Privacy Policy for WinkyPie
Last updated: March 15, 2026
This Privacy Policy for WinkyPie by Minimax Development ("we," "us," or "our") explains how we collect, store, use, and share information ("process") when you engage with our services ("Services") in relation to the WinkyPie mobile application ("Application"). This includes instances when you:
- download, install, access, or use the Application and its services, or
- interact with us in other related ways, such as through customer support.
This Privacy Policy describes why we collect your information, how we use and protect it, who we share it with, and what your rights are regarding your data. Your privacy is fundamental to our service.
Summary of Key Points
This summary outlines the key highlights of our Privacy Policy. For more detailed information, please refer to the table of contents below to navigate to the relevant sections.
- What personal data do we process? When you use our Services, we process a minimal amount of data necessary for the app to function and to improve our Services. This includes:
- User Content: The images you choose to upload from your device's camera or gallery for AI processing.
- Transaction Information: An anonymous, randomly generated user ID to manage your subscription status. We do not process your payment details directly.
- Technical Information: Standard technical data, such as your IP address, which is automatically processed by our backend servers during your session.
- Analytics Data: Anonymized usage data such as app interactions, feature usage, session information, device type, and operating system version, collected via Amplitude to help us understand how our Application is used and to improve the user experience.
- Error and Crash Data: Automatic error reports, crash logs, and performance data collected via Sentry to help us identify and fix technical issues in the Application.
- Do we process sensitive personal data? We do not intentionally process sensitive personal data. Our service processes images which may contain faces, but this data is used solely for AI image generation and is not used to identify you. We ask that you do not upload any content containing other sensitive personal information.
- How do we process your information? We process your information to deliver, enhance, and manage our Services, primarily to facilitate the AI image generation feature. We also use it to manage subscriptions, safeguard security, and comply with legal obligations.
- When do we share personal information? We share your information only with essential third-party service providers required for our Application to function and improve. This includes cloud backend infrastructure, AI service providers (FAL.ai for image generation, Google Gemini via OpenRouter for pose analysis), a subscription management service, an analytics provider (Amplitude), and an error monitoring service (Sentry). We do not sell your data.
- Third-Party AI Disclosure: Your selfie images are processed by FAL.ai through secure API infrastructure for AI image generation. Pose reference images (which do not contain your selfie or face data) are analyzed by Google Gemini (accessed via OpenRouter) to generate pose descriptions. By using our AI features, you consent to this data sharing. Generated images are immediately downloaded to your device's local storage.
- How do we keep your personal data secure? Our security is built on a "privacy-by-design" principle. We implement technical measures like encryption in transit and minimize data retention. Your selfie is temporarily processed by our secure AI service and automatically deleted from servers within 7 days.
- What are your rights? Depending on your region, you have rights concerning your personal data, including the right to access, correct, delete your information, and delete your account.
- How can you exercise your rights? You can exercise your rights by contacting us directly at winkypie.app@gmail.com or by using the account deletion feature within the Application (Settings > Delete Account). We will address your request in compliance with applicable data protection laws.
Table of Contents
- The Data Controller and the Objective
- Collection of Personal Data and Method
- Purposes of Processing Personal Data and Legal Bases
- Transferring Personal Data to Third Parties
- Data Storage and Retention
- Technical and Administrative Measures
- Children's Privacy
- Your Rights as the Data Subject
- Account Deletion
- Contact Information
- For Individuals in the EEA, UK, and Switzerland
- For California Residents
- For Residents of Other US States with Privacy Laws
- Illinois Residents (Biometric Information Privacy Act)
- Texas Residents (Capture or Use of Biometric Identifier Act)
- Analytics and Error Monitoring
- Changes to This Privacy Policy
1. The Data Controller and the Objective
The entity responsible for your information (the "data controller") is:
WinkyPie by Minimax Development
Poland
For any privacy-related questions or requests, please contact us at: winkypie.app@gmail.com
We aim to process user data transparently and in accordance with applicable data protection legislation, including the European Union's General Data Protection Regulation (GDPR) and the EU AI Act.
