CrochetPal Privacy Policy

1. Who We Are

The data controller for the App is:

Answer42 LLC (a Delaware limited liability company, USA)
Privacy contact: iosdev@answers42.org

2. Summary

In short:

• Where your data lives. Your projects, imported patterns, profile name, and avatar are stored locally in the App's sandbox on your device.
• When data leaves your device. It leaves only when you import a pattern: in that case the App fetches the target URL directly from your device, and/or sends the relevant text or image data directly from your device to a third-party AI provider (such as OpenAI or DeepSeek) over HTTPS.
• What we don't do. We do not maintain accounts on our servers, do not collect analytics, do not use advertising or tracking SDKs, do not collect device or advertising identifiers, do not collect your location, and do not sell or rent your data.

The rest of this Policy explains the details.

3. Information We Process

3.1 Information you provide and store on your device

The following information is created or imported by you and is stored locally in the App's sandboxed storage on your iPhone or Apple Watch. It is not transmitted to Answer42.

• Pattern source materials. Photos, PDFs, pasted text, or URLs you import as the source of a pattern.
• Project data. Your saved projects, pattern structure, step-by-step progress, notes, and execution state.
• Profile information. Your display name (stored in iOS UserDefaults) and your avatar image (stored as a file in the App's sandboxed Documents folder).

3.2 Information transmitted to third-party services on your action

These transfers happen only when you trigger them in the App:

• Web fetches. When you import a pattern from a URL, the App fetches the URL contents directly from your device using an HTTPS request to the website you specified.
• AI provider requests. When you import or parse a pattern using AI-assisted features, the App sends the relevant input (for example, the URL you provided, the text content fetched from that URL, text extracted from a PDF, or text from a photo) directly from your device to the third-party AI provider selected for that request. See Section 5.

3.3 Information we do not collect

We do not collect or process the following, either through the App or on our servers:

• analytics, usage telemetry, or behavioral data;
• crash reports beyond Apple's standard, opt-in iOS crash reporting (which you control in iOS Settings → Privacy & Security → Analytics & Improvements);
• advertising identifiers (IDFA) or any other tracking identifiers;
• location, contacts, calendar, reminders, microphone, or browsing history;
• a copy of the inputs you send to third-party AI providers (those go directly from your device to the provider, not through us); or
• payment card information (handled by Apple under your Apple ID).

We do not operate user accounts on Answer42-controlled servers.

3.4 Future changes

As the App evolves, we may begin to use third-party services such as subscription-management providers, analytics or product-insight tools, crash-reporting, attribution, or advertising-related services. When that happens, we will:

• update this Privacy Policy to describe the specific third-party services used, the categories of data they process, and the legal bases or consent flows that apply;
• update our App Store Privacy Label to reflect the data actually collected; and
• where required by applicable law (for example, under the EU/UK GDPR or Apple's App Tracking Transparency framework), request your consent before that processing begins.

Until such an update is published, the description in Sections 3.1–3.3 reflects our current data practices.

4. How We Use Information

We use the information described above solely to operate the App for you, namely to:

• store and display your projects and pattern sources on your device;
• synchronize execution state between your iPhone and Apple Watch using Apple's WatchConnectivity framework, over Apple's secure local channel;
• send your requests, when you initiate them, to the third-party AI providers used to parse imported patterns;
• send local notifications to you when long-running operations complete; and
• process subscription entitlements through Apple's In-App Purchase system when subscription features are offered.

We do not use your information for advertising, behavioral profiling, or automated decision-making that produces legal or similarly significant effects about you. We do not sell or "share" (as those terms are defined under California or other comparable laws) your personal information.

5. Third-Party AI Providers

To parse imported patterns, the App connects directly from your device to one or more third-party large language model ("LLM") providers, which may include providers such as OpenAI and DeepSeek, among others. The specific provider used depends on App configuration.

When you trigger an import or parse, your input (the URL, fetched web content, PDF/photo extracted text, or text you provided) is transmitted over HTTPS from your device to the selected provider's API. The provider returns the structured pattern, which is then stored locally on your device.

We do not control how those third parties process, retain, or further use the content you submit through their APIs. Their handling of your data is governed by their own terms of service and privacy policies, which we encourage you to review:

• OpenAI Privacy Policy: https://openai.com/policies/privacy-policy
• DeepSeek Privacy Policy: https://chat.deepseek.com/downloads/DeepSeek%20Privacy%20Policy.html
• Other LLM providers, where applicable, will be identified in the App's configuration or release notes.

Data retention by third-party AI providers. Because we are not the operator of those services, content you submit may be retained by the provider in accordance with that provider's policies (for example, for abuse-monitoring or service-improvement purposes). The retention periods and protections applied by each provider differ. We encourage you not to include personal, confidential, or sensitive information in pattern imports beyond what is necessary.

6. Apple Services Used by the App

The App uses the following Apple-provided frameworks to deliver functionality. Apple's processing of any related data is governed by Apple's privacy practices, not ours.

• WatchConnectivity — to sync project state and commands between your iPhone and Apple Watch over Apple's secure local channel. Data is not transmitted to Answer42.
• PhotosUI (PhotosPicker) — to let you pick a photo as a pattern source or as your profile avatar. The selected image is processed on your device.
• UserNotifications — to deliver local completion alerts (for example, when a pattern import finishes). Notifications are generated locally on your device.
• CoreMotion (Apple Watch only) — to detect wrist-motion gestures for stitch-step control. Motion data is processed on-device on the Apple Watch and is not transmitted off the watch.
• StoreKit / App Store In-App Purchase — when subscription features are offered, payments and subscription state are managed by Apple under your Apple ID. We do not receive your payment information; we only receive the subscription entitlement state Apple makes available to the App.

