Privacy Policy

1. Who we are

Contract Maker Pro ("we", "us", "our") is the developer of the iOS application "Contract Maker Pro". This Privacy Policy explains what information the app handles when you use it and how we treat that information.

The only way to contact us about privacy is by email at golukicoding@gmail.com.

2. What we do not collect

We want this section first because it's the most important thing to know:

• No account is required to use Contract Maker Pro. We do not ask for, collect, or store your name, email, phone number, address, or any other identifying information at sign-up — because there is no sign-up.
• Your contracts and drafts never leave your device by default. Templates, the drafts you create, the parties you save, and the signatures you capture are stored locally in the app's private sandbox on your iPhone or iPad. We do not have a server-side copy of any of it.
• We do not sell, rent, or share your personal information with advertisers, data brokers, or marketers. Ever.

3. What is collected, and why

For the app to function and improve, a small amount of non-content data is processed:

Anonymized usage analytics (Firebase Analytics)

We collect events such as "app opened", "template viewed", "draft saved", and "export started" so we can understand which features are useful and which are broken. These events do not contain the text of your contracts, the names of parties you list, or any identifying details. The app actively redacts any field whose name suggests personal information (name, email, phone, address, body, content, etc.) before sending. Analytics is associated with a Firebase Installation ID, which is not linked to your identity.

Crash reports (Firebase Crashlytics)

If the app crashes, a crash report is sent so we can fix the bug. Crash reports include the iOS version, device model, and a stack trace. They do not include your contract text or personal data.

Subscription state (RevenueCat + Apple)

If you subscribe to Contract Maker Pro, the App Store handles the payment — we never see your card. RevenueCat, our subscription-management vendor, receives an anonymous user identifier so it can tell the app whether your subscription is active. RevenueCat may also receive purchase metadata from Apple (product purchased, transaction date, country) for receipt validation.

AI feature inputs (only when you invoke them)

Pro features such as Smart Start, Risk Scan, Explain, and Rewrite send the specific text you asked us to analyze (for example, the description you typed into Smart Start, or the clause you asked us to rewrite) to a relay server we operate, which forwards it to OpenAI's API for processing. The response is returned to your device. We do not retain these inputs or outputs on our relay; OpenAI's data-handling terms govern what they do with the request (see their policies). If you do not use AI features, no contract content is ever transmitted off your device.

Permissions we request

• Contacts — only if you tap "Add from Contacts" while building a party. We read the contact you select on-device; we do not upload your address book.
• Face ID / Touch ID — only if you enable app-lock in Settings. Authentication happens on-device through Apple's Secure Enclave; we never see your biometric data.

4. How long we keep things

• Your local data (drafts, templates, signatures, profile) stays on your device until you delete it or uninstall the app. Uninstalling the app deletes all locally stored data.
• Analytics events are retained by Firebase for up to 14 months on standard settings.
• Crash reports are retained by Crashlytics for up to 90 days.
• Subscription records are retained as required by Apple's App Store and applicable tax / accounting law.

5. Third-party services we rely on

The app integrates with these services. Each is bound by its own privacy policy.

• Apple App Store — payment processing, subscription billing, receipts. (apple.com/legal/privacy)
• RevenueCat — subscription state and entitlements. (revenuecat.com/privacy)
• Google Firebase (Analytics + Crashlytics) — anonymized analytics and crash reporting. (firebase.google.com/support/privacy)
• OpenAI — AI feature processing, only when you invoke an AI feature. (openai.com/policies/privacy-policy)

6. Your rights

Because we do not maintain a user account or a server-side record of your contracts, most data-subject requests are satisfied by managing the app on your device:

• Access / portability: You already have access to all your contracts. Export any draft from the app as PDF, Word, or plain text.
• Deletion: Delete a draft from inside the app, or uninstall the app to wipe all locally stored data.
• Opt-out of analytics: Turn off "Anonymous usage analytics" in the app's Settings → Privacy. The app will stop sending events.
• Opt-out of AI processing: Don't tap any AI button. The app never sends text to AI without an explicit action.
• California (CCPA / CPRA), EEA / UK (GDPR), Brazil (LGPD), and similar regimes: You have the right to know what we collect, request correction or deletion, and to lodge a complaint with your local data-protection authority. To exercise these rights, email golukicoding@gmail.com. We will respond within 30 days.

7. Children's privacy

Contract Maker Pro is not directed at children under 13, and we do not knowingly collect information from children. If you believe a child has used the app in a way that exposed their information to us, email golukicoding@gmail.com and we will investigate and remove anything we hold.

8. International transfers

Our third-party processors (Firebase, RevenueCat, OpenAI) operate in the United States. By using the app you acknowledge that the limited data described above may be transferred to and processed in the U.S. We rely on Apple's contractual safeguards and the standard contractual clauses (or equivalent) where required.

9. Security

Local data on your device is protected by iOS sandboxing and (if you enable it) Face ID / Touch ID app-lock. Network requests use HTTPS. We follow reasonable industry practices to keep our minimal infrastructure secure, but no system is perfectly secure — please do not put information in a draft that you would be unwilling to lose if your device were lost or compromised.

10. Changes to this policy

We may update this policy as the app evolves. Material changes will be highlighted at the top of this page and reflected in a new "Last updated" date. Continuing to use the app after a change is acceptance of the updated policy.

11. Contact

The only way to contact us about privacy is email: golukicoding@gmail.com. We respond to privacy inquiries within 30 days.