How Precog holds your week.
This Privacy Policy explains how Precog, operated by Codeful, collects, uses, stores, and protects your information. By using Precog you agree to this policy. If anything is unclear, write to us at support@vibeland.app before continuing to use the app.
Effective 2026-04-29 · Last updated 2026-05-04 · App: Precog (app.codeful.precog) · Publisher: Codeful
1. What we collect
1.1 Information you give us
- Account email — used to authenticate your account (Sign in with Apple, Google, or email).
- Baseline photo — one selfie you upload during onboarding. This is the only image we use as input to the future-self generator.
- Behavior logs — sleep, exercise, and water entries. Includes timestamps, durations, intensities, and any optional journal/note text you enter.
- Profile fields — sex, age, chronotype, and (optional) height. Used so the AI projection knows roughly who it is rendering.
- Subscription receipts — when you purchase a Pro plan, Apple sends us a transaction receipt and the entitlement state.
1.2 Information collected automatically
- Device identifiers — Firebase Auth user ID, anonymous installation ID. Used to associate logs with the correct account and to prevent abuse.
- Diagnostic data — crash logs and basic performance metrics. Anonymized.
- Usage analytics — aggregate counts of features used (e.g., "this user revealed 8 weeks in a row"). Linked to your account but not sold.
1.3 What we do not collect
- We do not collect your location.
- We do not access your contacts, camera roll beyond the baseline upload you initiate, or microphone.
- We do not have any advertising SDKs and do not perform cross-app tracking.
- We do not collect HealthKit data unless you explicitly grant permission; even then we only read sleep duration to pre-fill log entries.
2. How we use your information
| Purpose | Data used |
|---|---|
| Run the app on your device | Account email, profile, logs |
| Generate weekly future portraits | Baseline photo, profile, week's behavior logs |
| Verify your subscription tier | Apple receipt, account ID |
| Show your past reveals | Generated images, your account ID |
| Improve the app | Anonymized diagnostics + aggregate usage |
| Reply to your support requests | Email and any details you send |
We do not sell or rent your data. We do not use your photos or logs to train any AI model.
3. Third-party services
We rely on a small set of carefully chosen processors:
| Service | Purpose | Where data lives |
|---|---|---|
| Firebase Authentication, Firestore, Cloud Storage, Cloud Functions (Google LLC) | App backend — accounts, logs, generated images | Google data centers (US) |
| Google Gemini 3 Pro Image (Google LLC) | Generates the weekly future portraits from your baseline + behavior summary | Google AI infrastructure (US). Google does not use data sent through the paid Gemini API to train its models, and applies the same encryption-in-transit, access-control, and audit-logging protections used for other Google Cloud services. See Google's Gemini API data-handling policy. |
| Google Gemini 2.5 Flash (Google LLC) | One-time extraction of coarse phenotype descriptors from your baseline photo (no biometric template) | Same as above — Google AI infrastructure, no model training, equivalent protections |
| Apple StoreKit / App Store (Apple Inc.) | Handles all payments and subscription state | Apple infrastructure |
| HealthKit (Apple Inc.) | Optional. Reads your sleep data on-device only when you grant permission | On your device |
We share only the minimum each service needs to do its job. None of them are advertising or analytics networks. We have signed Data Processing Agreements where required.
4. AI-generated images — important notes
- The future-self portraits are generated by Google Gemini 3 Pro Image using your baseline photo and the week's logged behavior as input.
- One time per baseline upload, we also send the photo to Google Gemini 2.5 Flash to extract a short list of general descriptors (e.g., skin tone, hair color, face shape) that condition the weekly portrait. These are coarse descriptors, not a biometric template, and are stored only on your own user record in our database.
- The baseline photo is never used for face recognition, identification, authentication, ARKit/Face ID, or any biometric matching. We do not derive or store a face geometry, embedding, or biometric identifier.
- These images are predictions, not photographs, and not medical, dermatological, or clinical advice. Do not rely on them for health decisions.
- We send only your baseline photo + a text summary of your behavior to the AI service. We do not send your name, email, location, or anyone else's photo.
- Generated images are stored in our Cloud Storage bucket, accessible only to your account, with signed URLs that expire after 7 days.
- We do not use your photo or any derived data to train any AI model, and we do not share it with advertisers or analytics networks.
- We only send these inputs to Google Gemini after you have granted consent through the in-app disclosure described in the next section.
5. Your consent before we send data to Google Gemini
The first time you upload a baseline photo, Precog shows a one-time disclosure screen that explains, in plain language:
- What we will send: your baseline selfie and a numeric summary of your sleep, exercise, and water logs for the week.
- Who we will send it to: the Google Gemini API, operated by Google LLC in the United States.
- Why we send it: to render the predictive future-self portraits that are the core feature of the app.
- What we will not do: train any AI model on your data, share it with advertisers, link it to your name or email, or use it for biometric identification.
You must tap Continue to grant consent. If you decline, Precog will not send your photo or logs to Google and will not generate any AI portraits — the rest of the app (logging, streaks, settings) remains usable.
You can withdraw consent at any time in Settings → Privacy → AI portrait service, which deletes your baseline photo from our servers and stops all future Gemini calls. Reveals already generated remain accessible from your account history; new ones will not be generated until you re-grant consent and re-upload a baseline.
For HealthKit and notification access, iOS handles the consent flow through its own system prompts.
6. How long we keep your data
- Baseline photo + generated reveals — kept while your account is active. Deleted within 30 days of account deletion.
- Behavior logs — kept for the lifetime of your account. You can request deletion at any time.
- Diagnostic logs — auto-rotated, retained 90 days max.
- Subscription receipts — kept as long as required for tax and audit (typically 7 years).
7. Your rights
You can, at any time:
- See what we have about you — request an export by emailing support@vibeland.app.
- Delete your account and all associated data — through Settings → Delete Account in the app, or by emailing the same address.
- Withdraw any HealthKit permission — through iOS Settings → Privacy & Security → Health → Precog.
- Correct any inaccurate data — via the app's Settings or by writing to us.
- Object to certain uses — explain in your message which use, and we will explore alternatives.
EU/UK residents have additional rights under GDPR/UK GDPR including the right to lodge a complaint with your data-protection authority. California residents have CCPA rights to know, delete, correct, and limit the sharing of personal information; we do not sell or share personal information for advertising.
8. Children
Precog is not directed at children under 13 (under 16 in EU). We do not knowingly collect data from children. If you believe a child has provided data, contact us and we will delete it.
9. International transfers
Our backend runs in us-central1 (United States). If you use the app outside the US, your data is transferred to and processed in the US under appropriate safeguards (Standard Contractual Clauses where required for EU/UK users).
10. Security
We use industry-standard encryption in transit (TLS 1.3) and at rest (Google Cloud default encryption). Access to production data is limited to authorized engineers and audited. No system is perfect — if you suspect a breach, please contact us immediately.
11. Changes to this policy
We may update this policy as the app evolves. Material changes are announced inside the app and via the email on file at least 30 days before they take effect. The "Effective date" at the top reflects the version currently in force.
12. Contact
Codeful
110, Misagangbyeonhangang-ro
Hanam-si, Gyeonggi-do 12904
Republic of Korea
Email: support@vibeland.app
For data protection inquiries: support@vibeland.app
Version 1.0 · Last updated 2026-05-04
Terms of Service →