← Back to Home

Privacy Policy

Effective Date: February 2, 2026 | Last Updated: February 2, 2026

Summary: ICONIC ("we," "us," "our," or "the App") transforms your photos into artistic styles using AI. We collect only the data necessary to provide our services, and we do not sell your personal information. Your photos are processed securely and you retain all rights to your content.

1. Introduction and Scope

Epictetus, LLC ("Company") operates the ICONIC mobile application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application available on iOS.

By downloading, installing, or using ICONIC, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the App.

2. Data We Collect

2.1 Information You Provide Directly

Data Type	Description	Purpose
Account Credentials	Email address, display name, authentication tokens (via Apple Sign-In)	Account creation, authentication, customer support
Photos & Images	Images you upload for AI transformation	Providing the core image transformation service
Payment Information	Transaction identifiers (full payment details are processed by Apple or Stripe)	Processing subscriptions and purchases
Communications	Messages you send to customer support	Responding to inquiries and providing support

2.2 Information Collected Automatically

Data Type	Description	Purpose
Device Information	Device model, operating system version, unique device identifiers	App compatibility, debugging, analytics
Usage Data	Features used, transformation history, session duration	Service improvement, personalization
Technical Data	IP address, app version, crash reports, performance metrics	Technical troubleshooting, security
Identifiers	Advertising ID (only with your consent on iOS 14.5+)	Analytics and attribution (opt-in only)

2.3 Information We Do NOT Collect

We do not access your device's full photo library without explicit selection
We do not collect precise geolocation data
We do not collect biometric data
We do not collect health or fitness data
We do not read your contacts, messages, or call logs

3. How We Use Your Information

We use the information we collect for the following purposes:

Service Delivery: Processing your photos through our AI transformation technology
Account Management: Creating and maintaining your account, managing subscriptions
Order Fulfillment: Processing and delivering print orders through our fulfillment partners
Service Improvement: Analyzing usage patterns to improve features and performance
Customer Support: Responding to your inquiries and resolving issues
Security: Detecting and preventing fraud, abuse, and unauthorized access
Legal Compliance: Fulfilling legal obligations and protecting our rights

AI Training Disclosure: We do NOT use your personal photos to train our AI models without your explicit, opt-in consent. Your images are processed solely to deliver the transformation service you requested.

4. Photo Processing and Storage

4.1 Transformation Processing

Photos you select are uploaded to our secure servers for AI processing
Processing occurs using encrypted connections (TLS 1.3)
Original and transformed images are stored temporarily (typically 24-72 hours) for service delivery
You can delete your images at any time through the App
Cached images may be retained briefly for performance optimization

4.2 Print Order Photos

When you purchase physical print products, additional storage applies:

Photos for print orders are stored securely until order fulfillment is complete
Each photo is assigned a unique identifier linked to your order
Photos are shared with our printing partners (such as Merchize/Printful) solely to fulfill your order
We retain print order photos for up to 90 days after order completion for customer service purposes
Backups may be maintained for order verification and dispute resolution
You may request deletion of print order photos after order completion by contacting support

5. Data Sharing and Disclosure

We do NOT sell, rent, or trade your personal information to third parties for their marketing purposes.

We may share your information only in these limited circumstances:

5.1 Service Providers

Provider Category	Purpose	Data Shared
Cloud Infrastructure (Google Cloud)	Secure data storage and processing	Encrypted user data, images
AI Processing Services (Google Gemini)	Image transformation	Images for processing only
Payment Processors (Apple, Stripe, RevenueCat)	Subscription and payment processing	Transaction identifiers
Print Fulfillment Partners (Merchize/Printful)	Physical product printing and shipping	Order photos, shipping address
Analytics (anonymous/aggregated)	App improvement	Anonymized usage statistics

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court order, government request).

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

5.4 Protection of Rights

We may disclose information when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

6. Third-Party Services

The App integrates with the following third-party services, each governed by their own privacy policies:

Apple Sign-In: Apple Privacy Policy
RevenueCat: RevenueCat Privacy Policy
Stripe: Stripe Privacy Policy
Google Gemini AI: Google Privacy Policy

We encourage you to review these policies to understand how these services handle your information.

7. Data Security

We implement industry-standard security measures to protect your information:

Encryption in Transit: All data transmitted uses TLS 1.2/1.3 encryption
Encryption at Rest: Stored data is encrypted using AES-256
Access Controls: Strict role-based access to personal data
Security Monitoring: Continuous monitoring for unauthorized access
Regular Audits: Periodic security assessments and updates
Secure Authentication: Industry-standard OAuth 2.0 protocols

Security Disclaimer: While we strive to use commercially acceptable means to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security and cannot be held liable for any unauthorized access, hacking, data loss, or other breaches beyond our reasonable control.