2. Collection of Personal Data and Method
We collect the minimal amount of information necessary to provide and improve our Service.
User Content
We process the data you provide when you interact with our core service. This includes images that you select from your device's photo gallery or capture using your device's camera. This is the only "User Content" we process.
Note regarding Biometric Data: Our service processes photographic images, which may include facial features. We use this data solely for the purpose of providing our AI image generation service at your request. This data:
- Is performed solely at your explicit request to generate AI images
- Does NOT constitute biometric identification or verification
- Does NOT categorize individuals based on biometric data
- Is NOT used for facial recognition, emotion detection, or any prohibited AI practices under the EU AI Act
- Is not permanently stored on our servers and is not used to train AI models
Note regarding sensitive information: Please do not upload any content that might contain sensitive personal information (e.g., health information, government IDs). The provision of any such information via the Application is strictly prohibited. While we do not intentionally process such data, we recognize that users might inadvertently include it. If we become aware that we have inadvertently received sensitive personal data, we will take commercially reasonable steps to promptly delete it.
Customer Transaction Information
We use a third-party subscription management service to manage in-app subscriptions. We do not collect or process your payment method details, such as your credit card number. Our subscription service assigns a randomized, anonymous App User ID to your installation of the app to track your subscription status. Additionally, we store your token balance and generated image count in our database to manage service usage.
Technical Information
When you use our Services, our cloud backend infrastructure (located in the United States) may automatically log standard technical information required for communication. This includes your Internet Protocol (IP) address, device type, and operating system version. This data is processed only for the duration of your session to ensure the secure and functional delivery of our Service.
Analytics Data
We use Amplitude, a third-party analytics platform, to collect anonymized usage data about how you interact with our Application. This data helps us understand user behavior, improve features, and enhance the overall user experience. The analytics data we collect includes:
- App interaction events: such as which features you use, screens you view, and actions you take within the Application
- Session information: session duration, frequency of use, and app version
- Device information: device type, operating system version, and screen resolution
- General location: country-level location derived from your IP address (your IP address is not stored by Amplitude in its raw form)
Important: Analytics data is collected in an anonymized manner and cannot be used to personally identify you. We do not link analytics data to your uploaded images, generated content, or any other personally identifiable information. You can opt out of analytics data collection through the Application settings.
Error and Crash Data
We use Sentry, a third-party error monitoring platform, to automatically collect diagnostic data when the Application encounters errors, crashes, or performance issues. This data helps us quickly identify and resolve technical problems. The error and crash data we collect includes:
- Error and crash reports: stack traces, error messages, and the application state at the time of the error
- Performance data: app startup time, screen load times, and slow operations
- Device information: device model, operating system version, available memory, and battery level
- App context: app version, build number, and the screen or feature where the error occurred
Important: Error reports are collected automatically to ensure the stability and quality of our Application. Sentry does not collect your uploaded images, generated content, or any personally identifiable information. IP addresses may be processed temporarily for error grouping but are not stored in their raw form.
3. Purposes of Processing Personal Data and Legal Bases
We process your information for specific purposes and only when we have a valid legal basis to do so under GDPR.
| Purpose of Processing | Data Categories Involved | Legal Basis (under GDPR) |
|---|---|---|
| Providing Core AI Service | User Content, Technical Information | Performance of a contract (Art. 6(1)(b)). Processing your image is necessary to fulfill your request to generate a new one. For facial data specifically, explicit consent (Art. 9(2)(a)). |
| Managing Subscriptions | Customer Transaction Information | Performance of a contract (Art. 6(1)(b)). Processing is necessary to manage your access to premium features. |
| Ensuring Security and Stability | Technical Information | Legitimate Interest (Art. 6(1)(f)). We have a legitimate interest in protecting our Service from fraud and ensuring it functions correctly. |
| Analytics and Service Improvement | Analytics Data (anonymized usage events, device info, session data) | Legitimate Interest (Art. 6(1)(f)). We have a legitimate interest in understanding how users interact with our Application in order to improve it. Where required by applicable law, we obtain your consent before collecting analytics data. |
| Error Monitoring and Crash Reporting | Error and Crash Data (crash logs, stack traces, performance metrics, device info) | Legitimate Interest (Art. 6(1)(f)). We have a legitimate interest in monitoring and resolving errors, crashes, and performance issues to maintain the stability and quality of our Application. |
4. Transferring Personal Data to Third Parties
We do not sell your personal data. We only share your information with trusted third-party service providers ("sub-processors") who are essential for our Service to function.
