Privacy Policy
1. Overview
Wishfolio helps you save and organize products from social and social-commerce content. This Privacy Policy explains what information Wishfolio collects, how it is used, and the choices available to you.
2. Information We Collect
We collect Apple Sign in identity information, including the Apple user identifier, email address when Apple provides it, including private relay email addresses, and display name when provided.
We collect account and authentication information, including your Wishfolio user id, issued access and refresh tokens, refresh-session token hashes, token expiration, rotation, revocation, and last-used metadata. If Apple authorization code exchange is available, we may store an encrypted Apple refresh token so account deletion can revoke the Apple token.
We collect user content you submit or create in the service, including imported social URLs, source platform identifiers, captions or other media-derived text when stored, creator username or display name, detected products, brands, categories, colors, source signals, confidence values, creator notes, folders, saved products, folder assignments, product edits, and hidden product state.
We collect import processing information, including import status, errors, failure stage, retry count, next retry time, job id, queue lane, queue enqueue errors, processing timestamps, cache-hit metadata, provider names, token counts, processing cost estimates, and related job metadata.
We collect purchase and subscription information through RevenueCat and the Apple App Store, including RevenueCat App User ID, App Store subscriber identifiers and metadata, entitlement status, premium expiration, product identifiers, purchase, renewal, cancellation, refund, billing, and webhook metadata needed to manage access.
If you enable notifications, we collect APNS device token records, device id, bundle id, environment, active/deactivated state, registration and last-seen timestamps, and push delivery metadata.
The app includes Tenjin for attribution and analytics. Tenjin and related app code may process install attribution, app/device metadata, analytics installation id, customer user id, SKAdNetwork attribution data, and custom events such as first import completion or first free import limit reached. Access to the advertising identifier (IDFA) is requested through Apple App Tracking Transparency. If you decline tracking, IDFA is not available to the app.
We collect technical, security, and operational data such as IP address, user-agent, request path, timestamps, request duration, status code, rate-limit identity, error logs, provider errors, queue metrics, and abuse or security metadata.
For abuse prevention after account deletion, we keep a non-reversible HMAC hash of the Apple account identifier, the provider name, free import quota count, deleted account count, first seen, last seen, and deletion timestamps. This quota ledger does not include email, name, raw Apple ID or subject, auth tokens, folders, imports, products, captions, media, or other user content.
3. How We Use Information
We use information to create accounts, sign you in, maintain sessions, provide import and product extraction features, save folders and products, show import history, enforce premium entitlements and free quota limits, prevent fraud and free quota abuse, send push notifications, measure attribution and campaign performance where permitted, debug errors, protect security, improve reliability, and operate the service.
4. Third-Party Services and Processors
Wishfolio uses Apple for Sign in with Apple, App Store purchases and subscriptions, App Tracking Transparency, SKAdNetwork attribution, and Apple Push Notification service.
Wishfolio uses RevenueCat for subscription, customer, entitlement, offering, restore purchase, webhook, and subscriber management.
Wishfolio uses Tenjin for attribution and analytics, including install attribution, analytics installation identifiers, custom events, and IDFA only when available under Apple ATT.
Wishfolio uses Google Gemini for AI-assisted product extraction from submitted or resolved media, captions, and YouTube URLs. Wishfolio also uses ScrapeCreators to resolve supported TikTok and Instagram URLs into media URLs, captions, creator metadata, and canonical media identifiers. Do not assume provider data-use or training restrictions beyond the applicable provider terms and our provider settings unless Wishfolio confirms them in writing.
Wishfolio also uses hosting, database, queue, logging, monitoring, and network infrastructure to run the backend, store data, process jobs, and keep the service reliable.
5. Tracking and IDFA
Wishfolio requests tracking permission through Apple App Tracking Transparency with this purpose: "We use your device identifier to understand which ads led you to install Wishfolio and to measure campaign performance." If you allow tracking, the app may access IDFA for attribution and campaign measurement. If you decline tracking, IDFA is not available to the app.
6. Data Retention
We keep your account, folders, imports, saved products, and related content while your account exists unless deleted earlier by you or by product behavior.
Temporary downloaded media files used for processing are cleaned up after worker processing finishes. Import queue jobs are removed according to configured age and count thresholds; current defaults remove completed jobs after about 1 day and failed jobs after about 7 days, subject to queue count limits. Database import records and product extraction records may remain while needed to provide your account and cache product extraction results.
Technical logs are retained for a limited period for debugging, security, abuse prevention, and reliability.
RevenueCat and Apple subscription records are retained according to RevenueCat and App Store retention requirements and settings.
The HMAC quota ledger described above is retained after account deletion as necessary to prevent free quota abuse unless Wishfolio later sets and publishes a more specific retention or expiry policy.
7. Account Deletion
You can delete your account in the app. The backend account deletion process is designed to revoke the Apple account token when available or after Apple reauthorization, remove queued import jobs, deactivate APNS tokens, delete shared preview snapshots, redact RevenueCat webhook personal data, schedule and attempt RevenueCat subscriber cleanup, and delete the local user record. Deleting the local user record cascades deletion of account-tied folders, imports, saved products, APNS token records, auth sessions, and related account content in the Wishfolio database.
Some records may remain where needed for legal, security, billing, or fraud-prevention reasons. In particular, the non-reversible Apple quota ledger hash may remain after deletion and does not contain raw Apple identifiers or user content.
8. Your Choices
You can choose whether Apple shares your real email or a private relay email during Sign in with Apple. You can allow or deny tracking permission in Apple ATT and later change it in iOS Settings. You can allow, deny, or disable push notifications in iOS Settings. You can manage or cancel subscriptions through your Apple account subscriptions. You can restore purchases in the app. You can delete your account in the app. You can contact us at the email above for privacy requests.
9. Children
Wishfolio is not intended for children under 13, and we do not knowingly collect personal information from children under 13.
10. International Users
Wishfolio may process information in countries other than where you live. Data protection laws in those countries may differ from your local laws.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above.
12. Contact
Questions or privacy requests can be sent to support@wishfolioapp.com.