Effective Date: February 2, 2026 · Last Updated: March 17, 2026
Summary
ICONIC ("we," "us," "our," or "the App") transforms your photos into artistic styles using AI. We collect only the data necessary to provide our services, and we do not sell your personal information. Your photos are processed securely and you retain all rights to your content.
1. Introduction and Scope
Epictetus, LLC ("Company") operates the ICONIC mobile application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application available on iOS.
By downloading, installing, or using ICONIC, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the App.
2. Data We Collect
2.1 Information You Provide Directly
Data Type
Description
Purpose
Account Credentials
Email address, display name, authentication tokens (via Apple Sign-In)
Account creation, authentication, customer support
Photos & Images
Images you upload for AI transformation
Providing the core image transformation service
Payment Information
Transaction identifiers (full payment details are processed by Apple or Stripe)
Processing subscriptions and purchases
Communications
Messages you send to customer support
Responding to inquiries and providing support
2.2 Information Collected Automatically
Data Type
Description
Purpose
Device Information
Device model, operating system version, unique device identifiers
App compatibility, debugging, analytics
Usage Data
Features used, transformation history, session duration
Service improvement, personalization
Technical Data
IP address, app version, crash reports, performance metrics
Technical troubleshooting, security
Identifiers
Advertising ID (only with your consent on iOS 14.5+)
Analytics and attribution (opt-in only)
2.3 Information We Do NOT Collect
We do not access your device's full photo library without explicit selection
We do not collect precise geolocation data
We do not collect biometric data
We do not collect health or fitness data
We do not read your contacts, messages, or call logs
AI Image Processing and Third-Party Services
When you use our AI art transformation feature, your photos are sent to our servers and then to a leading AI provider — such as Google (Gemini API), OpenAI, or Anthropic (Claude) — selected to best match the art style you chose. Your original photos are temporarily cached during processing (typically less than 1 hour) and then automatically deleted. Your photos are NOT used to train AI models.
What data is sent: The photo you select for transformation and the art style you choose.
Who processes it: A leading AI provider (Google Gemini, OpenAI, or Anthropic Claude) processes your photo solely for the purpose of generating your art transformation. The provider is selected automatically based on which produces the best result for your chosen art style.
How it's used: Your photo is processed to create an AI-generated artistic version. The original photo and the result are not used to train AI models.
Storage: Transformed images are temporarily cached on our servers for delivery and then automatically deleted. We do not permanently store your original photos on our servers.
Face Data
ICONIC processes photos that may contain faces as part of the art transformation feature. Here's how we handle face data:
What we collect: ICONIC does not perform facial recognition or create facial profiles. Photos you submit for art transformation may contain faces, but we do not detect, analyze, or extract facial features. Photos are processed as complete images for art style transformation only. No biometric data, face prints, or facial recognition templates are created at any point.
How it's used: Face data within photos is used solely to generate an artistic transformation of the image. We do not use face data for identification, authentication, or any purpose other than creating your requested art style.
Third-party sharing: Photos containing faces are sent to the AI provider selected for your art style (Google Gemini, OpenAI, or Anthropic Claude) solely for art transformation. The provider processes the image and returns the transformed result. None of these providers retain your photos for training purposes.
Storage and retention: We do not permanently store photos containing face data on our servers. Images are temporarily cached during processing (typically less than 1 hour) and then automatically deleted.
No facial recognition: ICONIC does not perform facial recognition, create face prints, or build biometric profiles.
3. How We Use Your Information
We use the information we collect for the following purposes:
Service Delivery: Processing your photos through our AI transformation technology
Account Management: Creating and maintaining your account, managing subscriptions
Order Fulfillment: Processing and delivering print orders through our fulfillment partners
Service Improvement: Analyzing usage patterns to improve features and performance
Customer Support: Responding to your inquiries and resolving issues
Security: Detecting and preventing fraud, abuse, and unauthorized access
Legal Compliance: Fulfilling legal obligations and protecting our rights
AI Training Disclosure: We do NOT use your personal photos to train our AI models without your explicit, opt-in consent. Your images are processed solely to deliver the transformation service you requested.
