This Privacy Policy describes how Sanibel Shell ID ("the App"), developed by Joseph Powell ("we," "us," or "our"), an independent developer based in Lehigh Acres, Florida, USA, collects, uses, and protects your information. This policy applies to all users of Sanibel Shell ID on iOS and Android.
| User accounts | None — fully anonymous |
| Data sold | Never |
| Photos stored on server | Only if you submit a correction report |
| Third-party analytics | None |
| AI processing | Photos sent to a third-party AI service for identification |
| Ads | None |
| Intended audience | Adults (13+). Not directed to children. |
| Delete your data | In Settings → Delete Account, or email [email protected] |
Device identifier: When you first open Sanibel Shell ID, the App registers your device with our server. Our server generates a random unique identifier (UUID) and a secure authentication token. These are stored securely on your device using encrypted storage. This identifier is not linked to your name, email, Apple ID, Google account, or any other personal identity. It is used solely to track your identification usage for service monitoring.
Device platform, app version, and OS version: We collect whether you use iOS or Android, your app version number, and your operating-system version for compatibility, debugging, and error-reporting purposes.
Usage analytics: If you have not opted out via the "Help Improve Sanibel Shell ID" toggle in Settings, we collect anonymous usage events such as which screens you visit, when you take a photo, and when you perform an identification. These events are sent to our own server — not to any third-party analytics service. No third-party analytics SDKs (such as Google Analytics, Firebase, Amplitude, or Mixpanel) are included in this App.
Error reports: If the App encounters an error, a report containing the error type, message, and technical stack trace may be sent to our server. This helps us fix bugs. No third-party crash reporting services (such as Sentry or Crashlytics) are used.
Photos for identification: When you use the identification feature, your photo is sent through our backend server to a third-party AI service for processing. Our server does not retain photos submitted only for identification. The photo is processed by the AI service and the identification result is returned to you. (Photos that you separately submit through a correction report are stored — see "Correction reports" below.)
Correction reports: If you choose to report an incorrect identification, the photo and the AI's original result are uploaded to our server and stored for the purpose of improving the AI's accuracy in the future. Submitting a correction report is entirely optional.
Your shell collection (species found, dates, find counts), earned badges, onboarding completion status, and consent preferences are stored locally on your device using AsyncStorage. Photos saved to your collection remain on your device and are never uploaded to our servers (unless you submit a correction report as described above).
We use the information we collect to:
Photos you submit for identification are transmitted to a third-party AI service provider for processing. We select providers whose API data-usage policies confirm that data submitted via their API is not used to train their models. Our AI service provider may change over time; the current provider and a link to their privacy policy are listed on our AI Providers page.
Our backend server is hosted on AWS. Data transmitted to our server (device identifiers, analytics events, error reports, and correction report photos) is stored on AWS infrastructure.
We do not sell, rent, or trade your personal information to any third party. Beyond our AI service provider (for identification processing) and AWS (for hosting), no other third-party services receive your data. There are no advertising networks, no social media SDKs, and no third-party analytics services in this App.
Local data (on your device): Your collection, badges, and preferences persist until you uninstall the App or use "Delete Account & All Data" in Settings.
Device registration and query count: Retained on our server until you delete your account via Settings or email request.
Correction report photos: Retained on our server for up to 3 years for AI training and improvement purposes, then automatically deleted by a scheduled retention job.
Analytics events and error logs: Retained on our server for up to 1 year for analysis and debugging, then deleted.
Photos sent for identification: Processed by our AI service provider in transit and not retained on our server. The AI service provider may retain data briefly for abuse monitoring per their own policies.
To delete your data: Open Settings and tap "Delete Account & All Data." This permanently deletes your server-side device record, your collection's server-side metadata, and any correction-report photos you've submitted. You may also email [email protected] with your Device ID (found at the bottom of the Settings screen) to request deletion; we will delete all server-side data associated with your device within 30 days.
Sanibel Shell ID is intended for users aged 13 and older. The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
The App operates entirely anonymously with no user accounts, no names, no email addresses, and no personal identifiers collected from any user of any age. The device identifier is a randomly generated value that cannot be used to identify any individual person.
We ask that users do not submit photos that contain identifiable people, including children, when using the identification or correction-report features. Photos should be of seashells only.
Parental rights (under COPPA): If you believe your child under 13 has used the App, a parent or guardian may contact us at [email protected] to:
If we discover that we have inadvertently collected personal information from a child under 13, we will promptly delete it.
We take reasonable measures to protect your information:
While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
You may opt out of anonymous analytics data collection at any time using the "Help Improve Sanibel Shell ID" toggle in Settings. You may delete all of your server-side data at any time via "Delete Account & All Data" in Settings, or by emailing [email protected].
Under the General Data Protection Regulation, you have the right to:
Our legal basis for processing is legitimate interest (providing the App's core identification functionality) and consent (for optional analytics). To exercise your rights, email [email protected].
Under the California Consumer Privacy Act and California Privacy Rights Act, you have the right to:
To exercise your rights, email [email protected].
Sanibel Shell ID requests the following device permissions:
No other permissions (location, microphone, contacts, etc.) are requested or used.
We may update this Privacy Policy from time to time. Changes will be reflected by an updated effective date at the top of this document. Updated versions will be available in the App and at the URL where this policy is hosted. We encourage you to review this policy periodically.
If you have questions or concerns about this Privacy Policy or your data, please contact:
Joseph Powell
[email protected]
Lehigh Acres, Florida, USA
silverkeydev.com