AI Image Generation (FAL.ai)
We use FAL.ai for AI image generation, accessed through secure API infrastructure. Your images are transmitted to and processed by FAL.ai's servers located in the United States.
Data Retention by FAL.ai:
- Generated images are available on FAL.ai servers for up to 7 days before automatic deletion
- Our App immediately downloads generated images to your device's local storage
- FAL.ai is committed to GDPR compliance and data protection
Important Note: FAL.ai's standard terms do not provide a formal "Zero Data Retention" guarantee. For enterprise-level guarantees regarding AI model training, please contact us.
Your Data:
- Uploaded photos are processed temporarily for AI generation
- Generated images are immediately downloaded to your device
- Your photos are stored permanently only on your local device, under your control
AI Pose Analysis (Google Gemini via OpenRouter)
We use Google Gemini, accessed through the OpenRouter API gateway, for AI-powered pose analysis. When you select a pose from our Pose Library, the pose reference image is sent to Google Gemini to generate a detailed text description of the pose. This description is then used as input for the AI image generation process.
Important Distinction — No Face Data Sent:
- Only pose reference images from our Pose Library are sent to Google Gemini — your selfie, photographs, or any images containing your face are never sent to this service
- Google Gemini does not receive, process, or have access to any of your personal images or biometric data
- Pose reference images are generic templates and do not contain personally identifiable information
Data Processing by OpenRouter/Google Gemini:
- OpenRouter acts as an API gateway that routes requests to Google Gemini. OpenRouter operates under a Zero Data Retention (ZDR) policy and does not store prompts or request data, but forwards them to the downstream provider (Google)
- Google Gemini (paid API tier) does not use API data to train its models. However, Google may retain API inputs (pose reference images) for up to 55 days solely for abuse monitoring purposes, after which they are automatically deleted
- No personal data, user identifiers, selfies, or biometric information is transmitted to OpenRouter or Google Gemini — only generic pose reference images from our Pose Library
- Both OpenRouter and Google maintain their own privacy policies and data protection commitments
For more information, see OpenRouter's Privacy Policy and Google's Privacy Policy.
Cloud Backend Infrastructure
Our application uses cloud backend infrastructure located in the United States for temporary data processing. We use this service to temporarily handle the image you upload before sending it to the AI service. Images on our backend are deleted shortly after processing completion. Images processed by our AI service provider (FAL.ai) are automatically deleted within 7 days, per FAL.ai's data retention policy.
Subscription Management
We use a third-party subscription management service to securely manage in-app purchases and verify your subscription status. We do not process your payment details directly - all payment processing is handled by Apple (App Store) or Google (Play Store). Subscription status data is retained until you delete your account.
Analytics (Amplitude)
We use Amplitude, Inc. as our analytics data processor to collect and analyze anonymized usage data from the Application. Amplitude acts as a data processor on our behalf and processes analytics data in accordance with our instructions and their privacy commitments.
Data processed by Amplitude:
- Anonymized event data (feature usage, screen views, user actions)
- Session metadata (session duration, app version)
- Device metadata (device type, OS version, screen resolution)
- Country-level location (derived from IP address; raw IP is not retained)
Amplitude's commitments:
- Amplitude processes data on servers located in the United States
- Amplitude is GDPR-compliant and supports Standard Contractual Clauses (SCCs) for international data transfers
- Amplitude is SOC 2 Type II certified
- Analytics data is retained for the duration of our contract with Amplitude, after which it is deleted
- Amplitude does not sell your data or use it for its own purposes
For more information, see Amplitude's Privacy Policy.
Error Monitoring (Sentry)
We use Sentry (Functional Software, Inc., San Francisco, CA, USA) as our error monitoring data processor to collect and analyze crash reports and performance data from the Application. Sentry acts as a data processor on our behalf and processes error data in accordance with our instructions and their privacy commitments.