4. Photo Processing and Storage
4.1 Transformation Processing
Photos you select are uploaded to our secure servers for AI processing
Processing occurs using encrypted connections (TLS 1.3)
Original and transformed images are stored temporarily (typically 24-72 hours) for service delivery
You can delete your images at any time through the App
Cached images may be retained briefly for performance optimization
4.2 Print Order Photos
When you purchase physical print products, additional storage applies. Important: only the transformed artwork (output) is sent to our print partner — your original photo (input) is never shared with the printer.
Only the AI-transformed artwork (output) is shared with our printing partners — your original photo (input) is never sent to them
Print order artwork is stored securely on our servers for up to 30 days for order fulfillment, customer service, and dispute resolution
Each photo is assigned a unique identifier linked to your order
Artwork is shared with our printing partners (such as Merchize/Printful) solely to fulfill your order
After 30 days, stored artwork is automatically and permanently deleted from our servers
You may request earlier deletion of print order artwork by contacting support
5. Data Sharing and Disclosure
We do NOT sell, rent, or trade your personal information to third parties for their marketing purposes.
We may share your information only in these limited circumstances:
5.1 Service Providers
Provider Category
Purpose
Data Shared
Cloud Infrastructure (Google Cloud)
Secure data storage and processing
Encrypted user data, images
AI Processing Services
Image transformation
Images for processing only
Payment Processors (Apple, Stripe)
Subscription and payment processing
Transaction identifiers
Print Fulfillment Partners (Merchize/Printful)
Physical product printing and shipping
Order photos, shipping address
Analytics (anonymous/aggregated)
App improvement
Anonymized usage statistics
5.2 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court order, government request).
5.3 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.
5.4 Protection of Rights
We may disclose information when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
6. Third-Party Services
The App integrates with the following third-party services, each governed by their own privacy policies:
We encourage you to review these policies to understand how these services handle your information.
6.1 Meta (Facebook) SDK and Conversions API
The App integrates the official Meta SDK (Facebook Business SDK) and we transmit certain events to Meta's Conversions API server-side. This is used to measure the effectiveness of our advertising on Facebook and Instagram and to help Meta show our ads to people most likely to be interested in our service.
Hashed identifiers: Email address (SHA-256 hashed before transmission), user ID (hashed)
Device information: IP address, user agent, mobile advertising identifier (only with your explicit consent on iOS 14.5+ via App Tracking Transparency)
Event metadata: Event name, timestamp, currency, value, content type
Click identifiers: Facebook click ID (fbc) and browser ID (fbp) when you arrive from a Meta ad
What is NOT shared with Meta
Your photos, transformations, or generated artwork
Your unhashed email address or name
Payment card information
The contents of any messages or support communications
How we transmit data to Meta
Client-side (Meta SDK): When iOS App Tracking Transparency is granted, the Meta SDK on your device sends standard app events to Meta. If you deny tracking, the SDK still functions but uses limited data and SKAdNetwork only.
Server-side (Conversions API): Our servers also send conversion events directly to Meta. This is the industry-standard "dual-pixel" approach used to improve attribution accuracy. All personal identifiers are hashed using SHA-256 before transmission.
Your choices
iOS users: When you first open the app, you will see the Apple App Tracking Transparency prompt. You can choose "Ask App Not to Track" to limit data sharing.
All users: You can opt out of personalized advertising on Meta platforms via your Facebook ad settings (Facebook Ad Preferences) or your Instagram ad settings.
Account deletion: Deleting your ICONIC account stops all future data transmission to Meta tied to your account.
Security Disclaimer: While we strive to use commercially acceptable means to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security and cannot be held liable for any unauthorized access, hacking, data loss, or other breaches beyond our reasonable control.
8. Data Retention
Data Type
Retention Period
Account Information
Until account deletion or 3 years of inactivity
Transformation Images (non-print)
24-72 hours after processing, unless saved by user
Print Order Artwork (output only)
30 days, then automatically deleted
Transaction Records
7 years (legal/tax requirements)
Usage Analytics
26 months (anonymized)
Support Communications
2 years after resolution
9. Your Rights and Choices
9.1 General Rights
Depending on your location, you may have the following rights:
Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data (subject to legal retention requirements)
Portability: Request your data in a portable format
Objection: Object to certain processing activities
Restriction: Request restricted processing of your data
Withdraw Consent: Withdraw consent where processing is based on consent
9.2 How to Exercise Your Rights
To exercise any of these rights, please contact us at team@iconics.studio. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.
