Legal

Privacy Policy

Last updated: May 6, 2026

1. Introduction

This Privacy Policy explains how the Snapbit mobile application (the "App") collects, uses and protects user information. Snapbit generates short, AI-powered audio lessons based on images and content chosen by the user.

This policy is drafted in compliance with Regulation (EU) 2016/679 (the "GDPR") and applicable data protection laws.

2. Data Controller

The data controller is:

For any request regarding the processing of your personal data, please write to the email address above.

3. Information We Collect

Snapbit collects the following categories of data, each for a specific purpose:

3.1 Account information

To use the App you must sign in via one of the following providers:

  • Google Sign-In: the email address and name associated with your Google account are shared with Snapbit.
  • Sign in with Apple: a unique identifier and, if you allow it, your name and email are shared (you may choose to hide your real email using Apple's "Hide My Email" feature).

Authentication is handled by Firebase Authentication (Google Ireland Ltd.).

3.2 Profile data

To personalize lessons, the App asks you to provide:

  • your interests and preferred categories (e.g. culture, finance, health, science, etc.);
  • your age range — your exact date of birth is never requested, only an interval.

3.3 User-generated content (images)

The App allows you to take a photo with your device's camera or pick one from your gallery in order to generate an audio lesson. The flow is as follows:

  • the image is sent over an encrypted connection (HTTPS) to our backend hosted on Google Cloud Run;
  • the backend forwards the image to Google Gemini, which analyses it to produce the lesson content;
  • once the lesson is generated, the image is deleted from our systems and is not stored permanently;
  • the image is not used to train AI models, nor shared with third parties for any purpose other than generating the requested lesson.

3.4 Generated lessons and personal library

Audio lessons you generate, along with their metadata (title, category, creation date, listening progress), are stored locally on your device using the Isar database and may be synchronized with our backend so you can access them across devices and restore them after reinstallation.

3.5 Usage and diagnostic data

To improve the App and detect errors, we collect anonymous data through:

  • Firebase Analytics: aggregated usage events (e.g. screens viewed, lessons started, listening time);
  • Firebase Crashlytics: automatic crash and error reports, including technical information about your device (model, OS version, language).

3.6 Push notifications

If you grant permission, the App sends push notifications via Firebase Cloud Messaging. For this purpose, a unique device token is generated and stored. You can disable notifications at any time from your device settings.

3.7 Payment and subscription data

Snapbit offers a free tier with limited functionality and a paid tier accessible via subscription or by purchasing minute packs ("top-up"). Purchases are handled by:

  • Google Play Billing (Google) for the actual transaction. Snapbit never receives or stores credit card data or other payment details.
  • RevenueCat (RevenueCat, Inc.) for managing subscription state and entitlements. RevenueCat processes an anonymous user identifier and purchase details (product, date, expiration).

4. App Permissions

Permission Purpose
CAMERA Allows you to take a photo to use as input for lesson generation.
READ_MEDIA_IMAGES /
READ_EXTERNAL_STORAGE		 Allows you to select an existing image from your device's gallery.
POST_NOTIFICATIONS Sends push notifications about new lessons, listening reminders and updates.
FOREGROUND_SERVICE /
FOREGROUND_SERVICE_MEDIA_PLAYBACK		 Enables audio playback of lessons even when the App is in the background or the screen is off.
com.android.vending.BILLING Handles in-app purchases through Google Play.

All permissions can be revoked at any time from your device settings. Revoking a permission may limit some features of the App.

5. How We Use Your Information

The data we collect is used solely to:

  • provide the App's features (creating and playing audio lessons);
  • authenticate you and manage your account;
  • personalize suggested content based on your stated interests and age range;
  • manage subscriptions, payments and entitlements;
  • send operational notifications related to the service;
  • analyze App usage in aggregate form to improve features;
  • diagnose malfunctions through crash reports;
  • comply with legal obligations and prevent fraud or abuse.