8. Data Retention

Data Type	Retention Period
Account Information	Until account deletion or 3 years of inactivity
Transformation Images (non-print)	24-72 hours after processing, unless saved by user
Print Order Photos	90 days after order completion
Transaction Records	7 years (legal/tax requirements)
Usage Analytics	26 months (anonymized)
Support Communications	2 years after resolution

9. Your Rights and Choices

9.1 General Rights

Depending on your location, you may have the following rights:

Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data (subject to legal retention requirements)
Portability: Request your data in a portable format
Objection: Object to certain processing activities
Restriction: Request restricted processing of your data
Withdraw Consent: Withdraw consent where processing is based on consent

9.2 How to Exercise Your Rights

To exercise any of these rights, please contact us at epictetusllc@gmail.com. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

9.3 Account Deletion

You can request complete account deletion through the App's Settings screen or by contacting us. For detailed instructions, visit our Account Deletion page. Upon deletion:

Your account will be deactivated immediately
Personal data will be deleted within 30 days
Some data may be retained as required by law or for legitimate business purposes
Anonymized/aggregated data may be retained indefinitely

10. Apple App Tracking Transparency

On iOS 14.5 and later, we request your permission before tracking your activity across other companies' apps and websites. If you deny this permission:

We will not access your device's Advertising Identifier (IDFA)
Your app experience will not be affected
You can change this setting anytime in your device's Settings

11. Children's Privacy (COPPA Compliance)

ICONIC is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at epictetusllc@gmail.com.

If we discover that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information as quickly as possible.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: You can request information about the categories and specific pieces of personal information we have collected
Right to Delete: You can request deletion of your personal information
Right to Correct: You can request correction of inaccurate personal information
Right to Opt-Out: You can opt out of the "sale" or "sharing" of personal information (we do not sell personal information)
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
Right to Limit Use of Sensitive Personal Information: You can limit how we use sensitive personal information

Notice of Financial Incentives: We do not offer financial incentives for the collection of personal information.

Do Not Sell or Share My Personal Information: We do not sell or share personal information as defined by the CCPA/CPRA.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

13.1 Legal Bases for Processing

Contract: Processing necessary to provide the services you requested
Consent: Processing based on your explicit consent (e.g., marketing communications)
Legitimate Interests: Processing for our legitimate business interests (e.g., security, fraud prevention)
Legal Obligation: Processing required to comply with legal requirements

13.2 International Data Transfers

Your information may be transferred to and processed in the United States and other countries. We ensure adequate safeguards are in place, including:

Standard Contractual Clauses approved by the European Commission
Data Processing Agreements with our service providers
Compliance with applicable data protection laws

13.3 Data Protection Officer

For GDPR-related inquiries, you may contact us at epictetusllc@gmail.com. You also have the right to lodge a complaint with your local supervisory authority.

14. Other Regional Privacy Rights

14.1 Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA)

Residents of these states have similar rights to California residents, including the right to access, delete, and correct personal data, as well as the right to opt out of certain processing activities.

14.2 Brazil (LGPD)

Brazilian users have rights similar to GDPR, including access, correction, deletion, and data portability.

15. Cookies and Tracking Technologies

Our mobile app uses limited tracking technologies for functionality and analytics. For our website:

Essential Cookies: Required for website functionality
Analytics Cookies: Help us understand how visitors interact with our website (opt-out available)

You can control cookies through your browser settings.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes:

We will update the "Last Updated" date at the top of this policy
We will notify you via in-app notification for significant changes
We may send an email notification if required by applicable law
Continued use of the App after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically.

17. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

We provide the App and services "AS IS" without warranties of any kind
We are not liable for any unauthorized access to or alteration of your data
We are not responsible for any content you upload or the results of AI transformations
We are not liable for the privacy practices of third-party services linked from our App
Our total liability is limited to the amount you paid us in the 12 months preceding the claim
We are not liable for any indirect, incidental, special, consequential, or punitive damages

18. Indemnification

You agree to indemnify, defend, and hold harmless Epictetus LLC, its officers, directors, employees, and agents from any claims, damages, losses, liabilities, costs, or expenses arising from:

Your use of the App
Your violation of this Privacy Policy or our Terms of Service
Your violation of any third-party rights, including intellectual property rights
Any content you upload or transmit through the App

19. Dispute Resolution

Any disputes arising from this Privacy Policy or your use of the App will be governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions. You agree to resolve any disputes through binding arbitration administered by the American Arbitration Association, except where prohibited by law.

You agree to waive any right to participate in class action lawsuits or class-wide arbitration against Epictetus LLC.

20. Severability

If any provision of this Privacy Policy is found to be unenforceable, the remaining provisions will continue in full force and effect.

21. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Epictetus, LLC

131 Continental Dr Ste 305
Newark, DE 19713

Email: epictetusllc@gmail.com

Subject Line: "Privacy Inquiry - ICONIC App"

We aim to respond to all inquiries within 30 days.

Last Updated: February 2, 2026