Data processed by Sentry:
- Crash reports and stack traces
- Error messages and application state at the time of failure
- Performance metrics (app startup time, screen load times)
- Device metadata (device model, OS version, available memory)
- App metadata (app version, build number, screen context)
Sentry's commitments:
- Sentry processes data on servers located in the United States
- Sentry is GDPR-compliant and supports Standard Contractual Clauses (SCCs) for international data transfers
- Sentry is SOC 2 Type II certified
- Error data is retained for 90 days by default, after which it is automatically deleted
- Sentry does not sell your data or use it for its own purposes
For more information, see Sentry's Privacy Policy.
International Data Transfers
Our service providers are located in the United States. When we transfer your data outside the European Economic Area (EEA), we ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect your information in accordance with GDPR requirements.
5. Data Storage and Retention
Our data retention policy is designed to protect your privacy by storing as little data as possible.
Server-Side Storage
We do not permanently store, save, or catalog the photos you upload or the images generated for you on our servers. Specific retention periods are as follows:
- Processing Images (Cloud Backend): Deleted shortly after processing completion
- Generated Images (FAL.ai): Available for up to 7 days on FAL.ai servers, then automatically deleted
- Pose Analysis Data (Google Gemini): Pose reference images (not selfies) may be retained by Google for up to 55 days for abuse monitoring, then automatically deleted. OpenRouter (API gateway) operates under Zero Data Retention and does not store request data
- Your Device (Local Storage): Permanently stored until you delete them
- Subscription Data: Retained until account deletion
- Analytics Data (Amplitude): Retained in anonymized form for the duration of our contract with Amplitude; not linked to your identity
- Error and Crash Data (Sentry): Retained for 90 days, then automatically deleted
Important: All generated images are immediately downloaded to your device's local storage. The retention on FAL.ai servers is a temporary cache - your images are stored permanently on your device under your control.
Local Storage
The final, AI-generated images are sent back to your device and are saved exclusively in your device's local file system. The history of your generated images is also stored locally on your device. We do not have access to these images or your history.
Your Responsibility
You are the owner of the images you generate and are responsible for the content you upload for processing and the images you create.
6. Technical and Administrative Measures
We are committed to protecting your data. We implement appropriate technical and administrative security measures, including:
- Encryption in Transit: All data transmitted between your device and our servers is encrypted using industry-standard protocols (TLS/HTTPS).
- Data Minimization: We do not permanently store your images on our servers. Uploaded photos are deleted from our backend shortly after processing. Images on FAL.ai servers are automatically deleted within 7 days.
- Trusted Vendors: We rely on reputable, US-based service providers who maintain high standards of security for their infrastructure.
- Temporary Processing Only: Your selfie is securely sent to our AI service providers for photo generation only. Images are not used for AI model training.
7. Children's Privacy
Our Service is not intended for use by anyone under the age of 16. We do not knowingly collect personally identifiable information from children under 16. If we become aware that we have collected data from a child under 16 without verification of parental consent, we will take steps to remove that information.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at winkypie.app@gmail.com so we can take appropriate action.
8. Your Rights as the Data Subject
You have certain rights regarding your personal data. These rights may vary depending on your location but generally include the right to access, rectify, erase, or object to the processing of your data. To exercise any of your rights, please contact us at winkypie.app@gmail.com.
9. Account Deletion
You can delete your account and all associated data directly within the Application through Settings > Delete Account.
Upon a deletion request, we will immediately:
- Delete all your locally stored images (selfies, poses, generated creations) from your device
- Remove your subscription data and transaction history from our database
- Log out from our subscription management service (which resets your anonymous user ID)
- Clear all your preferences and app settings
This deletion is immediate and cannot be undone. If you have an active subscription, please cancel it through your device's app store settings before deleting your account to avoid future charges.
