Short version: WhoTook is a privacy-first app. You control your photos. People in your photos are notified and must consent before their image is stored. We never sell your data.
1. Who We Are
WhoTook ("we," "us," or "our") is a mobile application that notifies people when photos are taken of them and gives them control over whether those photos are retained. This Privacy Policy applies to the WhoTook app for Android and any related services.
Contact: support@whotook.app
2. Information We Collect
Account Information
When you create an account, we collect your email address. We use Amazon Cognito to manage authentication securely. We do not store passwords — authentication is handled entirely by Cognito.
Profile Information
You may optionally provide your name and city. This information is stored in our database and displayed to users you have photographed.
Biometric Data (Face Recognition)
WhoTook uses facial recognition technology powered by Amazon Rekognition. With your explicit consent, we index a selfie you provide to create a facial recognition profile. This allows the app to identify you in photos taken by other users and send you a notification.
We collect and store:
- A selfie image uploaded to secure cloud storage (Amazon S3)
- A facial recognition profile (face embedding/vector) stored in Amazon Rekognition
- A face identifier token linked to your account
Photos
Photos taken through WhoTook are uploaded to secure cloud storage. Photos that contain identified faces are stored in a blurred/redacted state until the photographed person gives their consent. If consent is denied, the photo is permanently deleted.
Device and Usage Data
We collect your Firebase Cloud Messaging (FCM) token to send you push notifications. We do not collect analytics, advertising identifiers, or usage tracking data.
Audit Logs
For legal compliance, we maintain logs of consent-related events (when consent was given, revoked, or updated). These logs are retained for compliance purposes.
3. Biometric Data — Special Notice
WhoTook collects and processes biometric identifiers as defined under the Illinois Biometric Information Privacy Act (BIPA) and similar state laws. The following disclosures apply.
What we collect: Facial geometry derived from your selfie, used solely for identity matching within the WhoTook app.
Purpose: To notify you when another WhoTook user photographs you, so you can exercise consent over that photo.
Consent: We collect biometric data only after presenting you with a clear consent disclosure and receiving your affirmative agreement.
Retention: Your biometric data is retained for as long as your account is active, or for a maximum of 3 years from your last interaction, whichever is sooner. Upon account deletion or consent revocation, biometric data is permanently deleted within 30 days.
No sale: We do not sell, lease, trade, or profit from your biometric data.
Third parties: Your biometric data is processed by Amazon Rekognition (AWS) solely as a data processor under our instruction. AWS does not use your data for any independent purpose.
Revocation: You may revoke biometric consent at any time through the app. Revocation triggers immediate deletion of your facial recognition profile.
4. How We Use Your Information
- To operate the app and provide its core features
- To identify you in photos and send you consent notifications
- To maintain your account and profile
- To comply with legal obligations (including biometric data laws)
- To communicate with you about your account
We do not use your information for advertising, profiling, or any purpose beyond operating WhoTook.
5. How We Share Your Information
We do not sell your personal data. We share data only with the following service providers who process it on our behalf:
- Amazon Web Services (AWS) — cloud storage, face recognition, authentication, and database
- Google Firebase — push notification delivery
We may disclose information if required by law, subpoena, or to protect the safety of our users.
6. Data Retention
- Account data: Retained until you delete your account
- Photos: Retained until deleted by the photographer, or until the subject denies consent (immediate deletion)
- Biometric data: Deleted within 30 days of account deletion or consent revocation
- Audit logs: Retained for up to 3 years for legal compliance
7. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (see Account Deletion)
- Revoke biometric consent at any time through the app
- Opt out of future biometric data collection
To exercise any of these rights, contact us at support@whotook.app.
8. Security
We protect your data using industry-standard security practices including:
- Encrypted data transmission (TLS) with certificate pinning in the app
- Encrypted storage for sensitive credentials on your device
- Authenticated API access using AWS Cognito tokens
- EXIF metadata (including GPS location) stripped from all photos before upload
9. Children's Privacy
WhoTook is not intended for users under the age of 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this policy periodically. We will notify you of material changes through the app or by email. Your continued use of WhoTook after changes are posted constitutes acceptance of the updated policy.
11. Contact Us
For privacy-related questions, requests, or concerns:
Questions about this policy or your data?
support@whotook.app