7. Where Your Data Is Stored

• On your device. All projects, source files (photos, PDFs, text), profile data (name and avatar), and execution state are stored within the App's sandboxed storage on your iPhone or Apple Watch. They are included in your iCloud or local device backups only if you have those backups enabled in iOS Settings.
• In transit to third parties. When you import a pattern, the relevant input is transmitted to (a) the website you are importing from and/or (b) the AI provider you are using. We do not receive or store a copy of those inputs on Answer42-controlled servers.

All network communications initiated by the App use HTTPS.

8. Data Retention

• Local data. Local data remains on your device for as long as you keep the App installed. You can delete an individual project from within the App, edit or remove your profile, or uninstall the App to remove all locally stored CrochetPal data.
• Third-party data. Data transmitted to a third-party provider is retained by that provider in accordance with its own policies. We do not control and do not have visibility into those retention practices.

9. International Data Transfers

The App is offered globally. Because the App sends requests directly from your device to third-party AI providers and to the websites you choose to import from, your data may be processed in countries other than where you reside, including the United States, depending on the provider's and the website's infrastructure. The legal protections in those countries may differ from those in your home country.

Where required by applicable law (for example, the EU GDPR or the UK GDPR), the relevant third-party provider is responsible for implementing appropriate safeguards for those transfers. Because we do not receive a copy of your inputs on our own servers, we are not a separate "exporter" of that data.

10. Security

We rely on platform-level security provided by iOS and watchOS, including the App sandbox, secure enclave-backed device encryption (when enabled by you), and HTTPS for network communications. We do not store your data on Answer42-controlled servers, which reduces the surface area for a server-side breach.

No security measure is perfect, however, and we cannot guarantee absolute security of information transmitted to third parties, stored on a device whose passcode has been disclosed, or stored on a device that has been compromised (for example, jailbroken).

11. Your Rights

Depending on where you live, you may have rights under applicable data-protection laws, including:

• European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR / FADP). Rights to access, rectify, erase, restrict, or object to processing of your personal data; the right to data portability; the right to withdraw consent (where processing is based on consent); and the right to lodge a complaint with your local supervisory authority.
• California, USA (CCPA / CPRA). The right to know what personal information is collected, the right to delete personal information, the right to correct inaccurate personal information, the right to opt out of "sale" or "sharing" of personal information, and the right not to be discriminated against for exercising these rights. We do not sell or share personal information as those terms are defined under California law.
• People's Republic of China (PIPL). The right to access, copy, correct, delete, and restrict processing of your personal information; the right to withdraw consent; the right to data portability; and the right to an explanation of our processing rules.
• Other jurisdictions. Similar rights may apply under your local law.

Because the App does not maintain user accounts on our servers, most personal information stays under your control on your device. You can exercise your rights by:

• editing or deleting your local data directly within the App (for example, removing a project, clearing your profile, or uninstalling the App);
• contacting the relevant third-party AI provider directly to exercise any rights you have over data they hold; or
• contacting us at iosdev@answers42.org with any questions or requests.

We will respond to verifiable requests within the time required by applicable law. To protect your data, we may ask you to provide reasonable information to verify your request.

12. Children's Privacy

The App's content is rated for general audiences. However, the App is primarily intended for users 13 years of age or older, and is not directed at children under the age of 13 within the meaning of the U.S. Children's Online Privacy Protection Act ("COPPA"), the EU/UK GDPR provisions on children's data, or similar laws in other jurisdictions.

We do not knowingly collect personal information from children under 13. The App does not currently operate user accounts on our servers and does not currently run analytics, advertising, or tracking SDKs. The only data the App processes about a user is what that user voluntarily provides on their device (for example, a chosen display name or avatar) and what they choose to send to a third-party AI provider when importing a pattern.

If we learn that we have inadvertently received personal information from a child under 13, we will delete that information promptly.

If you are a parent or guardian and you believe your child under 13 has used the App or provided personal information to a third-party AI provider through it, please contact us at iosdev@answers42.org. We will help direct you to the relevant third-party provider's process and, where we hold any such data ourselves, delete it.

Parents and guardians are responsible for supervising minors' use of the App, including their interaction with third-party AI features.

13. Permissions Requested by the App

The App may request the following iOS permissions, each of which you may grant or deny in iOS Settings → Privacy & Security:

• Photo Library access (PhotosUI) — to allow you to select an image as a pattern source or as your avatar.
• Notifications — to deliver local completion alerts for long-running operations such as pattern imports.

The App does not request access to your camera, microphone, contacts, calendar, reminders, location, advertising identifier, motion data on the iPhone, or other sensitive resources. (On Apple Watch, CoreMotion is used solely for on-device wrist-gesture detection, as described in Section 6.)

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective Date" at the top. If the changes are material, we will provide additional in-app or other notice as required by applicable law. We encourage you to review this Policy periodically.

15. Contact Us

If you have questions or requests regarding this Privacy Policy or your personal information, please contact:

Answer42 LLC
Email: iosdev@answers42.org