Iris/ Privacy Policy

• Camera frames — sent to Google's Gemini API for visual analysis. Not stored permanently.
• Voice transcripts — processed using Apple's Speech framework on your device or the Web Speech API in your browser. Sent along with the camera frame to Gemini so it knows what you asked.
• Audio responses — generated by ElevenLabs' text-to-speech API and played back to you. Not stored.
• Conversation history — kept only in memory for the active session. Cleared when you close the app or tab.
• Location (GPS) — collected only when your browser is sharing location and only for the optional hazard-logging feature. Not collected otherwise.
• No accounts, no emails, no names, no personal information are required to use Iris on the web.

The iOS app on the App Store supports saved history across sessions, which means it needs a little more data than the web version. Here's exactly what it stores and where:

• Sign in with Apple — if you choose to sign in with Apple, we receive a unique user identifier and, only if you choose to share it, your email address. We do not receive your Apple ID password or any other Apple account details. Apple's private email relay is supported — if you use it, we only ever see the relay address, not your real email.
• Guest sessions — you can use Iris without signing in. A random, anonymous user ID is created so the app can save your history to your device and our database. No personal information is attached to a guest session.
• Conversation history — for signed-in and guest users, every question you ask and every response Iris gives is saved to your account so you can review it later. Each saved entry includes your user ID, the transcript of your question, Iris's text response, and a timestamp. Camera frames themselves are not saved with history.
• Camera frames — same as on the web: sent to Gemini for analysis and discarded immediately after. Not retained.
• Voice transcripts — generated on-device by Apple's Speech framework (no audio leaves your phone for transcription), then sent to Gemini with the camera frame so it can answer your question.
• Audio responses — generated by ElevenLabs and played back. Not stored.
• Daily usage counter — we count how many questions you've asked today (resets each day) to enforce a 30-per-day limit. This counter is tied to your user ID and stores only a number and a date — no content.

Saved data for the iOS app lives in a Supabase-hosted Postgres database. Every row is protected by row-level security rules so that only your account can read your data, and access is always over HTTPS.

• No advertising identifiers, no tracking across apps or websites.
• No analytics about what you look at, ask, or when.
• No contact lists, no photos from your library, no files.
• No health, financial, or payment information.

• Camera frames are sent to Gemini and discarded immediately after processing, on both web and iOS.
• On the web, voice transcripts live in memory only during your session and are discarded when you close the tab.
• On iOS, transcripts and Iris's text responses are saved to your account so you can see them in History. They are kept until you delete them (or delete your account).
• Nothing is sold or shared with advertisers.

To function, Iris sends data to a small number of services. Each has its own privacy practices:

• Google (Gemini API) — processes camera frames and your spoken question. Subject to Google's Privacy Policy.
• ElevenLabs — converts Iris' text responses into speech. Subject to ElevenLabs' Privacy Policy.
• Vercel — hosts iris.how and serves the web app. Subject to Vercel's Privacy Policy.
• Supabase (iOS only) — stores your iOS account, saved history, and daily usage counter. Subject to Supabase's Privacy Policy.
• Apple (iOS only) — Sign in with Apple authenticates you without sharing your password. Subject to Apple's Privacy Policy.

• Web: because iris.how doesn't require an account, there is no stored personal data for you to view or delete on our end. You can revoke camera, microphone, or location access at any time through your browser's site-settings menu.
• iOS — see your data: everything Iris has saved for you is visible in the app's History screen.
• iOS — delete your data: open Settings in the iOS app and tap "Delete account." This permanently erases your account, your entire history, and your usage counter from our database. The deletion is immediate and irreversible.
• iOS — revoke permissions: open the Apple Settings app → Iris → toggle off Camera, Microphone, or Speech Recognition at any time.
• iOS — revoke Sign in with Apple: Apple Settings app → your name → Sign in with Apple → Iris → "Stop Using Apple ID."

Iris is not intended for children under 13, and we do not knowingly collect data from anyone under 13.

Questions about this policy, your data, or accessibility concerns? Email raghavt@tamu.edu.

If this policy changes, the updated version will be posted at iris.how/privacy with a new "Last updated" date. For material changes, we'll do our best to notify regular users in the app itself.