Privacy — Is That Real?

01Snapshot


Do we know who you are?	No. We never ask for your name, email, phone number, address, or any personal identifier.
Do we track you across apps or the web?	No. The App does not use the Advertising Identifier (IDFA), does not request App Tracking Transparency permission, and is not part of any tracking network.
Do we sell your data?	No. We have nothing to sell.
Do we use AI?	Yes. The fact-check verdicts you see are produced by large language models. See Section 5 for details.
Where is the App available?	iOS only.

02What the App is and what it does

The App is a fact-check tool. You point it at one of:

A screenshot you took (Back Tap shortcut path),
A social-media post, news article, or video link you shared from another app (Share Sheet path), or
Text you pasted in.

The App sends that content to our server, which uses AI models to (a) extract the central factual claim, (b) search the web for evidence, and (c) return a verdict — true, false, misleading, unproven, or satire — along with the sources it consulted.

The verdict appears in the App and in an optional banner notification. Nothing about you, the user, is needed for this to work.

03The single piece of data we hold about you

When you first launch the App, we generate a random identifier (a UUID — a 128-bit string of letters and numbers) and store it inside your device's secure Keychain.

This identifier:

Is generated locally on your device, never derived from anything that identifies you.
Is stored with kSecAttrSynchronizable = false, so it does NOT sync to iCloud and is not shared across your other Apple devices.
Is not linked to your Apple ID, your email, your real name, or any contact information.
Is sent to our server on every request, as an HTTP header named X-Device-Id.
Is used solely to (a) keep track of your remaining fact-check credits and (b) apply a daily rate limit to the free tier.
Is deleted when you delete the App from your device.

We refer to this identifier in our systems as your "device ID." It is functionally a pseudonymous account — it lets us serve you across sessions without knowing who you are.

If you want a fresh start, you can delete the App and reinstall it. A new identifier will be generated; the previous credit balance, if any, becomes inaccessible.

04Things you submit for fact-checking

When you initiate a fact-check, the App sends our server one of the following, depending on how you triggered it:

Trigger	What we send
Back Tap screenshot	The single most recent image in your Photos library (JPEG, resized so the longest edge is at most 2048 pixels) plus your device ID
Share Sheet → URL	The URL you shared, plus your device ID
Share Sheet → text	The text you shared, plus your device ID
Pasted text	The text you pasted, plus your device ID

What our server does with it:

(URL only) Calls a scraping service (see Section 6) to fetch the public content at that URL — the article body, the post images, the video transcript.
Sends the relevant content to an AI model to extract the central factual claim.
Searches the web for evidence relevant to that claim.
Sends the claim and evidence to a second AI model to produce the verdict.
Returns the verdict to your phone.

What our server retains for service improvement: For each fact-check, we record one row in our analytics database (Cloudflare D1) containing:

A timestamp,
A one-way SHA-256 hash of your device ID (we do not store the raw device ID alongside the row, so a leak of the analytics table cannot be linked back to a specific device without already knowing that device's UUID),
The post type (screenshot, Instagram post, X post, Facebook post, video, or article text),
The platform and author handle, when the content was a public social-media post and that information was visible in the post,
The extracted claim text (up to 1,000 characters),
The post URL, when applicable,
The verdict label, subtype, confidence score, and short summary that the AI model produced,
The processing time and credit cost.

We use this to understand how the App is being used (which content types are most common, which verdicts dominate, how long fact-checks take, where the pipeline fails) and to improve accuracy.

What we do NOT retain: We do not retain the original screenshot bytes, the scraped article body, the full social-post images, the audio of any video, or the raw web-search evidence we consulted. Those pass through our server and the AI models in real time and are dropped after the verdict returns.

Our server also keeps short-lived Cloudflare operational logs of which endpoint was hit, whether it succeeded, and how long it took. Cloudflare retains these under its standard retention.