10. Contact Information
If you have any questions or comments regarding this Privacy Policy, please contact us:
By email: winkypie.app@gmail.com
11. For Individuals in the European Economic Area (EEA), the UK, and Switzerland
If you are a resident of the EEA, UK, or Switzerland, you have the following data protection rights under the GDPR:
- The right to access, update, or delete the information we have on you. Since we operate on an anonymous basis, this primarily applies to your subscription data held by our subscription management service.
- The right of rectification, to have your information corrected if it is inaccurate.
- The right to object to our processing of your personal data.
- The right of restriction, to request that we restrict the processing of your personal data.
- The right to data portability, to be provided with a copy of your information.
- The right to withdraw consent at any time where we relied on your consent to process your information.
Biometric Data Processing Notice
Our service processes photographic images containing facial geometry using third-party AI services. This processing is performed with your explicit consent when you use our AI generation features. We have conducted appropriate assessments of these processing activities to ensure compliance with GDPR requirements for special category data.
Automated Decision-Making
Our AI image generation service involves automated processing of your images. However, this processing does not produce legal effects concerning you or similarly significantly affect you. The output is purely creative content generated at your request.
Right to Erasure Limitations
When you delete your account through Settings > Delete Account, we immediately delete all your locally stored images, preferences, and backend data. Due to the nature of our service, we cannot erase images that you may have exported or shared outside the Application before deletion.
To exercise these rights, contact us at winkypie.app@gmail.com. We can assist you by submitting a data deletion request to our subscription management service on your behalf using your anonymous App User ID. You also have the right to lodge a complaint with a data protection authority.
Contact details for your Data Protection Authority:
- EU: https://edpb.europa.eu/about-edpb/board/members_en
- UK: https://ico.org.uk/global/contact-us/
- Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html
12. For California Residents
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA/CPRA), including:
- The Right to Know: You can request disclosure of the categories and specific pieces of personal information we have collected about you.
- The Right to Delete: You can request the deletion of your personal information.
- The Right to Correct: You can request the correction of inaccurate personal information.
- The Right to Opt-Out: We do not "sell" or "share" your personal information as those terms are defined under the CCPA/CPRA.
- The Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
Sensitive Personal Information
We process images which may contain facial features. This data is used solely to provide the service you explicitly requested and is not used for profiling or inference purposes beyond generating your requested image.
To exercise these rights, please contact us at winkypie.app@gmail.com.
13. For Residents of Other US States with Privacy Laws
If you are a resident of a US state with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Delaware, Iowa, New Hampshire, New Jersey, Nebraska, Tennessee, Maryland, Minnesota, Indiana, Kentucky, Rhode Island, and others that may become effective), you have rights that may include:
- Right to access your personal data
- Right to correct inaccuracies in your personal data
- Right to delete your personal data
- Right to opt-out of data sales (we do not sell your data)
- Right to opt-out of targeted advertising (we do not engage in targeted advertising)
- Right to data portability
- Right to opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects (we do not engage in such profiling)
To exercise these rights, contact us at winkypie.app@gmail.com. We will respond to your request within the timeframe required by applicable law.
14. Illinois Residents (Biometric Information Privacy Act)
Our service processes photographic images that may include facial geometry for AI image generation purposes. This constitutes the collection of biometric identifiers under the Illinois Biometric Information Privacy Act (BIPA).
By uploading your photo and using our AI generation features, you provide written consent for:
- The collection of biometric identifiers from your photographs
- The processing of such data by our AI service providers (FAL.ai)
- The temporary storage necessary to provide the service (automatically deleted within 7 days per FAL.ai's retention policy)
Important BIPA Disclosures:
- Purpose: Biometric data is collected solely for the purpose of AI image generation at your request.
- Retention: Biometric data is not permanently stored. Images on our backend are deleted shortly after processing. Images on FAL.ai servers (both input and generated) are automatically deleted within 7 days.
- Destruction Schedule: Biometric data is destroyed upon completion of the initial purpose (image generation). Images are automatically deleted from FAL.ai servers within 7 days of processing.
- No Sale or Disclosure: We do not sell, lease, trade, or otherwise profit from biometric data. We do not disclose biometric data to third parties except as necessary to provide our service (our AI providers).
- No Training: Your biometric data is not used to train AI models.
