Last updated: April 14, 2026
This Privacy Policy explains how truethinks ltd ("we", "our", "us"), the operator of the Phova application, collects, uses, and protects your personal information. By using Phova, you agree to the terms described here.
1. Information We Collect
Device Information. When you first open the app, we generate a unique device identifier so you can start using Phova without signing up.
Account Information (optional). If you create an account, we collect your name, email address, and an encrypted password.
Photos and Images. When you use our transformation features, the photos you upload are processed through third-party AI services (Wiro AI, ByteDance Seedream, Kling AI) to produce your requested output. These photos are used only for your requested transformation and are not used to train AI models.
Usage Data. We collect usage patterns — transformation history, credit usage, and in-app interactions — to improve our service.
Push Notification Tokens. If you grant notification permission, we store your device push token so we can notify you when your transformations are complete.
2. Third-Party AI Processing
Your photos are processed using third-party AI providers. By submitting a photo:
- Your image is transmitted securely to the provider
- The provider processes the image using the AI model you selected
- The transformed output is returned to our servers and made available in your history
We recommend reviewing the privacy policies of Wiro AI (wiro.ai), ByteDance, and Kling AI for full details of their data handling practices.
3. How We Use Your Information
We use your information to:
- Provide and maintain the Phova service
- Process your photo and video transformations
- Manage your account and credit balance
- Send transactional notifications (e.g., transformation complete)
- Improve and secure our service
- Comply with legal obligations
We do not sell your personal data.
4. Data Storage and Security
Your data is stored on secure servers in the European Union. We use HTTPS for all data transfers and hash passwords using industry-standard algorithms. Access to production systems is restricted to authorized personnel only.
5. Data Retention
- Active accounts: data retained while your account is active
- Anonymous accounts: deleted after 12 months of inactivity
- Uploaded photos: deleted from our servers within 30 days of the transformation
- Transformation outputs: retained in your history until you delete them or your account
6. Your Rights
Under the UK GDPR and EU GDPR, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and all associated data
- Export a copy of your data
- Withdraw consent at any time
- Lodge a complaint with your local data protection authority
To exercise these rights, use the account deletion feature in the app or contact us at [email protected].
7. Children's Privacy
Phova is not intended for children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact [email protected] and we will delete it.
8. International Data Transfers
If you access Phova from outside the UK or EU, your data may be transferred to and processed in countries with different data protection laws. Where required, we rely on Standard Contractual Clauses approved by the UK ICO or the European Commission.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced within the app. The "Last updated" date at the top reflects the most recent revision.
10. Contact Us
If you have questions about this Privacy Policy or your data, contact:
truethinks ltd 128 City Road, London, EC1V 2NX, United Kingdom Email: [email protected] Support: [email protected] Phone: +44 77 9314 3501