05AI — what models we use and how content reaches them

The App relies on third-party AI providers for both claim extraction and verdict synthesis. Apple's App Review Guidelines (rule 5.1.2(i), updated November 2025) require us to disclose this prominently, both here and in an in-app consent screen the first time you fact-check anything. You will see and accept that consent screen before any content is sent to AI providers.

The AI provider we route through: OpenRouter, Inc.. OpenRouter is a request-routing service that forwards prompts to upstream model providers.

The models we currently use, via OpenRouter:

Qwen3-VL-8B-Instruct (Alibaba) — extracts the factual claim from your screenshot, the article, or the post.
Qwen3-VL-32B-Instruct (Alibaba) — produces the final verdict.

What goes to OpenRouter on each call:

The system prompt (our instructions to the model).
Your content — the screenshot (as a JPEG embedded in the prompt), the scraped article/post text, or the URL-fetched images.
The extracted claim and the evidence the search engine returned.

What does NOT go to OpenRouter:

Your device ID.
Your name, email, location, or any identifying information (we don't have any).

OpenRouter's data handling, as of this writing:

OpenRouter does not log prompts or completions by default. Per their published policy, prompt logging is opt-in (and we have not opted in).
In our OpenRouter account's Privacy Settings, we have disabled both "paid endpoints that may train on request data" and "free endpoints that may train on request data." OpenRouter therefore refuses to route our requests to any upstream provider that would use inputs to train models. We have also kept the "Allow 1% data discount" toggle off, so OpenRouter itself does not use our inputs or outputs to improve their product.
Once a request reaches an upstream provider, that provider's own retention policy applies. Because we route only to providers that comply with OpenRouter's no-training restriction, your content is not used to train any model.

You can read OpenRouter's privacy documentation at https://openrouter.ai/privacy and https://openrouter.ai/docs/guides/privacy/data-collection.

If OpenRouter changes its default policy, or if we change our AI provider in a way that affects what happens to your content, we will (a) update this Policy with a new effective date, (b) trigger an in-app banner the next time you open the App, and (c) re-prompt the AI consent screen so you can re-accept or stop using the App.

06Other third-party services we use

The App relies on these "sub-processors." Each handles data only on our behalf, on our instructions, and for the purposes described.

Service	Operated by	What it does	What it sees
Cloudflare Workers	Cloudflare, Inc. (USA)	Hosts our server and edge-caches responses	Your IP address (transient, used for routing only), your device ID header, the request you make. Operational logs are retained under Cloudflare's standard policy.
Apify	Apify Technologies s.r.o. (Czech Republic)	Scrapes the public content of URLs you submit for fact-checking	The URL you shared. Apify operates under a Data Processing Addendum and retains the URL only for billing/usage purposes.
OpenRouter	OpenRouter, Inc. (USA)	Routes our prompts to upstream AI providers	The prompt content (your screenshot, article text, or post text), as described in Section 5
RevenueCat	RevenueCat, Inc. (USA)	Validates in-app purchases against Apple StoreKit and tracks your subscription status	Your device ID (as a pseudonymous user ID), the product you bought, technical information about your device (model, OS), and your purchase receipt from Apple. RevenueCat does NOT receive your credit-card or payment details. RevenueCat stores this on AWS US under their DPA.
Apple StoreKit	Apple Inc. (USA)	Handles all in-app purchases	Whatever Apple normally collects for App Store transactions, governed by Apple's privacy policy.
Search providers	Brave Search (Brave Software, Inc., USA) and Serper (Vercel, Inc., USA)	Web search for evidence supporting or refuting a claim	The text of the claim — for example, "the moon landing was faked" — and nothing else. No device ID, no original content, no URL.

We do not use any analytics SDK, advertising SDK, attribution provider (AppsFlyer, Adjust, Branch, etc.), or crash reporter that fingerprints users.

