**Last updated:** 22 June 2026
**Applies to:** MakeNess AI mobile application (iOS / iPadOS)
---
MakeNess AI is published by **BULLTECH**, an independent developer based in France.
Contact: boutkhourst.hassan@gmail.com
We are the **Data Controller** for all personal data processed through the App, within the meaning of the EU General Data Protection Regulation (GDPR) and French data protection law (Loi Informatique et Libertés).
Privacy is not an afterthought for us — it is a design constraint. We collect only what we need to make the App work, we store it for as short a time as possible, and we never sell it or use it for advertising.
---
When you first open the App, a unique identifier is generated and stored locally on your device. It looks like `FR_20250807_xxxxxxxx`. This is **not** your name, email address, or Apple ID — it is a random code that distinguishes your device from others. Under the GDPR, it is considered **pseudonymous personal data**, because it identifies a device even though it does not directly identify you as a person.
We also collect:
- Your Apple App Store country code (e.g. "FRA", "USA")
- Your device language
- App version and build number
**Why:** To deliver the service, verify your subscription, route your requests to the right AI model, and diagnose technical issues.
**Legal basis:** Performance of the contract between you and BULLTECH (GDPR Article 6(1)(b)).
---
When you submit a prompt (text or image), it is transmitted to our servers and then forwarded to the AI provider responsible for generating the response. We do not read your prompts — they pass through our infrastructure automatically.
**Important:** If you include personal information in your prompts (your name, address, medical details, etc.), that content is processed as described here. We recommend not including sensitive personal data in prompts.
**Why:** To generate the AI response you requested.
**Legal basis:** Performance of the contract (GDPR Article 6(1)(b)).
---
Responses generated on your behalf — including images and videos — are temporarily stored on our secure cloud servers for **up to 24 hours**. This exists solely to make the App resilient: if your connection drops or you close the App mid-request, your result is waiting for you when you return.
After 24 hours, this content is **automatically and permanently deleted**. We do not review it, share it, or use it for any purpose other than delivering it to you.
**Why:** Reliable delivery of responses, including recovery after the App is closed.
**Legal basis:** Performance of the contract (GDPR Article 6(1)(b)).
---
For each AI request, we record anonymized performance metrics: which AI model was used, how many tokens were processed, how long the request took, the outcome (success or error), and your subscription tier at the time. This data is stored under an opaque job identifier and **cannot be traced back to your real identity** without additional steps.
We do not record the content of your prompts or responses in telemetry.
**Why:** To monitor service quality, measure costs, detect performance regressions, and understand how different AI models perform. This is essential for us to continue improving the App.
**Legal basis:** Legitimate interests of BULLTECH (GDPR Article 6(1)(f)) — specifically, the interest in operating a reliable and financially sustainable service. We have assessed that this interest does not override your privacy rights, given the anonymized nature of the data and the 90-day retention limit.
---
Your subscription status (active, expired, tier) is verified server-side using Apple's StoreKit API. We store the result (which subscription product you hold, whether it is active) linked to your pseudonymous device identifier.
**Why:** To prevent unauthorized access to premium features.
**Legal basis:** Performance of the contract (GDPR Article 6(1)(b)).
---
- Your name, email address, or Apple ID
- Your precise location or GPS data
- Your contacts, photos, or files (unless you explicitly share an image as part of a prompt)
- Any data for advertising or third-party marketing
- Any data about your activity in other apps
---
| Data | Retention |
|---|---|
| Generated content (images, videos) | 24 hours, then auto-deleted |
| Job and delivery tracking records | 24 hours, then auto-deleted |
| Telemetry (anonymized performance logs) | 90 days |
| Subscription records | As long as your account is active, or 2 years after your last use |
| Device identifier and usage data | As long as your account is active, or 2 years after your last use |
---
To provide the App, we rely on the following services. Each acts as a **Data Processor** on our behalf, under contractual obligations compatible with the GDPR.
| Service | Role | Location |
|---|---|---|
| **Google Cloud / Firebase** | Server infrastructure, temporary storage, telemetry database | EU and USA |
| **Anthropic** | AI text generation | USA |
| **OpenAI** | AI text and image generation | USA |
| **Other AI providers** | Image and video generation (varies by feature) | USA / Global |
| **Apple** | Payment processing, subscription verification | USA |
**Transfers outside the EU/EEA:** Several of our sub-processors are based in the United States. These transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission, or take place under adequacy frameworks where applicable. While we cannot fully control the privacy practices of third-party AI providers once your prompt is forwarded to them, we select providers who publicly commit to strong data protection standards.
---
We do not make any automated decisions that produce legal or similarly significant effects on you. AI-generated responses are outputs for your own use — they do not determine your access to services, creditworthiness, or any other consequential matter.
---
You have the right to:
- **Access** the personal data we hold about you
- **Correct** inaccurate data
- **Delete** your data ("right to be forgotten")
- **Restrict** how we process your data in certain circumstances
- **Object** to processing based on legitimate interests
- **Portability** — receive your data in a structured, machine-readable format
- **Withdraw consent** at any time, where processing is based on consent (this does not affect the lawfulness of prior processing)
To exercise any of these rights, contact us at boutkhourst.hassan@gmail.com. Because we store data under pseudonymous identifiers, please include your device identifier (visible in the App settings) so we can locate your records. We will respond within 30 days.
