itself provides.
- We do not collect your name, email address, phone number, precise or approximate location, or contacts.
- We do not show ads, and we do not use advertising identifiers (IDFA / AAID).
- We do not sell or rent any data, and we do not share data with data brokers.
4. Legal basis (GDPR / UK GDPR users)
Where the GDPR or UK GDPR applies, we process the limited information described above on the following bases:
- Performance of a contract — to process the scan you requested and to deliver paid subscription features you purchased.
- Legitimate interests — to operate, debug, and protect the App from abuse (e.g. enforcing free-tier rate limits).
- Consent — where required for camera or photo library access; you grant consent through the OS permission prompt and can revoke it at any time in system Settings.
5. Your rights
Because the App stores history and settings on your device and does not maintain a user account on our servers, most data-rights requests can be honored directly by you:
- Access / portability: your scan history is visible in the History tab in the App.
- Deletion: clear history in the App, revoke camera / photo permissions in system Settings, or uninstall the App.
- Permission control: iOS Settings → Scale for Grams; Android Settings → Apps → Scale for Grams → Permissions.
For data held by our processors (Replicate, Google, RevenueCat, Apple, Google Play), please use the controls described in their respective privacy policies linked above. You can also contact us at the address below and we will assist where we can.
6. Children
The App is not directed to children under 13 (or under 16 where applicable) and we do not knowingly collect data from children. If you believe a child has used the App and you would like the data deleted, contact us at the address below.
7. Security
All network requests use HTTPS (TLS). Subscription receipts are validated through Apple, Google, and RevenueCat. On-device storage uses standard system stores. No method of transmission or storage is 100% secure, but we work with reputable providers and use platform-level security primitives.
8. Data retention
We do not run a backend that retains your data. Data held by our processors is retained according to their own retention schedules (linked above). Data on your device is retained until you delete it or uninstall the App.
9. International transfers
Our processors operate globally; your photo and request metadata may be processed on servers outside your country of residence (typically in the United States). Where required, our processors rely on Standard Contractual Clauses or equivalent safeguards.
10. Changes to this policy
We may update this policy from time to time. We will update the "Last updated" date at the top of this page. Material changes will be reflected in the App's in-app Privacy Policy screen as well.