07Data we do NOT collect

To be unambiguous, the App does not collect, store, or transmit any of the following:

Your name, email, phone number, address, or any contact details
Your precise or coarse location
Your contacts, calendar, microphone, camera (live), or health data
Your browsing history, web search history, or which apps are installed on your device
The Advertising Identifier (IDFA) or any cross-app tracking identifier
Sensitive categories under GDPR (racial/ethnic, religious, biometric, genetic, sexual orientation, etc.)
Anything that would let us, or a third party, identify you as a specific person

We do not use App Tracking Transparency because we do not track you. We do not require you to grant any permission as a condition of paying for or using a paid tier.

08Permissions the App requests, and why

The App requests three permissions during onboarding. None are required to use the App at a basic level.

Permission	Why we ask	What we do if you say no
Notifications	To deliver the verdict as a banner notification when a fact-check completes (useful when you've left the App to do something else). The notification text is generated on your device, not pushed from our server.	The App still works; you'll see the verdict only when you open the App.
Photo Library (read access, "most recent screenshot")	The Back Tap shortcut path needs to read the single most recent image in your library to fact-check it. We do not scan, list, or upload any other photo.	The Back Tap path is unavailable. You can still use the Share Sheet and the paste-text paths.
AI consent (in-app screen, not a system permission)	Apple requires explicit consent before we send your content to third-party AI providers.	The fact-check feature is unavailable. The App will offer to retry the consent screen.

You can change any of these in iOS Settings → Privacy at any time.

09In-app purchases

The App is free to install. You receive 40 free credits to start. Beyond that, you may purchase a subscription via the App Store. The available plans are documented in the App's paywall screen.

Apple StoreKit handles all payments. We never see your credit-card number, your billing address, or any payment details.

When you complete a purchase, Apple sends a receipt to RevenueCat. RevenueCat verifies the receipt with Apple and tells our server "the device with ID X just bought product Y." Our server updates your credit balance.

If you want to cancel or refund a subscription, do so via your Apple ID's subscription management page in iOS Settings (Apple is the merchant of record).

10How long we keep things

Data	Where it is	How long it stays
Device ID (Keychain)	Your device	Until you delete the App or manually reset it
Credit balance, tier, subscription state	Our server (Cloudflare Durable Objects)	Until your record is deleted on request, or garbage-collected after extended inactivity
Original screenshot bytes, scraped article body, full social-post images, video audio, raw web-search evidence	Nowhere	Not retained after the verdict returns to your phone
Per-fact-check analytics row (hashed device ID, post type, claim text, post URL, verdict, timing)	Our server (Cloudflare D1)	Retained indefinitely for product analytics; may be aged out in a future version of this Policy
Server operational logs (endpoint hit + status + timing — NO content)	Cloudflare's log infrastructure	Cloudflare's standard retention
Purchase receipts	RevenueCat, on AWS US	Retained per RevenueCat's standard policy and Apple's auto-renewable subscription rules (up to seven years for accounting)

11Your rights

Because we don't tie data to your real identity, most "subject access" requests don't apply in the usual sense — we have no way to look up "everything about Naman Vinayak" because we don't know Naman Vinayak exists. But you can:

Reset your identifier. Delete and reinstall the App. A fresh device ID will be generated. The previous credit balance becomes inaccessible.
Stop using the App. Uninstalling removes the local identifier. Your server-side credit balance becomes inaccessible.
Withdraw consent. Use iOS Settings to revoke Photos / Notifications. The in-app AI consent can be revoked by deleting the App or by emailing us; doing so disables the fact-check feature.
Ask us a question. Email support@isthatreal.app with the subject line Privacy — Is That Real?. We will respond within 30 days. We can confirm whether we hold data tied to a device ID you provide and delete it on request.

If you are in Canada, your rights are governed by the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and, for British Columbia residents, the provincial Personal Information Protection Act (PIPA). These give you the right to access personal information we hold about you, request correction, and lodge a complaint with the Office of the Privacy Commissioner of Canada or the Office of the Information and Privacy Commissioner for British Columbia. Email us using the address in Section 18 to exercise any of these rights.

