Privacy Policy

Last updated: 28 February 2026

HappyLoop ("we", "us", "our") operates the Passport Photo ID Maker mobile application (the "App"). This Privacy Policy explains how we collect, use, and protect your information when you use the App.

By using the App you agree to this policy. If you do not agree, please do not use the App.

1. Information We Collect

1.1 Photos You Provide

When you take a selfie or upload a photo, the image is sent to our processing server over an encrypted (HTTPS) connection. We use it solely to generate your ID photo and print-ready PDF.

1.2 Face Detection Data

The App uses Google ML Kit for real-time face detection to help you frame your photo. This processing happens entirely on your device. No face detection data is transmitted to our servers or any third party.

1.3 Payment Information

Payments are processed by Razorpay. We do not collect or store your credit card, debit card, UPI, or net-banking credentials. Razorpay's privacy policy governs payment data: razorpay.com/privacy.

1.4 Analytics (Optional)

If you opt in during the first launch, we collect anonymous usage analytics via Firebase Analytics (provided by Google). This includes:

• Document type selected
• Whether processing succeeded or failed
• App version and device type

We do not log payment IDs, photo file paths, or any personally identifiable information in analytics. You can opt out at any time from the App's settings.

1.5 Information We Do NOT Collect

• Your name, email address, or phone number
• Your location
• Contact lists or other personal data on your device

2. How We Use Your Information

Data	Purpose	Retention
Photo (selfie/upload)	Generate spec-compliant ID photo & PDF	Processed in-memory only. Not stored on our servers after the response is sent.
Face detection landmarks	Real-time framing guide on camera screen	On-device only. Never transmitted.
Payment transaction ID	Verify payment via Razorpay	Processed server-side for verification; not stored in our database.
Analytics events (opt-in)	Improve app experience, fix bugs	Retained by Firebase for 14 months per Google's policy.

3. Data Processing & Storage

Photos are transmitted over HTTPS to our backend hosted on Railway (cloud infrastructure). Images are processed in-memory and are never written to persistent storage. Once the processed photo is returned to your device, no copy remains on our server.

Processed photos and PDFs are saved to your device's gallery or private cache and are under your full control.

4. Third-Party Services

The App uses the following third-party services, each governed by their own privacy policies:

• Google Firebase Analytics — anonymous usage analytics (opt-in). Firebase Privacy
• Google ML Kit — on-device face detection. No data leaves your device. ML Kit Terms
• Razorpay — payment processing. Razorpay Privacy
• Railway — backend hosting. Railway Privacy

5. Data Security

We implement appropriate technical measures to protect your data:

• All data in transit is encrypted via HTTPS/TLS.
• Our backend API enforces rate limiting and input validation.
• Payment verification is performed server-side with HMAC signature validation.
• Our server runs as a non-root process inside an isolated container.

6. Your Rights

Under applicable data protection laws, including India's Digital Personal Data Protection Act (DPDP Act, 2023) and the EU General Data Protection Regulation (GDPR), you have the right to:

• Access — request information about what data we hold about you.
• Correction — request correction of inaccurate data.
• Deletion — request deletion of your data. Since we do not persistently store photos, deletion applies to analytics data only.
• Opt-out — disable analytics collection at any time from the App.
• Withdraw consent — you may stop using the App at any time.

To exercise any of these rights, contact us at privacy@happyloop.pro.

7. Children's Privacy

The App is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

8. Data Breach Notification

In the event of a data breach that affects your personal data, we will notify affected users and relevant authorities within 72 hours, as required by applicable law.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the App after changes constitutes acceptance of the revised policy.

10. Grievance Officer

In accordance with the DPDP Act, our Grievance Officer can be contacted at:

Email: privacy@happyloop.pro
Response time: within 30 days of receiving the request.

11. Contact Us

If you have questions about this Privacy Policy, please contact us:

Email: support@happyloop.pro
Website: photoid.happyloop.pro