Privacy Policy

1. Introduction

Welcome to DIWAI (“we,” “our,” or “us”). DIWAI is an AI-powered Do It Yourself assistant available on iOS. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the DIWAI mobile application and associated services (collectively, the “Service”).

By using DIWAI, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please do not use the Service.

Key commitment: DIWAI does not collect sensitive health data or financial data, and we do not track users for advertising purposes.

2. Data We Collect

We collect the minimum amount of data necessary to provide and improve the Service. The types of data we may collect include:

Information You Provide

Account information: email address, display name, and profile picture when you create an account or sign in via Google.
Project data: text descriptions, photographs, and voice input you submit to generate DIY project plans.
Subscription data: your subscription tier and status (payment processing is handled entirely by Apple; we do not receive or store payment card details).
Support communications: messages and email content when you contact our support team.

Information Collected Automatically

Device information: device model, operating system version, app version, and unique device identifiers.
Usage data: features used, number of projects created, and interaction patterns (collected in aggregate).
Crash and performance data: error logs and diagnostics to help us fix bugs and improve stability.

Information We Do NOT Collect

Health or medical data
Financial or payment card data (handled by Apple)
Advertising identifiers or cross-app tracking data
Contacts, calendars, or messages from your device

3. Camera & Photo Usage

DIWAI uses your device camera and photo library to enable core features:

Project analysis: you can take a photo or select one from your library so our AI can identify repair or renovation tasks and generate a project plan.
AI Design Mode: room photos are used to generate AI-powered design concepts and visualisations.

Photos are transmitted securely to our servers and to our AI processing partner (OpenAI) solely for the purpose of generating your project plan or design mockup. We do not use your photos for advertising, training public AI models, or any purpose unrelated to the Service.

Camera and photo library access requires your explicit permission via the iOS system prompt. You can revoke this permission at any time in your device Settings.

4. Location Data

DIWAI may request access to your device location to provide the following feature:

Nearby store finder: your location is used to find the nearest hardware and DIY stores (e.g., Wickes, B&Q, Screwfix, Toolstation) and provide directions.

Location data is used only when you actively use the store finder feature. We do not track your location in the background or store your location history on our servers. Location access requires your explicit iOS permission, which you can revoke at any time in Settings.

5. Speech Recognition

DIWAI offers a hands-free voice control feature that uses speech recognition:

Voice commands: you can use voice input to describe projects, navigate steps, and control the app while your hands are busy.
Processing: speech recognition is handled by Apple’s on-device and server-based Speech framework. Audio data is processed in accordance with Apple’s Privacy Policy.

We do not record, store, or transmit raw audio from your microphone. Only the transcribed text result is sent to our servers when needed to process your request. Microphone access requires your explicit iOS permission.

6. Account Data & Authentication

You can create a DIWAI account using:

Email and password: your email address is stored securely. Passwords are hashed using industry-standard algorithms and are never stored in plaintext.
Google Sign-In: if you choose to sign in with Google, we receive your name, email address, and profile picture from Google. We do not receive your Google password. Google Sign-In is governed by Google’s Privacy Policy.

Account data is used to personalise your experience, sync your projects across sessions, and manage your subscription status.

7. Analytics & Diagnostics

We collect anonymised analytics and diagnostic data to understand how the app is used and to improve performance:

Usage analytics: feature usage frequency, session duration, and project completion rates (collected in aggregate, not linked to your identity).
Crash reports: automatic crash logs help us identify and fix bugs. These may include device model, OS version, and stack traces, but do not contain personal content.

We do not use analytics data for advertising purposes. We do not sell analytics data to third parties.

8. Third-Party Services

DIWAI integrates with the following third-party services to provide its features:

OpenAI

We use OpenAI’s API to power DIWAI’s AI features, including project plan generation, photo analysis, and AI Design Mode. When you use these features, your text descriptions and/or photos are sent to OpenAI for processing. OpenAI processes this data in accordance with their Privacy Policy and API data usage policies. Data sent via the API is not used by OpenAI to train their models.

Google Sign-In

If you use Google Sign-In, limited profile information is shared as described in Section 6. This integration is governed by Google’s Privacy Policy.

Apple Services

We use Apple’s StoreKit for in-app subscriptions (Apple handles all payment processing) and Apple’s Speech framework for voice recognition. These are governed by Apple’s Privacy Policy.

We do not integrate any third-party advertising SDKs or cross-app tracking frameworks.

9. Data Retention

We retain your data only as long as necessary to provide the Service and fulfil the purposes described in this policy:

Account data: retained for as long as your account is active. If you delete your account, your personal data will be permanently removed within 30 days.
Project data: retained while your account is active so you can access your project history. Deleted when your account is deleted.
Photos: images submitted for AI analysis are processed in real time and are not permanently stored on our servers after processing is complete.
Analytics data: anonymised analytics may be retained for up to 24 months for trend analysis.
Support communications: retained for up to 12 months after resolution to help with follow-up enquiries.

10. Data Security

We take the security of your data seriously and implement appropriate technical and organisational measures:

All data transmitted between the app and our servers is encrypted using TLS (HTTPS).
Passwords are hashed using strong, industry-standard algorithms.
Access to user data on our servers is restricted to authorised personnel only.
We conduct regular security reviews of our infrastructure and codebase.

While we strive to protect your personal information, no method of electronic storage or internet transmission is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard protections.

11. Children’s Privacy

DIWAI is rated 4+ on the App Store, meaning it is suitable for all ages. However, the Service is not specifically directed at children under the age of 13.

We do not knowingly collect personal information from children under 13 without verifiable parental consent. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at support@diwai.app and we will promptly delete such information.

For users under 18, we recommend parental supervision when using AI-powered features and online services.

12. Your Rights (GDPR & CCPA)

Depending on your location, you may have the following rights regarding your personal data:

For EU/UK Residents (GDPR)

Right of access: request a copy of the personal data we hold about you.
Right to rectification: request correction of inaccurate or incomplete data.
Right to erasure: request deletion of your personal data (“right to be forgotten”).
Right to restriction: request that we limit how we process your data.
Right to data portability: receive your data in a structured, machine-readable format.
Right to object: object to certain types of data processing.

For California Residents (CCPA)

Right to know: what personal information we collect, use, and disclose.
Right to delete: request deletion of your personal information.
Right to opt-out: opt out of the sale of personal information. Note: we do not sell your personal information.
Right to non-discrimination: we will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at support@diwai.app. We will respond to your request within 30 days (or as required by applicable law).

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, where appropriate, notify you via the app or email.

We encourage you to review this policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@diwai.app

Website: diwai.app

We aim to respond to all enquiries within 48 hours.