6. Legal Basis

Processing is based on the following legal grounds (Article 6 GDPR):

  • Performance of a contract (Art. 6.1.b): to provide the requested service, manage your account and process purchases.
  • Consent (Art. 6.1.a): to send push notifications, access your camera and gallery, and collect non-essential analytics data.
  • Legitimate interest (Art. 6.1.f): to ensure the security of the App, prevent abuse and improve the service via aggregated data.
  • Legal obligation (Art. 6.1.c): to comply with tax and accounting obligations related to purchases.

7. Data Sharing and Disclosure

To deliver the service, Snapbit relies on the following providers, each with its own privacy policy:

Provider Function Policy
Google (Firebase Auth, Analytics, Crashlytics, Cloud Messaging, Cloud Run, Gemini) Authentication, analytics, crash reporting, push notifications, backend hosting, generative AI policies.google.com/privacy
Apple Inc. Sign in with Apple apple.com/legal/privacy
RevenueCat, Inc. Subscription and in-app purchase management revenuecat.com/privacy

Snapbit does not sell, rent or trade personal data to third parties for marketing purposes.

8. International Data Transfers

Some of the providers listed above (in particular Google and RevenueCat) may process data outside the European Economic Area, typically in the United States. Such transfers take place in accordance with GDPR safeguards through:

  • the EU-U.S. Data Privacy Framework, to which Google and RevenueCat adhere;
  • Standard Contractual Clauses approved by the European Commission, where applicable.

9. Data Retention

  • Images uploaded for lesson generation: deleted immediately after processing.
  • Generated lessons and personal library: retained as long as your account is active.
  • Account and profile data: retained until you request account deletion.
  • Analytics and crash data: retained for the period set in Firebase (typically up to 14 months in aggregated form).
  • Purchase data: retained for the period required by tax and accounting obligations (10 years in Italy).

Upon account deletion, all data not subject to legal retention obligations is removed within 30 days.

10. Your Rights

Under Articles 15-22 of the GDPR, you have the right to:

  • access your personal data and obtain a copy;
  • request correction of inaccurate or incomplete data;
  • request deletion of your data ("right to be forgotten");
  • request restriction of processing;
  • object to processing based on legitimate interest;
  • receive your data in a structured, machine-readable format (portability);
  • withdraw consent at any time, without affecting the lawfulness of prior processing;
  • lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it) or the supervisory authority of your country of residence.

To exercise any of these rights, simply write to support@snapbit.ai. We will respond within 30 days of your request.

You can also delete your account directly from the App, in the Settings section.

11. Children's Privacy

Snapbit is not intended for children under the age of 13. For users between 13 and 17, use of the App is permitted only with the consent of a parent or legal guardian. We do not knowingly collect personal data from children under 13; if a parent becomes aware that their child has provided personal data through the App, they are invited to contact us at support@snapbit.ai so we can promptly remove it.

12. Security

We implement reasonable technical and organizational measures to protect personal data, including:

  • encryption of communications via HTTPS/TLS;
  • authentication handled by certified providers (Google, Apple);
  • infrastructure hosted on Google Cloud Platform, with physical and logical security measures compliant with industry standards;
  • access to data restricted to strictly necessary personnel.

However, no transmission or storage system can be considered 100% secure, and we cannot guarantee the absolute security of your data.

13. Automated Decisions and AI

The App uses artificial intelligence models (Google Gemini) to analyse images and generate audio content. Such processes do not produce legal effects on the user nor similarly significantly affect them within the meaning of Article 22 GDPR; they are intended solely to create the content the user has requested.

14. Changes to This Policy

This Privacy Policy may be updated from time to time to reflect legal, technical or feature changes. The most recent version will always be available at this URL, with the "Last updated" date shown clearly. In case of substantial changes, we will notify you through the App or via the email address associated with your account.

15. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at support@snapbit.ai.