You also have the right to **lodge a complaint** with the French supervisory authority:
**CNIL — Commission Nationale de l'Informatique et des Libertés**
www.cnil.fr | 3 Place de Fontenoy, 75007 Paris, France
---
MakeNess AI is not intended for children under 13. We do not knowingly collect data from children under 13. If you are a parent and believe your child has used the App, please contact us and we will delete any associated data promptly.
---
We will update this policy when our practices change. Material changes will be announced in the App or on the App Store listing. The date at the top of this document always reflects the last update. Continuing to use the App after an update means you accept the revised policy.
---
Here
**BULLTECH**
We take privacy questions seriously and will respond within 30 days.
Version: 2026-6-1
At BULLTECH, your privacy is a top priority. This Privacy Policy explains how we collect, use, process, and secure information when you use the MakeNess AI mobile application ("App"). This policy is designed to comply with French law and applicable European regulations such as the GDPR. By using our App, you consent to the practices described herein.
We do not collect personally identifiable information (PII) by default. The following non-personal data is collected to improve our service:
Country Code: Helps us understand our geographic user base.
Screen Size and Device Language: Enables us to optimize the user interface and functionality.
Unique Device ID: A unique identifier stored on your device to track the installed App for diagnostic purposes.
App ID and Usage Data: Includes logs, error reports, and system diagnostics to ensure the smooth operation of the App.
Prompts and Responses: When you interact with the App for image generation or LLM-based tasks, we store the prompts you submit and the responses generated. While we do not deliberately collect PII, any personal information you include within your prompts will be stored as part of this content data.
Your data is used to:
Provide and Enhance Services: Enable the core functionality of MakeNess AI, including generating images and processing text through LLMs.
Diagnostic and Performance Analysis: Monitor app performance and resolve technical issues using data such as device metrics and usage logs.
Feature Development: Analyze user interactions to propose new features that enhance the overall user experience.
Security: Protect the integrity of our App and your data through continuous monitoring and analysis.
Cloud Services: All data is processed and stored using Google Cloud services.
Monitoring Tools: We use tools such as Logs Explorer to track usage data and diagnose issues.
Stored Data: The information stored includes non-identifiable metrics (e.g., device and usage data), along with any prompts and responses provided through the App.
Encryption: Data is encrypted during transit and at rest using industry-standard encryption protocols.
Access Controls: Strict access controls and authentication measures are in place to limit data access to authorized personnel only.
Continuous Monitoring: We continually monitor our systems for potential vulnerabilities and take immediate steps to address any security issues.
Anonymization: Non-essential data is anonymized to prevent the identification of individual users.
Retention Period: Data is retained only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Users can request deletion of their data at any time.
To provide service availability without requiring user-identifiable registration (such as names, emails, or credentials), MakeNess AI creates a random, localized cryptographic identifier (Anonymous Token) provided via our infrastructure and device vendors.
What is processed: A persistent machine-generated system string, platform type, request count velocity, and a "first-seen" timestamp.
Purpose: This data is utilized solely as a Rate-Limiting and anti-abuse fallback governance mechanism (e.g., verifying legitimate hardware platforms and separating conversation branches locally).
Identity Linkage: This metadata is structurally decoupled from real-world human identities. We do not inspect, monetize, track, or aggregate this telemetry to construct personal profiles.
Usage Data: Retained for diagnostic, analytical, and service improvement purposes.
Content Data: Prompts and responses are stored to facilitate the operation of the App, with retention periods defined based on the necessity for service delivery.
Deletion Requests: Users may request the deletion of specific data via email or the in-app feedback form, and such requests will be processed in accordance with applicable legal obligations.
Access: You have the right to request access to any data we hold about you.
Correction: If you believe any information is inaccurate, you may request corrections.
Deletion: You may ask for your data to be deleted by contacting us through our official channels.
Data Portability: Where applicable, you can request your data in a structured, machine-readable format.
Exercising Rights: To exercise any of these rights, please contact us via the feedback form in the App or through our official email address.
Google Cloud: We rely on Google Cloud for data processing and storage. Your data may be processed in accordance with Google’s privacy policies.
Limited Sharing: We do not share your data with third parties for their marketing purposes without your explicit consent. Any sharing of data is strictly limited to what is necessary for the provision and improvement of the App.
Third-Party Integrations: The App’s integration with external services is governed by their respective privacy policies and terms.
Data Flow: Although our primary operations are based in France, your data may be transferred to and processed in jurisdictions outside of the European Union.
Compliance: All international data transfers are conducted in compliance with applicable data protection laws, ensuring that appropriate safeguards are in place.
BULLTECH reserves the right to amend this Privacy Policy at any time. Any changes will be published on this page with an updated revision date. We encourage you to review this policy periodically to stay informed about our data practices.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us via the feedback form in link or by emailing our support team. All inquiries related to data access, correction, or deletion will be addressed promptly in accordance with applicable law.