Privacy Policy

Effective Date: 2025-06-04
Last Updated: 2025-07-29

At CVOR, your privacy is foundational—not optional. Our mobile application (“CVOR” or “the App”) is designed to operate fully on your device, with no cloud processing, no persistent user identifiers, and no CVOR-hosted servers. This Privacy Policy explains what information we collect (and what we don’t), how we use it, and what rights you have.

CVOR (operated by CVOR Technologies Ltd, incorporated in England) is the data controller for purposes of data collected under this policy.

1. Data Collection and Use

1.1. User-Provided Content

CVOR does not require account creation or sign-up. Any content you create or input into the App is processed entirely on your device, with no transmission to CVOR or any third-party server. This includes:

File names, watermark labels, recipient names, or descriptors
PDFs, images, or other files processed through the App

Key Facts:

Your files remain your sole property
CVOR does not access, transmit, or store your documents
We do not collect personally identifiable information (PII) in any form

Important: Any data you enter or process in the App remains local unless explicitly shared by you using your device’s sharing tools. You acknowledge that any sharing action you take is voluntary, and CVOR will not be responsible for misuse once the file leaves your device.

1.2. Automatically Collected Information

We use limited third-party tools to maintain the App’s performance and stability. These include:

Firebase Crashlytics: anonymized crash reports & device type and OS version

These services may automatically collect:

Device type and operating system version
App session duration and navigation flows
Crash logs and performance metrics

These metrics are anonymized at source, and cannot be used to identify or track individual users.

We do not:

Collect or link telemetry to user files or identity
Use collected data for advertising or behavioural profiling
Sell, rent, or share data with marketing partners

2. Location Data

We do not collect or track real-time or precise location data.

3. Watermarking & Content Responsibility

You may choose to embed visible or invisible watermark data into documents. This may include:

Timestamp, recipient label, purpose, project name, or other free-text fields

Key Notes:

Watermarking is processed entirely on-device
CVOR does not access, transmit, or log this information
You are solely responsible for any content embedded or shared

🔒 Reminder: Do not include sensitive or personal data unless required for your intended use. CVOR is not responsible for any legal or regulatory implications of sharing watermarked documents that contain sensitive information.

4. Local Data & Retention

All user data is stored locally on your device
Uninstalling the App will delete all active app data from the device
App data may still exist in device-level backups (e.g., iCloud, Google Drive) created by your operating system
Restoration from such backups is managed entirely by your device and is outside CVOR’s control

If you contact us for support and provide PII (e.g., name or email), it is:

Used only to resolve your query
Deleted within 30 days of ticket closure
Not retained for profiling, marketing, or analytics

CVOR complies with GDPR and other data protection laws regarding data retention, processing, and deletion.

5. Children’s Privacy

CVOR is a general-purpose tool and is not specifically directed at children under 13 (or 16 in certain jurisdictions).

The App does not collect personal data from any users, including minors
We do not knowingly collect or process any information from children
If you believe a child has submitted personal data to us (e.g., via a support email), please contact us at support@cvor.io so we can promptly delete it

📌 CVOR is intended for use by individuals capable of understanding and managing digital files responsibly. Parental supervision is advised where applicable.

6. Security Practices

We take privacy and security seriously:

All processing occurs locally on your device
We do not upload, backup, or monitor your documents
We recommend using device-level encryption, biometric locks, and secure backups

CVOR is not liable for unauthorized access resulting from insecure devices, OS compromise, weak user passwords, or device vulnerabilities. While we implement industry-standard security practices, no system is 100% secure, and users are responsible for taking steps to ensure the security of their device and data.

7. Third-Party Services

We use third-party services solely for performance and crash diagnostics. These providers may process limited anonymized data, such as crash logs and device metadata.

Firebase Crashlytics/Google Analytics for Firebase - Crash diagnostics - Anonymised error logs, Device type & OS
Google Play / Apple Services - Subscription & billing management - Purchase & OS-level metadata

Google Analytics for Firebase is configured with:

Data sharing and ad personalization disabled
No user identifiers or advertising IDs
IP anonymization enabled by default

We do not authorize these services to use your data for behavioural advertising or profiling.

These providers are subject to their own privacy policies and compliance obligations, including:

Standard Contractual Clauses (SCCs) under the GDPR
Data Privacy Framework (DPF), where applicable

⚠️ CVOR does not control how these services handle data beyond our limited use and configuration. We rely on their published compliance with applicable privacy laws and best practices.

You can find their policies below:

Open-Source Libraries

CVOR uses third-party open-source libraries in the App, which are governed by their respective open-source licenses. These libraries are integrated for the purpose of enhancing the functionality of the App.

By using the App, you agree to comply with the terms and conditions of these open-source licenses.
For inquiries, contact us on support@cvor.io.

8. User Rights (GDPR, CCPA, and similar)

Depending on your location, you may have legal rights under applicable privacy laws such as GDPR, CCPA, and others. These rights include:

Right to Access: Know what data is collected (if any)
Right to Deletion: Request erasure of any data held (typically applies only to support tickets)
Right to Correction / Objection
Right to Data Portability: (not applicable, since no PII or user accounts exist)

To exercise these rights, email support@cvor.io. We will:

Respond within 30 days
Fulfil the request where applicable
Document and report any deletion or access confirmation

You may also file complaints with your local Data Protection Authority (DPA).

9. Data Transfers and International Users

Some anonymized diagnostics data may be processed in countries like the United States (e.g., via Firebase). To comply with data protection laws:

We ensure all third-party processors use recognized transfer mechanisms (e.g., SCCs, DPF)
Providers are subject to legally enforceable data protection obligations
They are contractually prohibited from identifying or tracking individual users

If you're in a jurisdiction with data transfer restrictions, you may be subject to additional terms and protections as required by applicable laws.

10. Policy Updates

We may revise this Privacy Policy occasionally. Any material changes will be:

Communicated via in-app notification or our website
Reflected in the updated “Effective Date” above

Continued use of the App constitutes acceptance of the current policy version.

11. Contact Us

If you have any privacy-related questions, requests, or concerns, please reach out:

📧 Email: support@cvor.io

Legal Disclaimers

CVOR does not store or process user-generated files or content outside your device
You are solely responsible for the content you create, watermark, or share
Your use of the App constitutes agreement to this Privacy Policy and applicable data protection laws