Privacy Policy
This Privacy Policy explains what information Nora ("we", "us", "our", "the app") collects, how that information is used, and the choices you have. It applies to the Nora iOS application available on the Apple App Store and to any related screens and services we operate.
We built Nora with a strong privacy posture: your selfies are not stored on our servers, your saved looks live on your device, and nothing that identifies you personally is ever sold. The sections below describe exactly what that means in practice.
1. Who we are
Nora is operated by Chuka Ufomadu, 7901 4th St N STE 300, St. Petersburg, FL 33702, USA (the "company", "we"). If you have questions about this policy, you can reach us at norahairapp@gmail.com.
For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, Chuka Ufomadu is the data controller of any personal information we collect through Nora.
2. What Nora does
Nora helps you preview hairstyles on your own selfie using artificial intelligence. You choose a selfie, pick a hairstyle from our catalog, optionally choose a hair color, and the app generates an image of you wearing that style.
To make this possible we use:
- Apple iOS frameworks for camera, photo library access, and the share sheet
- Google Firebase for app authentication, secure storage of the hairstyle reference images we ship with the app, and infrastructure services such as App Check
- Google's AI service (a generative-AI image-editing model) to produce the previewed hairstyle from your selfie and a hairstyle reference
- RevenueCat for managing your subscription state across devices, matching App Store receipts to entitlements, and powering the "Restore Purchases" flow
Sections 3–5 describe what information is involved in each step and how we treat it.
3. Information we collect
3.1 Information you provide
- Your selfie. When you start a generation, you pick a photo from your camera or photo library (with your explicit iOS permission). The selfie is held in the app's memory only while you are using the editor. Nora does not upload your selfie to our own servers. We do not store it in Firebase Storage, Firestore, or any other Nora database.
- Subject and message text you type into the in-app Contact Us form. This is composed into a
mailto:email in your default mail client. We only receive what you choose to send.
3.2 Information needed to use AI features
- When you tap Apply, the app sends the following to Google's AI API so the model can generate a new image:
- Your selfie (as in-memory image data)
- The hairstyle reference image (downloaded from Firebase Storage)
- The text prompt assembled from our catalog
- Google processes this data according to Google's own privacy terms (see section 7).
- We do not keep a copy of your selfie or of the generated image on our servers after the request completes.
3.3 Information collected automatically
- Anonymous device identifier. When Nora first launches we sign you in to Firebase using anonymous authentication. This creates an anonymous UID for your installation. The UID is not linked to your name, email, Apple ID, or any other personal identifier.
- App Check token. Firebase App Check uses Apple's App Attest / DeviceCheck APIs to verify that requests to our backend come from a genuine, unmodified copy of Nora. The token is generated by Apple and does not contain personal information.
- Basic device information. Operating system version, device type, app version, and similar non-personal information that the Firebase SDKs report by default.
- Diagnostic logs. Locally-written logs on your device used for debugging (e.g., "save tap", "generation succeeded"). These do not leave your device unless you opt in to share diagnostic information with us via support.
3.4 Information stored on your device only
- Lookbook. When you tap the heart on a generated look, the image is written to your device's local app sandbox at
Documents/Lookbook/. This data lives on your phone, is not synced to our servers, and is excluded from your iCloud device backup. - Photos library save. When you confirm a save, Nora also writes the image to your iOS Photos library (with the add-only permission you granted). What happens to that copy is governed by your iCloud / Photos settings, not by Nora.
- Consent flag. We store a single Boolean ("you have seen the privacy disclosure") in
UserDefaultsso we don't show the modal every time.
3.5 Information we do not collect
- Your name, email address, phone number, or Apple ID
- Your contacts, calendar, location, or microphone audio
- Photos other than the selfie you explicitly hand to the editor for a single generation pass
- The contents of your iOS Photos library
- Browsing history, cookies, or cross-app tracking identifiers
- Any data sold to advertisers — we do not sell personal data.
3.6 Face data — important disclosure
Nora processes selfies that contain your face. We want to be explicit about exactly what we do and do not do with face data, so that you can make an informed decision before tapping "Agree & Continue."
What face data Nora processes:
- The selfie image you choose. Nothing more. We do not extract face landmarks, do not run face-recognition, do not build a face embedding or biometric template, and do not use Apple's Vision framework, ARKit FaceID, or any biometric API on your photo.
