Privacy Policy

Brollr ("we", "us") respects your privacy. This policy explains what data the app accesses and how it is handled.

Data We Access

Videos & Photos

Accessed via the iOS Photos framework for import. Videos are processed entirely on-device for trimming, export, and metadata extraction. When you tap "Generate" for AI keywording, compressed video frames are sent to a third-party AI service for analysis.

Device Location

Optional. When enabled, GPS coordinates are embedded in video metadata for stock footage context (e.g., "shot in Dubrovnik"). Location is never sent to our servers.

FTP Credentials

Your BlackBox FTP username and password are stored in the iOS Keychain (hardware-encrypted). They are used solely to upload files to portal.blackbox.global and are never transmitted elsewhere.

Device Attestation

Apple App Attest is used to verify the app's authenticity when communicating with our backend. Attestation tokens are stored server-side (Cloudflare Workers KV) to prevent replay attacks.

Subscription Data

Managed entirely by Apple via StoreKit 2. We receive entitlement status (active/expired) but never see payment details.

Third-Party Services

• AI Analysis Service — Compressed video frames are sent to a third-party AI service for analysis (keywording, titles, descriptions). The service provider's privacy policy applies to data processed by their API. No video data is retained by our backend after processing.
• BlackBox Global FTP — Videos are uploaded to BlackBox's FTP server at your request. BlackBox's own terms and privacy policy govern data after upload.
• Apple App Store / StoreKit — Subscription purchases and management are handled by Apple.

What We Do Not Collect

• No analytics or tracking SDKs
• No advertising identifiers
• No personal information beyond what's listed above
• No server-side logging of user activity

Data Retention

• All app data (videos, metadata, thumbnails) is stored on-device in the app sandbox
• Deleting the app removes all local data
• FTP credentials are removed from Keychain when the app is deleted
• Server-side attestation records are automatically purged

Your Rights

• Delete all data by removing the app
• Revoke Photos or Location access in iOS Settings at any time
• Contact us: yesplease.boats@gmail.com

Changes to This Policy

Updates will be posted on this page with a revised effective date.