Found It Privacy Policy

Local-first by design. Most Found It data is stored on your device. We do not operate our own backend that receives or hosts your household inventory database, item photos, location records, declutter workflows, or poster drafts. Data generally leaves your device only when you deliberately use Apple purchase or cloud features, contact us, or connect a third-party AI service of your own choosing.

No ads or tracking SDKs Found It does not include advertising SDKs, attribution SDKs, third-party analytics SDKs, or developer-run behavior profiling services.

Apple cloud features are optional If you enable cloud backup and recovery, structured archive data and image copies may sync through Apple's iCloud and CloudKit infrastructure.

Custom AI is direct-to-provider If you enable a custom AI endpoint, the request is sent directly from your device to the provider you configured, not through a developer-run proxy.

API credentials stay local Your custom AI API key and related connection credentials stay only on the device where you enter them and are excluded from the app's cloud backup payload.

1. Scope and Who We Are

This Privacy Policy applies to the Found It mobile application and limited support communications that you send to us. "Found It," "we," "our," and "us" refer to the app developed and provided by Jinhui Cheng.

By downloading, installing, or using Found It, you acknowledge that you have read and understood this Privacy Policy.

2. Categories of Data the App Handles

2.1 Inventory and workflow data you create

When you use Found It, the app may store the following data on your device:

Item records: item names, categories, notes, quantities, timestamps, lifecycle status, declutter status, last-use data, search and interaction counts, and related item-management metadata.
Location records: room names, container or storage-space names, storage type, and location-path information.
Organization profile data: questionnaire results, clutter profile, household mode, cadence preferences, and recommendation-related settings.
Process and poster data: process queue state, listing draft fields such as price, handoff preferences, condition labels, and poster/share preferences.
Export and history data: export configuration, export history, and related timestamps.

2.2 Optional or legacy layout data

The current public MVP centers on lightweight room-plus-location records rather than advanced floor-plan editing. However, if you import, restore, or continue using data created by older or optional builds, the app may also store archived layout or spatial fields such as floor-plan names, layout JSON, polygons, geometry, or coordinates.

2.3 Photos and media you capture or import

When you take a photo or import one from your photo library, Found It may store:

Original item images saved as local image files.
Generated thumbnails or optimized copies used to render cards, detail pages, and poster outputs more efficiently.
File-path references linking those local files to item records.

2.4 App settings and entitlement data

Found It stores local settings such as haptics, sound, recognition mode, poster/export preferences, image-sync quality, cloud status metadata, organization profile state, subscription entitlement state, and model usage counters needed to render the app correctly and enforce feature access.

2.5 Custom AI configuration and credentials

If you enable custom AI recognition, Found It stores the provider name, endpoint URL, model name, connection status, usage counters, and the API key you enter in the app's local data model. In the current implementation, those settings are stored locally inside app data rather than the system Keychain. The custom AI API key and related local-only credentials remain on the device where you entered them and are excluded from cloud backup payloads.

Important security disclosure. Your custom AI key is kept local to the device, but it is not currently stored in a separate system keychain vault. You should protect your device appropriately and rotate credentials if the device is lost, shared, or compromised.

2.6 Subscription and purchase state

If you subscribe or make in-app purchases, Apple processes the payment. Found It may receive and locally store entitlement information such as plan type, trial state, and expiration date through StoreKit so that paid features can be unlocked on your device.

2.7 Support communications

If you contact us by email or another support channel you choose to use, we may receive your email address and any information you include in your message.

3. How Data Is Used

Found It uses data primarily to provide app features on your device, including to:

Create and manage inventory, room, location, process, and poster records.
Display thumbnails, item details, search results, and organization summaries efficiently.
Generate on-device recognition suggestions, declutter suggestions, and poster previews.
Call the custom AI endpoint you configure when you choose remote recognition.
Back up or restore your data through Apple's cloud services if you enable those features.
Verify subscriptions and purchases through Apple's StoreKit framework.
Respond to support requests you send to us.
Protect the integrity of the app, troubleshoot errors, and comply with legal obligations.

4. Permissions and Device Access

Found It may request the following permissions, depending on the features you use:

Camera access: to capture item photos.
Photo library read access: to import existing images for item records.
Apple iCloud / CloudKit access: to upload, download, or restore cloud archives when you choose those features.

You can deny or revoke permissions in device settings, but some features may no longer function correctly.

5. Where Data Is Stored and When It Leaves the Device

5.1 On-device storage

Found It primarily stores your data on your device using Apple's local app-storage technologies, including SwiftData-backed records, local image files, and temporary local export or poster files.

Structured records: items, locations, workflow state, optional legacy layout data, user settings, and export history.
Images: original item photos and generated thumbnails or optimized copies.
Temporary outputs: exported CSV/JSON files and poster images that remain locally until you share them, delete them, or the operating system clears temporary storage.