- Nora does not identify you, authenticate you, or recognize you by face. The app treats your selfie as a generic image input that an AI model edits — the same way a photo-editing app would.
How it's used:
- The selfie is sent to Google's Gemini AI (specifically the Gemini image-editing model accessed via Firebase AI Logic) at the moment you tap "Apply", together with the hairstyle reference image and a text prompt. Google's AI generates a new image showing your hairstyle replaced. That single generated image is returned to Nora.
Who it's shared with:
- Google, and only Google, at the moment of generation. The data is processed according to Google's privacy terms (see section 7). No other third party — not advertising networks, not analytics SDKs, not marketing platforms — ever receives your selfie or any generated image.
Where it's stored:
- Nowhere on Nora's servers. Nora does not have a database of selfies; we do not write your face image to Firebase Storage, Firestore, or any other Nora-owned backend.
- On Google's side, the image is processed through Google's Gemini API. Because Nora uses Google's paid tier (via the Firebase Blaze plan with billing enabled), Google's terms explicitly state that Google does NOT use your selfie or our prompts to train AI models or improve Google's products. See Google's billing documentation and zero-data-retention documentation for confirmation.
- On your device, the selfie lives in app memory only while the editor is open. The moment you discard a generated result, leave the editor, or close the app, iOS reclaims that memory.
Google's retention practice (in Google's own infrastructure):
- No training use. As above: Google does not use your prompts or images to train, fine-tune, or improve its AI models on the paid tier that Nora uses.
- Abuse-monitoring logs. Google retains prompts and responses for a limited period solely to detect violations of Google's Prohibited Use Policy, then deletes them. This is the same anti-abuse posture every major hosted AI provider applies. Nora does not have access to these logs.
- In-memory caching. Google caches data in RAM (never on disk) for up to 24 hours to reduce latency. Cache contents are isolated to the Nora project and discarded after the TTL.
- No grounding, no session resumption, no explicit context caching. Nora does not use Gemini features that would extend retention (Google Search grounding, Maps grounding, Live API session resumption, or
cached_content). Our requests are one-shot generations only. - No advertising use. Google does not use Gemini API prompts or responses for advertising or to personalize ads.
How long it's retained:
- By Nora: zero. The selfie is never persisted to disk by the app. Memory holds it only during one editor session.
- By Google: governed by Google's own retention policy for AI Developer API requests.
- By Apple Photos (only if you tap Save): a copy of the generated image is written to your iOS Photos library if and only if you explicitly tap the "Save" button. The original selfie is never written to your Photos library by Nora.
Your control:
- You see the Generate AI Content modal before your very first generation. It explicitly names Google as the recipient. If you tap Cancel, no data leaves your device.
- You can revoke camera or photo-library permission at any time in iOS Settings → Privacy → Photos / Camera → Nora.
- You can request deletion of your records at any time by emailing norahairapp@gmail.com (see section 8).
4. How we use the information
We use the information described in section 3 to:
- Generate the hairstyle preview you requested
- Authenticate your anonymous app installation with our backend
- Verify that requests come from a real copy of Nora (App Check)
- Diagnose crashes and fix bugs
- Communicate with you when you proactively contact us
- Comply with legal obligations and protect against fraud or abuse
We do not use your selfie, your generated images, or your saved Lookbook entries to train our own AI models. We do not have an AI training pipeline of our own; generation is performed by Google's AI model on Google's infrastructure.
5. How we share information
We share information only in the limited circumstances listed below.
- Google (Firebase and AI) — We share your selfie, the hairstyle reference image, and the prompt at the moment of generation, plus your anonymous UID and App Check token on every backend request. This is so Google can run the AI generation and the supporting infrastructure.
- Apple — When you purchase Nora Premium, your subscription and receipt information are shared with Apple so they can process the App Store payment and entitlement.
- RevenueCat — We share your anonymous app user ID and the App Store receipt for any subscription purchase with RevenueCat so they can verify entitlements, sync subscription state across your devices, and power "Restore Purchases". RevenueCat does not receive your selfie, generated images, or any data about hairstyles you try on.
