Privacy Policy
App: Pali Pali
Effective date: 2026-06-01
Last updated: 2026-06-01
1) Developer and Contact
Developer: dasihagi Inc.
Contact: support@dasihagi.com
2) Categories of Data We Process
- User account information: Email address and basic account metadata obtained through Google Sign-In for authentication, service access, and support.
- Uploaded images: Photos or images you upload to use with our AI image generation and editing service. These images are stored on our servers and kept in your in-app history so you can revisit them.
- Reference images: Reference images you provide or select to guide image generation or editing. These images are stored on our servers and kept in your in-app history.
- Generated images: AI-generated or edited images created by our service, stored on our servers and kept in your in-app history for your access.
- Image metadata: Technical information about images including file size, dimensions, format, and creation timestamps.
- Generation history: Records of your image generation and editing sessions and the associated uploaded, reference, and generated images, retained like a chat history so you can review your past results in the app.
- Credit transaction records: History of credit usage, credits earned from rewarded ads, and credits granted with subscriptions.
- Subscription information: Subscription plan details, subscription period, and renewal status.
- Purchase tokens: Transaction or purchase tokens provided by app stores (Google Play, Apple App Store) for validating purchases and subscriptions.
- Diagnostics (minimal): Crash logs and performance metrics (if enabled by the OS). These do not include your uploaded, reference, or generated images.
3) Purpose of Processing
- Service delivery: Your uploaded photos and reference images are processed by our AI service provider to generate or edit images.
- History feature: Uploaded, reference, and generated images, together with your session records, are stored so you can browse and re-view your past results like a chat history.
- Account management: Email is used for sign-in, account recovery, and support communication.
- Purchase and subscription verification: Payment tokens are used to verify in-app purchases and subscriptions.
- Advertising: We display banner ads and rewarded video ads. Rewarded ads grant in-app credits when you choose to watch them.
- Service improvement: Aggregate usage patterns and diagnostics help us maintain and improve the app's quality and reliability.
4) Third-Party Processing and Sharing
AI Processing Provider
- Provider: Cloudflare, Inc. (United States) – Cloudflare Workers AI
- Purpose: Your uploaded photos and reference images are processed by Cloudflare Workers AI to generate or edit images.
- Data processed: Uploaded and reference image data, processed on our behalf to fulfill your request
- Model training: Cloudflare acts as a service provider and states that it does not use inputs submitted to Workers AI to train its models. The underlying AI models are third-party (including open-source) models run on Cloudflare's infrastructure; we do not sell your images or share them for any provider's own independent purposes.
Storage and Infrastructure
- Provider: Google Cloud Platform (United States)
- Purpose: Hosting services, image storage (Google Cloud Storage), and database operations (Cloud SQL)
- Data shared: All service data necessary for operation
App Store Billing
- Providers: Google Play (Android), Apple App Store (iOS)
- Purpose: Processing in-app purchases and subscriptions
- Data shared: Purchase tokens only; we do not receive full payment card details
Advertising
- Provider: Google AdMob (banner ads and rewarded ads)
- Purpose: Showing banner ads and rewarded video ads. Rewarded ads provide in-app credits.
- Data shared: Device identifiers and ad interaction data as governed by AdMob's policies
5) Retention and Deletion
- Uploaded, reference, and generated images: Stored as part of your in-app history (similar to a chat log) so you can revisit them. They are retained until you delete the specific item, clear your history, or delete your account. There is no fixed auto-deletion period.
- Image metadata and generation history: Retained alongside the associated images to power the history view, and deleted when the associated images are deleted.
- Account information: Retained until you request account deletion or your account becomes inactive for a period required by law or legitimate interests (fraud prevention).
- Purchase records: Purchase tokens and receipts are retained as required for accounting, fraud prevention, and app store policies.
- Credit transaction history: Retained for accounting and user reference purposes as long as the account is active.
- Backup data: Some backups and logs may persist for a limited period and are automatically purged on schedule.
- AI provider processing: Images are processed by Cloudflare Workers AI to fulfill your generation/editing request. Such processing, and any limited operational logging, is governed by Cloudflare's own policies; Cloudflare states it does not use submitted data to train its models.
Deletion Requests: You can delete your images or clear your history at any time in the app. For account or full-data deletion, we verify your identity and aim to fulfill requests within 30 days (or the timeframe required by law).
6) Your Rights
Depending on your location, you may have rights to:
- Access your personal data
- Correct inaccurate data
- Delete your personal data
- Restrict or object to processing
- Data portability
You may exercise these rights by contacting support@dasihagi.com. We may need to verify your identity before fulfilling requests.
Region-Specific Information
Additional rights may apply based on your jurisdiction (e.g., GDPR in the EU/EEA, CCPA in California, Personal Information Protection Act in South Korea).
7) Security Measures
- Encryption in transit: TLS encryption for all data transmission between the app and our servers
- Encryption at rest: Image and data storage is encrypted where supported by our cloud providers
- Access control: Principle of least privilege for service accounts and internal tools
- Monitoring: Access logging and periodic security reviews
- Infrastructure security: Network segmentation, vulnerability management, and incident response procedures
8) Legal Basis
- Provide the service you request (performance of a contract)
- With your consent (e.g., camera/photo library access, Google Sign-In)
- Legitimate interests to maintain and improve the service while respecting your rights (where required by law)
9) Children's Privacy
Pali Pali is not directed to children under the age of 13 (or the age defined by local law). We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us immediately to request deletion.
10) International Transfers
Data may be processed in locations outside your country, including the United States. Where applicable, we implement appropriate safeguards—such as standard contractual clauses and supplier due diligence—to protect your data during international transfers.
11) Changes to This Policy
We may update this policy from time to time. We will post changes on this page and, if changes are material, provide in-app or email notice. Your continued use after the effective date means you accept the updated policy.
12) How to Contact Us
Email: support@dasihagi.com
For privacy-related inquiries, complaints, or data subject requests, please contact us at the above email address.
Play Store Data Safety Disclosure (Summary)
Data Collection and Sharing
| Data Type | Collected | Shared | Purpose | Ephemeral |
|---|---|---|---|---|
| Email address | Yes | No | Account authentication, support | No |
| User account info | Yes | No | Service delivery | No |
| Photos/Videos | Yes | No | App functionality (AI image generation and editing, image history) | No |
| App activity | Yes | No | Analytics | No |
| Crash logs | Yes | No | App performance | No |
| Device identifiers | Yes | Yes* | Advertising | No |
| Purchase history | Yes | No | Subscription management | No |
* Device identifiers are shared with Google AdMob for banner and rewarded advertising functionality.
Data Security
- Data is encrypted in transit using TLS
- Data is encrypted at rest
- You can request data deletion
User Control
- You can delete uploaded, reference, and generated images and clear your history through the app
- You can request account deletion and full data removal by contacting support
- You can view your generation history and credit transaction history in the app
Retention
- Images: Retained as part of your in-app history until you delete them or delete your account (no fixed auto-deletion period)
- Account data: Retained until user requests deletion or account becomes inactive
- Purchase records: Retained as required for legal and accounting purposes
- AI processing: Performed by Cloudflare Workers AI; governed by Cloudflare's policies (no model training on submitted data)