Hot Shot [Privacy Policy]

Privacy Policy

Last updated · 2026-05-12

HotShot ("we", "us") respects your privacy. This policy explains what data we collect when you use this website (hotshot.cam), our iOS app, and related services.

PLACEHOLDER — Replace with legally-reviewed copy before launch. The text below covers the current state of the project (email waitlist + future iOS app) but is not a substitute for legal review.

1. Information we collect

Waitlist signups (this website)

When you join our waitlist, we collect:

  • Your email address
  • The timestamp of your signup
  • Basic request metadata (IP address, user agent) collected by our hosting provider for security purposes

We use this to notify you when the HotShot iOS app is available. We will not sell or share your email.

HotShot iOS app

When you use the HotShot app, the following data is processed:

  • Photos you capture or import are sent to our processing server (Cloudflare Workers) and then to Google Gemini for AI processing. Photos are not stored on our servers after processing completes.
  • Device-level identifiers (Apple App Attest tokens) are used to prevent abuse and verify legitimate app installations. These tokens do not identify you personally.
  • App usage analytics: specify any analytics SDK if added (e.g., none, Apple App Analytics only, RevenueCat, etc.)

2. How we use your information

  • To deliver AI-processed photos back to you
  • To notify you about launch and major product updates (waitlist only)
  • To prevent abuse and ensure service security
  • To comply with legal obligations

3. Third-party services

We rely on the following processors. Each has its own privacy policy:

  • Cloudflare — website hosting, email storage, edge compute
  • Google Gemini API — AI image processing
  • Apple App Attest / App Store Connect — device verification and app distribution
  • Firebase — App Check and abuse prevention

4. Data retention

  • Waitlist emails: retained until you ask us to delete them or one year after launch, whichever is sooner.
  • App photos: not retained after processing.
  • Logs and security data: retained for up to 30 days for abuse prevention.

5. Your rights

Depending on where you live (GDPR, CCPA, etc.), you may have the right to:

  • Request a copy of your data
  • Request deletion of your data
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise any of these rights, email privacy@hotshot.cam.

6. Children

HotShot is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect data from children. If you believe a child has provided us with information, contact us and we will delete it.

7. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be communicated via email to waitlist subscribers and in-app notification for app users.

8. Contact

Questions or requests: privacy@hotshot.cam

Operator: legal entity name + business address required for GDPR — fill before launch