- Our email provider — Anything you type into the Contact Us form is delivered to our support inbox so we can respond to you.
- Authorities (when legally required) — Information we hold may be disclosed if we are compelled to do so by valid legal process.
We do not sell or rent any personal information.
6. Retention
- Selfies: held in app memory only for the duration of one editor session. Released to the operating system the moment you discard a result, leave the editor, or close the app. Never written to disk by Nora.
- Reference images: cached in memory while you use the app to avoid re-downloading every time you change a style.
- Generated images: held in memory only while you view the result. Released when you cancel, discard, or save (unless saved, in which case a copy goes to your Lookbook and/or Photos library as described in section 3.4).
- Lookbook entries: kept on your device until you delete them in the app's Lookbook tab.
- Anonymous Firebase UID: kept for as long as you have Nora installed. Reinstalling Nora resets it.
- Contact emails: kept by our support inbox until the matter is resolved, then archived for up to 24 months for audit purposes.
7. Third-party services
Nora depends on the following third parties. Each handles data according to its own privacy policy, which you should read if you'd like more detail:
- Google Firebase — firebase.google.com/support/privacy
- Google AI — policies.google.com/privacy
- Apple (App Store, iCloud, Photos) — apple.com/legal/privacy
- RevenueCat (subscription management) — revenuecat.com/privacy
Nora uses Google's paid Gemini API tier (via the Firebase Blaze plan with billing enabled). On the paid tier, Google's terms explicitly state that Google does not use your prompts or images to train or improve its AI models. Google retains data only briefly for abuse monitoring (per their Prohibited Use Policy) and maintains a 24-hour in-memory cache for performance, with no at-rest storage.
See Google's documentation directly:
- Paid-tier billing terms: ai.google.dev/gemini-api/docs/billing
- Data retention details: ai.google.dev/gemini-api/docs/zdr
Additional safeguards we apply on the Nora side:
- Never sending more than the minimum data needed for one generation
- Not attaching identifying metadata to API requests
- Using anonymous Firebase Auth, so the UID associated with the request is not linked to your name or email
- Not using Gemini features that would extend retention (grounding, Live API session resumption, explicit context caching)
8. Your rights
Depending on where you live (e.g., EEA, UK, California), you may have the right to:
- Access the personal information we hold about you
- Correct any information that is wrong
- Delete your information ("right to erasure")
- Object to or restrict certain processing
- Withdraw consent at any time, where we relied on consent
- Lodge a complaint with a supervisory authority
To exercise these rights, email norahairapp@gmail.com. Because Nora links you to an anonymous UID, we may ask you to provide enough context (e.g., a recent generation timestamp, your device model, your App Store receipt) so we can locate your records.
9. Children's privacy
Nora is not directed to children under the age of 13 (or under 16 in the EEA / UK), and we do not knowingly collect personal information from anyone in that age group. The in-app photo guide explicitly tells users that photos of children are not acceptable input.
If you believe we have inadvertently collected information from a minor, please email norahairapp@gmail.com and we will delete it.
10. Security
We take reasonable, industry-standard measures to protect your information:
- All communication between Nora and Firebase / Google AI is encrypted in transit (HTTPS / TLS 1.2+).
- Anonymous-auth credentials are scoped per-installation; one user cannot read another's data even if a backend rule is misconfigured.
- App Check rejects requests from cloned, tampered, or non-Apple-signed copies of Nora.
- Local Lookbook entries are sandboxed by iOS to Nora's container; no other app can read them without explicit user action.
No system is perfectly secure, and we cannot guarantee absolute security of information sent over the internet.
11. International transfers
Google and Apple operate globally. Information you send through Nora may be processed in countries other than your own, including the United States. Where required, we rely on Standard Contractual Clauses or the equivalent for cross-border transfers.
12. Changes to this policy
We may update this policy from time to time. When we do, we will:
- Update the "Last updated" date at the top
- Post the new version at the same URL where you found this one
- For material changes, surface a notice inside Nora
Continued use of the app after the new policy takes effect means you accept the updated terms.
13. Contact
Privacy questions, data-rights requests, or anything else:
Chuka Ufomadu
7901 4th St N STE 300, St. Petersburg, FL 33702, USA
norahairapp@gmail.com
We typically respond within 24 hours.