5.2 Apple cloud backup and recovery

If you enable Found It's cloud backup and recovery features, the app packages a cloud archive and stores it through Apple's iCloud and CloudKit infrastructure. Based on the current implementation, the cloud payload may include:

items, locations, workflow state, organization-profile data, and compatible optional legacy layout fields if they exist in your archive;
user settings needed for recovery, including poster, workflow, and cloud-related preferences, but excluding the custom AI API key and local-only connection credentials;
image copies synced at the quality level you selected in the app, so that cards, detail pages, and poster outputs can be restored after switching devices.

We do not operate or control Apple's cloud infrastructure, and we do not receive a copy of your cloud archive on developer-run servers.

5.3 Apple purchases and platform services

If you buy a subscription or restore purchases, your interactions with StoreKit, the App Store, and your Apple account are handled through Apple services subject to Apple's own terms and privacy practices.

5.4 User-configured AI providers

If you enable custom AI recognition, Found It sends data directly from your device to the provider you configure. Depending on your configuration and usage, that request may include:

the item image, including base64-encoded image content;
the recognition prompt and configured model/provider information;
the authorization header derived from the API key you entered.

We do not proxy, inspect, or host that custom AI traffic on our own servers. Your use of any such provider is governed by that provider's own terms and privacy policy.

6. What We Do Not Do

We do not sell, rent, or broker your personal data.
We do not run developer-operated advertising or user-tracking SDKs inside Found It.
We do not run a developer backend that receives your inventory database or item photos as part of normal app use.
We do not use third-party analytics platforms to profile your in-app behavior.
We do not receive your payment card data, Apple ID password, or third-party AI account password.

7. Legal Bases and Regional Disclosures

7.1 EEA, UK, and similar jurisdictions

Where applicable, our legal bases for the limited processing we control are:

Performance of a contract: providing the app features you request, such as storing records locally, restoring purchases, or honoring support requests.
Consent: when you choose to enable optional permissions or optional services such as camera access, photo import, Apple cloud backup, or a third-party AI endpoint.
Legitimate interests: maintaining app integrity, preventing misuse, responding to support, and protecting our legal rights.
Legal obligation: where we must comply with applicable law, legal process, or regulatory requirements.

7.2 California and similar U.S. state privacy laws

Found It is designed to avoid developer-run profiling and data brokerage. We do not sell personal information and we do not share personal information for cross-context behavioral advertising. Because most Found It data stays on your device, requests that concern device-local data can usually be exercised directly in the app by editing or deleting records, disabling optional cloud features, or removing the app. For data we actually receive, such as support emails, you may contact us to request access, correction, or deletion where applicable law provides those rights.

7.3 Mainland China and other jurisdictions with separate-consent or cross-border rules

If laws such as the Personal Information Protection Law of the People's Republic of China apply to you, you may have rights to know, access, copy, correct, supplement, delete, explain, restrict, or withdraw consent for certain processing. In Found It, most of those controls can be exercised directly on your device. If you choose to enable Apple cloud services or a third-party AI provider, data may be processed outside your jurisdiction, and you should review the relevant provider terms before enabling those features.

8. Retention and Deletion

On-device app data remains until you edit or delete it in the app, remove the app, or your device/backups are otherwise managed by Apple.
Local image files remain until the related item or media is deleted or the file is otherwise removed.
Cloud copies remain subject to your use of Apple's cloud services and Apple's storage lifecycle.
Temporary export and poster files may remain until you remove them or the operating system clears temporary storage.
Support emails may be retained as reasonably necessary to respond, resolve issues, comply with law, or protect our rights.

9. Security

We rely primarily on Apple's device and platform security controls, including app sandboxing, system account controls, and Apple-hosted cloud infrastructure where optional cloud features are used. However, no device, app, or cloud environment is perfectly secure, and we cannot guarantee absolute security.

You are responsible for securing your device, your Apple account, and any third-party AI credentials you choose to enter into the app.

10. International Transfers

Because Found It is local-first, most data remains on your device. However, if you enable Apple cloud features or a third-party AI provider, data may be processed on infrastructure located outside your country or region. Those transfers are initiated by your choices and governed by the relevant provider's own legal terms.

11. Your Rights and Choices

Depending on your location, you may have privacy rights under applicable law, such as the right to access, correct, delete, export, restrict, or object to certain processing. Because Found It stores most data locally on your device, you can often exercise these controls directly inside the app or by deleting local app data.

You can delete item records, location records, photos, exports, and related cloud-backed data through the app and your Apple account controls.
You can choose not to enable camera access, photo import, cloud backup, or custom AI.
You can revoke permissions in device settings.
You can contact us if you need help understanding how this policy applies to support communications or your jurisdiction.

12. Children's Privacy

Found It is not directed to children under 13, or under any higher minimum age required in your jurisdiction. We do not knowingly collect children's personal information through developer-run backend services because the app is designed to function locally and without such services.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect product changes, legal requirements, or risk-management decisions. When we do, we will update the "Last Updated" date above. Continued use of Found It after an updated version becomes effective means you accept the revised policy, to the extent permitted by law.

14. Contact

If you have questions about this Privacy Policy or Found It's privacy practices, please contact us at [email protected].

You can also review the companion terms here: Found It Terms of Use.