LEGAL

Privacy Policy

1. OVERVIEW

Lutro ("Lutro", "LUTRO", "we", "us", or "our") processes personal data to operate the app, secure the service, and improve reliability. This Privacy Policy explains what we collect, how we use it, when we share it, how long we keep it, and what rights you may have under applicable law, including the GDPR and the Turkish Personal Data Protection Law (KVKK).

Contact: contact@lutro.app

2. LOCAL EDITING AND EXHIBITION

Most photo editing in Lutro is performed locally on your device. We do not describe all photo use as purely on-device because that would be incomplete.

If you only use local editing tools, your source photos are intended to remain on-device during editing. If you choose to use Exhibition or another sharing feature, the content and related metadata you submit are uploaded to Apple CloudKit to provide that feature. We may also use a minimal auth-only backend endpoint for Sign in with Apple revocation, but that backend is not used as the primary store for your photo content.

3. DATA CATEGORIES WE COLLECT

The categories below are intended to align with our Apple privacy declarations, including PrivacyInfo.xcprivacy:

  • Name: account profile information made available by your sign-in provider.
  • Email Address: account email made available by your sign-in provider.
  • User ID: account identifiers and pseudonymous service identifiers used for authentication, integrity, and cloud features.
  • Photos or Videos: content you intentionally submit to Exhibition or similar sharing features.
  • Purchase History: product identifiers, entitlement state, and restore status processed through RevenueCat and App Store billing infrastructure.
  • Product Interaction: app opens, screen views, feature usage, exports, shares, and similar interaction events.
  • Crash Data: crash events, error context, and related diagnostics.
  • Performance Data: launch, hang, memory, CPU, and responsiveness metrics.

4. HOW WE COLLECT DATA

We collect data directly from you when you sign in, purchase, submit content, report content, or contact us. We also collect limited technical and usage data automatically through integrated platform and infrastructure services used to operate, secure, and improve the app.

We do not intentionally access private photos, contacts, browsing history, or location data unless a specific feature clearly requires that action and you choose to use it.

5. WHY WE PROCESS DATA

We process personal data to provide account and purchase features, operate Exhibition, detect abuse or duplicate submissions, moderate reports, deliver notifications, measure feature usage, investigate crashes, improve performance, and comply with legal or safety obligations.

We do not use the data described in this Policy for cross-app tracking or third-party advertising.

6. LEGAL BASES

Depending on the feature and your location, we rely on one or more of the following legal bases: performance of a contract, legitimate interests, consent where required by law, and compliance with legal obligations.

Account, purchase, and Exhibition operations are generally processed because they are necessary to provide the service you request. Safety, abuse prevention, and reliability operations are generally processed under our legitimate interests and, where applicable, legal obligations.

7. ANALYTICS AND DIAGNOSTICS

We use Firebase Analytics, Firebase Crashlytics, and Apple diagnostic frameworks such as MetricKit to understand product usage, monitor reliability, and improve the app. This may include Product Interaction, Crash Data, Performance Data, and pseudonymous event or device-linked service identifiers.

In the current product configuration, these first-party analytics and diagnostics are enabled by default as part of operating, securing, and improving LUTRO. They are not used for cross-app tracking or third-party advertising, and we do not currently provide an in-app analytics opt-out control.

If we change this analytics model in the future, we will update this Policy and complete product and legal review before shipping the change.

8. EXHIBITION FEATURE

By submitting content to the Exhibition feature, you acknowledge that your photos and associated metadata may be scanned for prohibited content (e.g., explicit or illegal material) using on-device and/or cloud-based moderation technologies. This is necessary to maintain a safe environment for all users.

If you choose to use Exhibition, we may process the photo or video content you submit, your selected display name, edit recipe or submission metadata, moderation data, report data, and pseudonymous integrity identifiers used for duplicate detection, abuse prevention, and service integrity.

Exhibition is a cloud-enabled feature. You should only submit content that you are authorized to share.

9. SHARING AND SERVICE PROVIDERS

We may share personal data with Apple and Google service infrastructure where needed to operate the app, including Sign in with Apple, Google Sign-In, RevenueCat, App Store billing infrastructure, CloudKit, Firebase Analytics, Firebase Crashlytics, and related platform services. We may also use a limited backend service only to complete Apple account revocation requests. We may disclose data where necessary to comply with law, enforce our terms, investigate abuse, or protect users and the service.

We do not say that user data is never shared. Instead, we share data only in the limited situations described in this Policy.

10. INTERNATIONAL TRANSFERS

Because we use Apple CloudKit, Firebase, and related infrastructure services, personal data may be processed outside your country of residence, including in jurisdictions that may have different data protection standards.

When international transfers occur, we rely on the legal mechanism required for the specific processing activity and jurisdiction, such as adequacy decisions, contractual safeguards, technical and organizational safeguards, or explicit consent where legally required and validly obtained. We do not rely on a statement such as "by using the app you automatically accept international transfers" as the sole basis for those transfers.

11. RETENTION

We retain data only for as long as reasonably necessary to provide the service, maintain security, resolve disputes, enforce our agreements, and comply with law. Retention periods may differ depending on the category of data, such as account records, purchase state, analytics, crash logs, performance diagnostics, Exhibition submissions, and moderation records.

Where appropriate, we delete, anonymize, or de-identify data when it is no longer needed.

12. YOUR RIGHTS

Depending on your jurisdiction, you may have the right to request access, correction, deletion, restriction, objection, data portability, and withdrawal of consent where processing is based on consent.

Users in Turkey may exercise the following rights under Article 11 of the KVKK:

  • Learn whether your personal data is being processed.
  • Request information if your personal data has been processed.
  • Learn the purpose of the processing and whether data is used for that purpose.
  • Know the third parties to whom your personal data is transferred (domestic or abroad).
  • Request rectification if your personal data is processed incompletely or inaccurately.
  • Request erasure or destruction of your personal data under the conditions laid down in Article 7 of the KVKK.
  • Request notification of the rectification/erasure operations to third parties to whom data has been transferred.
  • Object to the occurrence of a result against you by analyzing the processed data exclusively through automated systems.
  • Request compensation for damages in case of unlawful processing of personal data.

To submit a privacy or data subject request, contact contact@lutro.app. We may need to verify your identity before responding.

13. ACCOUNT DELETION, CHILDREN, AND UPDATES

If you request account deletion, we will process the request in accordance with applicable law and our technical capabilities. This may include deleting CloudKit-hosted Exhibition data, clearing local auth state, and where applicable completing a server-backed Apple authorization revocation step. Some data may be retained where necessary for safety, fraud prevention, unresolved reports, legal compliance, or the establishment, exercise, or defense of legal claims.

Lutro is not intended for children in situations where parental consent is required by applicable law. We may update this Privacy Policy from time to time to reflect product, legal, or operational changes. If we make material changes, we will update the Last Updated date and provide additional notice where required.