Privacy Policy

What we collect

Nothing. Maskr does not collect, store, or transmit any personal information. The app has no account system, no analytics, no advertising SDKs, no crash-reporting services, and no third-party trackers. The App Store privacy label for this app is “Data Not Collected.”

How your photos are processed

All image processing — face, text (OCR), barcode, and QR code detection, the sensitive-text rule engine, and the mask renderer — runs entirely on your iPhone or iPad using on-device frameworks (Apple Vision, Natural Language, Core Image, and a small bundled Core ML model). No image, OCR text, or barcode payload is ever uploaded to any server.

Maskr makes zero network requests at runtime. The app ships with no networking SDKs and does not open a connection for any reason.

Face data

Maskr uses on-device face detection (Apple Vision) to locate the position of faces in the photo you import or capture. This is used only to draw a mask over each face before you share the image.

• Maskr does not perform face recognition or identification. It does not generate, derive, or store any biometric template, face embedding, faceprint, or any other persistent representation of a face.
• Face detection runs entirely on your device. No face data — including the source photo, the detected face region, or any intermediate inference output — is transmitted to Maskr, to Apple, or to any third party.
• Detection results live only in memory for the duration of a single editing session and are discarded when you close the photo.

OCR text and sensitive content

Maskr recognizes text inside your photo on-device so it can find phone numbers, emails, IDs, bank cards, addresses, order numbers, license plates, and similar sensitive categories. The recognized text is used only in memory by the redaction pipeline and is never written to disk, never logged, and never transmitted. The only output that lives past the editing session is the masked image you choose to save or share.

Permissions

• Camera — used only when you choose to take a photo inside the app. Maskr does not record or transmit the camera feed.
• Add to Photos — used only when you tap “Save” to write the masked image back to your photo library. Maskr does not request read access to your existing photos; importing uses the system PHPicker, which hands the app only the photos you explicitly pick.

You can revoke either permission at any time in iOS Settings → Privacy & Security.

Data stored on your device

Maskr persists only the following locally, only on your device:

• Feature preferences: detection category toggles, default mask style and intensity per category, export defaults (format, quality, max long side, metadata policy).
• App language and UI preferences.

No image bytes, OCR text, detection metadata, filenames, or anything derived from your photos is persisted. This data is never synced to a server. Deleting the app removes it completely.

Temporary files

Maskr writes a per-export folder to the system temporary directory only when you tap “Save to Files” or export to PDF. This folder holds the encoded export bytes just long enough for the system file picker to consume them, and is deleted on both the success and cancel paths of the picker.

The Share Extension drops imported image bytes into a private App Group inbox so the main app can pick them up when you open it. The main app drains the inbox on every launch and clears it immediately, whether or not the import succeeded.

Export, EXIF, and irreversibility

When you save or share a masked image, Maskr strips EXIF metadata — including GPS coordinates, camera serial numbers, and most other identifying fields — by default. You may opt in to keep only the original capture date in Settings; nothing else is preserved.

The mask is permanently baked into the exported pixels. The redacted output cannot be reversed back to the original photo by anyone who receives the image, including Maskr.

Children's privacy

Maskr does not knowingly collect any data from anyone, including children. The app is rated 4+ and is suitable for all ages.

Changes to this policy

If we materially change how the app handles data, we will update this page and update the “Effective” date above. Because there is no account system, we cannot notify you individually — please check this page from time to time.

Contact

For questions about this policy, email [email protected].