Version line: in effect from May 28, 2026; revised on May 28, 2026.
Ditofi is offered as a mobile photo app. Privacy choices begin with the device: information is handled through the app when you choose to use it, and platform settings control permission access.
How this policy fits ordinary app use
This Privacy Policy describes how the team responsible for Ditofi handles information related to use of the app, related mobile platform services, purchases processed through the app store, and privacy or legal requests sent to us.
Coverage includes information you provide, content you choose to make available through the app, app activity records, device and diagnostic information, purchase confirmation records made available by the app store or payment platform, and communications sent to mail@ditofi.com. It also covers information handled by service providers that support hosting, analytics, security, customer communication, purchase validation, and legal compliance.
This Policy applies only to Ditofi and services we control. Mobile operating systems, app stores, payment processors, and third-party services apply their own privacy terms to information they collect or process independently.
Device Permissions
Certain app functions depend on permission choices made through your device or app store environment. When a permission is requested, the operating system may show a platform-controlled prompt, and you can usually change that permission later in device settings.
Photos, camera input, or similar media access may be used only when you choose to provide content through the app or grant access for app use. The app may receive the selected content, related file metadata, and technical details needed to process, display, store, or maintain that content according to the app's ordinary operation.
Platform permission note: device-level controls may prevent or limit some app activity. A permission change does not necessarily delete information that was previously provided to the app, but it may stop future access from that device unless permission is granted again.
Which app records are covered here
Ditofi may process content you add or select, app activity records, device or technical logs, diagnostic events, settings, and communications you send to the operator. Photo or media access is limited to content made available through your device choices and app permissions.
For in-app purchases, the app store or payment platform usually handles payment details. Ditofi may receive purchase status, receipt identifiers, entitlement records, refund indicators, or related app-store information needed for access, operations, compliance, and dispute handling.
Some operational records are generated as the app runs, including crash information, security events, and general usage signals. These records support app reliability and are not treated as public account profiles.
How information supports ordinary app operation
Information is used to operate Ditofi, provide app functionality, maintain security, validate purchases, respond to privacy and legal requests, troubleshoot errors, improve reliability, prevent misuse, comply with law, and protect the rights and safety of users, the app, and third parties.
Where consent is required for a permission, optional processing activity, or similar choice, consent is the legal basis for that processing. Other processing may be based on performance of a contract, legal obligation, legitimate interests in operating and protecting the app, or the establishment, exercise, or defense of legal claims. Where EEA or UK privacy law applies, these lawful bases are used according to the nature of the information and the purpose for which it is handled.
Information may also be used in aggregated or de-identified form for app quality, analytics, security review, business planning, and compliance. Such information is not intended to identify a particular user when maintained in that form.
How service providers and legal requests are handled
Ditofi may share information with service providers that help operate, secure, host, analyze, maintain, or support the app. These providers are authorized to handle information for assigned service purposes and are expected to apply appropriate confidentiality, security, and data-handling safeguards.
App stores, payment platforms, mobile operating systems, analytics providers, hosting providers, crash reporting tools, communications providers, and security vendors may receive information in connection with their roles. Some of these parties may also process certain information under their own terms when they act independently.
Information may be disclosed when required by law, legal process, regulatory request, tax or accounting obligation, fraud-prevention need, security investigation, rights enforcement, or a business transfer such as a merger, financing, reorganization, or sale of assets. Sharing is limited to what is reasonably relevant to the purpose.
Because Ditofi may be offered globally and supported by providers in different regions, information may be transferred to, accessed from, or stored in jurisdictions that do not have the same privacy laws as your home region. When required, we use appropriate safeguards for cross-border handling, such as contractual protections, provider assessments, limited access controls, or other legally recognized transfer measures.
What affects the length of time information is retained
Information is kept for the period reasonably needed for app operation, purchase validation, user-request handling, security, troubleshooting, legal compliance, accounting, dispute management, and enforcement of rights. Different records may have different retention periods because their legal and operational purposes differ.
Content and app records may be removed or become unavailable when they are no longer needed, when you delete them through available app controls, or when retention is no longer justified. Some records may remain longer in backups, logs, purchase records, legal files, or security archives until deletion is practical or legally appropriate.
Where information has been aggregated or de-identified, it may be retained without a fixed user-level deletion schedule if it no longer identifies an individual.
Safeguards used to reduce privacy risk
Ditofi protects app information with operational controls chosen for the type of record and the role of the provider handling it. Those controls can include restricted access, secure transmission practices, provider review, activity logging, and internal checks for misuse or failure.
Security risk cannot be removed completely from mobile apps, networks, stores, or hosting systems. When a security event creates a legal notice duty, the operator will assess the event and give the notices required by applicable law.
What you can request about app information
Available choices may include changing device permissions, adjusting app or platform settings, deleting content through available controls, limiting optional information you provide, or contacting us about a privacy request. App-store purchase records and platform-controlled payment information may also need to be managed through the relevant app store.
Privacy rights vary by law, but may include access, correction, deletion, portability, objection, restriction, withdrawal of consent, or appeal of a privacy decision. Requests will be evaluated under the law that applies to the request, the type of information involved, and any legal reason we may need to retain or decline to change a record.
If consent is the basis for a specific processing activity, withdrawing consent affects future handling for that activity. It does not automatically undo earlier processing or remove records that remain necessary for legal, security, purchase, accounting, or dispute purposes.
Safeguards that apply to age-sensitive use
Ditofi should be used only by individuals who have the legal capacity to use mobile apps in their region or who use the app with appropriate parent or guardian involvement. If a parent or guardian believes that a minor has provided information requiring action under applicable law, a privacy request can be sent through the request channel below.
When we become aware that information requires special treatment because of a user's age, we will take reasonable steps required by applicable law, which may include deletion, restricted use, or guardian-directed communication.
How to contact us about privacy questions
Privacy requests for Ditofi should be sent to mail@ditofi.com. The operator will review requests under the law that applies and respond through a reasonable privacy channel.
A request may be declined or limited when legal duties, security needs, or the rights of another person require that result.
Update Record
This Privacy Policy may be revised when app operations, legal requirements, provider arrangements, platform rules, or privacy practices change. The revised version will be posted or made available through an appropriate app or web channel.
The dates in the version line identify when this Policy became operative and when the current text was most recently revised. Continued use of Ditofi after a revised Policy is made available means the updated Policy applies to later handling of information, subject to any consent or notice requirements imposed by law.