Privacy Policy

Last updated: March 31, 2026

General Information

Chroma ("we", "us", or "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.

Information We Collect

We collect the minimum information required to provide the service:

  • Device identifier - a randomly generated UUID securely stored on your device. It is used to track usage status and is not linked to your name, email, or personal account.
  • Uploaded photos - images you choose for colorization are sent to our server functions and infrastructure providers for processing. We do not store raw photo files in our own database.
  • Usage data - to prevent abuse and improve service reliability, we keep technical logs such as device ID, selected mode (standard/HD), success status, latency, error code/message, and timestamps.
  • HD processing records - for HD requests, we log job status, scale factor (2x/4x), result URL, and related timestamps.
  • Purchase information - when you purchase a Pro subscription, payment is processed by Apple or Google. Required subscription and entitlement data is obtained through RevenueCat for verification. We do not store payment card details.
  • On-device local data - device ID, one-time free usage status, and history records (local file paths) are stored only on your device.

How We Use Information

  • To process photo colorization requests
  • To enforce free usage and Pro access rules
  • To verify subscription status through RevenueCat
  • To analyze errors and detect abuse attempts

In-App Permission Before AI Processing

Before the first photo colorization request, the app shows an explicit in-app permission prompt. The prompt identifies what data is sent (photo, random device identifier, and technical processing metadata), who receives it (Supabase, fal.ai, and RevenueCat), and why it is needed. If you decline, colorization is blocked until you grant permission later from the same prompt or from Settings.

Third-Party Services

We use the following third-party infrastructure:

  • Supabase - database and serverless function infrastructure.
  • fal.ai - AI inference provider used for photo colorization. Images are sent only for colorization and are subject to fal.ai data policies.
  • RevenueCat - used for purchases and subscription management. For details, review their privacy policy at revenuecat.com.

Data Retention

Server-side technical logs and HD job records are retained for operating the service, abuse prevention, and error analysis. Result URL availability depends on third-party provider policies. On-device history remains local until you delete it. You may request deletion of records associated with your device ID.

Children's Privacy

Chroma is not intended for children under 13. We do not knowingly collect personal data from children under 13.

Your Rights

You can request access to, correction of, or deletion of data we keep for your device. To speed up processing, you may need to provide your device ID.

Policy Changes

We may update this policy from time to time. The current revision date appears at the top of this page. Continued use of the app after changes means you accept the updated policy.

Contact

For privacy-related requests, use Settings -> Contact Support in the app.