15. Texas Residents (Capture or Use of Biometric Identifier Act)
We process photographs containing facial geometry using AI services. By using our service, you consent to this collection and use of biometric identifiers solely for the purpose of AI image generation.
Texas CUBI Disclosures:
- We capture biometric identifiers from photographs you voluntarily upload for AI image generation purposes.
- We do not sell, lease, or disclose biometric data to third parties except as necessary to provide our service through our AI processing partners.
- Biometric data is not permanently stored and is automatically deleted from servers within 7 days of processing.
- You may withdraw consent by discontinuing use of the AI image generation features.
16. Analytics and Error Monitoring
We use Amplitude (Amplitude, Inc., San Francisco, CA, USA) as our analytics service provider. Amplitude acts as a data processor on our behalf, processing anonymized usage data strictly according to our instructions and for the purposes described in this Privacy Policy.
What data is collected
Amplitude collects the following anonymized data from the Application:
- Usage events: interactions with features, screens viewed, buttons tapped, and actions taken within the Application
- Session data: session start/end times, session duration, and app version
- Device information: device model, operating system name and version, screen resolution, and language setting
- General location: country and region derived from your IP address (Amplitude does not store your raw IP address)
Amplitude does NOT collect:
- Your name, email address, or any personally identifiable information
- Your uploaded images or generated content
- Your payment or subscription details
- Precise geolocation data
Why we collect analytics data
We use analytics data to:
- Understand how users navigate and interact with the Application
- Identify the most popular features and areas for improvement
- Diagnose technical issues, crashes, and performance bottlenecks
- Make data-informed decisions about future development priorities
Amplitude as a data processor
Amplitude processes analytics data on our behalf under a Data Processing Agreement (DPA) that ensures:
- Data is processed only according to our documented instructions
- Appropriate technical and organizational security measures are in place (SOC 2 Type II certified)
- Standard Contractual Clauses (SCCs) govern international data transfers from the EEA
- Amplitude does not sell, share, or use analytics data for its own purposes
- Data is deleted upon termination of our agreement with Amplitude
Sentry — Error Monitoring
We use Sentry (Functional Software, Inc., San Francisco, CA, USA) as our error monitoring service provider. Sentry acts as a data processor on our behalf, collecting and processing crash reports and performance data strictly according to our instructions.
What error data is collected
Sentry automatically collects the following diagnostic data when the Application encounters an error or performance issue:
- Crash and error reports: stack traces, error messages, exception types, and the application state leading to the error
- Performance traces: app startup duration, screen rendering times, and slow network requests
- Device context: device model, operating system version, available memory, battery level, and screen orientation
- App context: app version, build number, the screen or feature where the issue occurred, and breadcrumb trail of recent user actions (anonymized)
Sentry does NOT collect:
- Your name, email address, or any personally identifiable information
- Your uploaded images or generated content
- Your payment or subscription details
- The content of your interactions (only the fact that an action occurred is logged as a breadcrumb)
Why we collect error data
We use error monitoring data to:
- Detect and fix crashes and bugs that affect the user experience
- Monitor Application performance and identify bottlenecks
- Prioritize technical issues based on their frequency and impact
- Ensure the overall stability and reliability of the Application
Sentry as a data processor
Sentry processes error data on our behalf under a Data Processing Agreement (DPA) that ensures:
- Data is processed only according to our documented instructions
- Appropriate technical and organizational security measures are in place (SOC 2 Type II certified)
- Standard Contractual Clauses (SCCs) govern international data transfers from the EEA
- Sentry does not sell, share, or use error data for its own purposes
- Error data is automatically deleted after 90 days
Opting out of analytics
You can opt out of analytics data collection at any time through the Application settings. When you opt out, no further analytics events will be sent to Amplitude from your device. Error monitoring via Sentry remains active to ensure Application stability, as it does not collect personally identifiable information.
17. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and/or through an in-app notification before the changes take effect. We encourage you to review this Privacy Policy periodically.
The "Last updated" date at the top of this Privacy Policy indicates when the most recent revisions were made.
This Privacy Policy is effective as of March 15, 2026.