9.3 Account Deletion
You can request complete account deletion through the App's Settings screen or by contacting us. For detailed instructions, visit our Account Deletion page. Upon deletion:
Your account will be deactivated immediately
Personal data will be deleted within 30 days
Some data may be retained as required by law or for legitimate business purposes
Anonymized/aggregated data may be retained indefinitely
10. Apple App Tracking Transparency
On iOS 14.5 and later, we request your permission before tracking your activity across other companies' apps and websites. If you deny this permission:
We will not access your device's Advertising Identifier (IDFA)
Your app experience will not be affected
You can change this setting anytime in your device's Settings
11. Children's Privacy (COPPA Compliance)
ICONIC is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at team@iconics.studio.
If we discover that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information as quickly as possible.
12. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Right to Know: You can request information about the categories and specific pieces of personal information we have collected
Right to Delete: You can request deletion of your personal information
Right to Correct: You can request correction of inaccurate personal information
Right to Opt-Out: You can opt out of the "sale" or "sharing" of personal information (we do not sell personal information)
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
Right to Limit Use of Sensitive Personal Information: You can limit how we use sensitive personal information
Notice of Financial Incentives: We do not offer financial incentives for the collection of personal information.
Do Not Sell or Share My Personal Information: We do not sell or share personal information as defined by the CCPA/CPRA.
13. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):
13.1 Legal Bases for Processing
Contract: Processing necessary to provide the services you requested
Consent: Processing based on your explicit consent (e.g., marketing communications)
Legitimate Interests: Processing for our legitimate business interests (e.g., security, fraud prevention)
Legal Obligation: Processing required to comply with legal requirements
13.2 International Data Transfers
Your information may be transferred to and processed in the United States and other countries. We ensure adequate safeguards are in place, including:
Standard Contractual Clauses approved by the European Commission
Data Processing Agreements with our service providers
Compliance with applicable data protection laws
13.3 Data Protection Officer
For GDPR-related inquiries, you may contact us at team@iconics.studio. You also have the right to lodge a complaint with your local supervisory authority.
14. Other Regional Privacy Rights
14.1 Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA)
Residents of these states have similar rights to California residents, including the right to access, delete, and correct personal data, as well as the right to opt out of certain processing activities.
14.2 Brazil (LGPD)
Brazilian users have rights similar to GDPR, including access, correction, deletion, and data portability.
15. Cookies and Tracking Technologies
Our mobile app uses limited tracking technologies for functionality and analytics. For our website:
Essential Cookies: Required for website functionality
Analytics Cookies: Help us understand how visitors interact with our website (opt-out available)
You can control cookies through your browser settings.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes:
We will update the "Last Updated" date at the top of this policy
We will notify you via in-app notification for significant changes
We may send an email notification if required by applicable law
Continued use of the App after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically.
17. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:
We provide the App and services "AS IS" without warranties of any kind
We are not liable for any unauthorized access to or alteration of your data
We are not responsible for any content you upload or the results of AI transformations
We are not liable for the privacy practices of third-party services linked from our App
Our total liability is limited to the amount you paid us in the 12 months preceding the claim
We are not liable for any indirect, incidental, special, consequential, or punitive damages
18. Indemnification
You agree to indemnify, defend, and hold harmless Epictetus LLC, its officers, directors, employees, and agents from any claims, damages, losses, liabilities, costs, or expenses arising from:
Your use of the App
Your violation of this Privacy Policy or our Terms of Service
Your violation of any third-party rights, including intellectual property rights
Any content you upload or transmit through the App
19. Dispute Resolution
Any disputes arising from this Privacy Policy or your use of the App will be governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions. You agree to resolve any disputes through binding arbitration administered by the American Arbitration Association, except where prohibited by law.
You agree to waive any right to participate in class action lawsuits or class-wide arbitration against Epictetus LLC.
20. Severability
If any provision of this Privacy Policy is found to be unenforceable, the remaining provisions will continue in full force and effect.
21. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Epictetus, LLC
131 Continental Dr Ste 305 Newark, DE 19713
Email: team@iconics.studio
Subject Line: "Privacy Inquiry - ICONIC App"
We aim to respond to all inquiries within 30 days.