If you are in the European Union or United Kingdom, you have the rights described in the GDPR / UK GDPR, including access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with your local supervisory authority. Email us and we will help you exercise them within the statutory window.

If you are in California, you have the rights described in the CCPA/CPRA. We do not sell or share your personal information for cross-context behavioural advertising. You may submit verifiable consumer requests by email.

If you are in India, India's Digital Personal Data Protection Act, 2023 (DPDPA) has been notified and substantive provisions take effect 13 May 2027. Once they do, you will be a "Data Principal" with the rights set out in the Act, including notice, consent, access, correction, erasure, grievance redressal, and nomination. We have built the App to meet those obligations and will treat email at the address above as the channel for those requests.

12Children

The App is not directed to children under 13 (under 16 in the EU, under 18 in some jurisdictions including India under DPDPA). We do not knowingly collect data from children. We do not include "for kids" or "for children" in any App Store metadata. If you believe a child has used the App, contact us and we will purge any associated device-ID record.

13Security

All network traffic between the App and our server uses HTTPS (TLS 1.3).
Your device ID is stored in the iOS Keychain, which is hardware-encrypted on every modern iPhone.
Our server runs on Cloudflare's edge network. Secrets (API keys for OpenRouter, Apify, search providers, RevenueCat webhook secret) live in encrypted Cloudflare environment bindings, never in source code or client-shipped binaries.
We do not maintain any internal user database to breach. There are no usernames, no passwords, no PII to exfiltrate.

No system is perfectly secure. If we discover a security incident that affects users, we will (a) publish a notice at isthatreal.app within 72 hours of discovery, (b) trigger an in-app banner on the next launch, and (c) — for users in India — notify the Data Protection Board within the timeline required by the DPDP Rules, 2025.

14International transfers

Our server runs on Cloudflare's global edge network. Requests are processed at whichever data center is closest to you. AI inference happens at upstream providers, which may be in the United States or other jurisdictions. RevenueCat stores subscription data in AWS US.

By using the App, you consent to this cross-border processing of the content you submit, where applicable.

15Content you submit — important things to understand

The App is a tool you use to fact-check public content — public news articles, public social-media posts, screenshots of things you saw. We do not access private content. The App can only fact-check what you choose to send it.

The App does not republish, store, or display the content you submit to anyone other than you. The verdict you receive is private to your device.

If you submit content for which you do not have viewing rights (for example, a private DM screenshot that someone else's settings would forbid you to share), that is your responsibility, not ours. We do not knowingly process content obtained in violation of any third party's terms of use.

16AI verdicts and accuracy

The verdicts the App returns are produced by AI models reading public sources. They are useful starting points, not infallible truths. We do not warrant that any verdict is correct, complete, or up-to-date. Always cross-check verdicts against the cited sources before relying on them for any decision.

The App displays the sources it consulted alongside the verdict so you can verify. The accuracy of fact-check results is governed by our Terms of Service, not this Privacy Policy.

17Changes to this Policy

We may update this Policy as the App evolves. The "Last updated" date at the top will change.

Material changes — new categories of data we collect, new sub-processors that see your content, changes to AI provider, retention extensions — will trigger:

An in-app banner the next time you launch the App.
A re-prompt of the AI consent screen so you can re-accept the updated terms.
An email reply to anyone who has previously contacted us via the email address below, if we can identify the message thread.

Continuing to use the App after a material change constitutes acceptance of the updated Policy.

18Contact

For any privacy question, request, or complaint:

Email: support@isthatreal.app Subject line: Privacy — Is That Real? Operator: Naman Vinayak, an independent developer based in British Columbia, Canada

You also have the right to lodge a complaint with your local data protection authority. In Canada, this is the Office of the Privacy Commissioner of Canada (federal, for PIPEDA matters) or the Office of the Information and Privacy Commissioner for British Columbia (provincial). In India, once constituted, this is the Data Protection Board of India under the DPDP Rules, 2025.

Privacy.