Privacy Policy — Shelf

This Privacy Policy explains how Shelf ("the App", "we", "our", or "us") handles information when you use the Shelf iOS app. Shelf is built to be private by design: it reads and organizes your screenshots entirely on your device, with no account and no servers operated by us.

We do not collect your personal data. Shelf has no account, login, or sign-up. Your screenshots, the text read from them, the shelves they are sorted into, and your settings stay only on your device.

• No personal information — we do not ask for your name, email, phone number, or location.
• No analytics or tracking — the App contains no analytics, advertising, or tracking SDKs.
• Your photos never leave your device — screenshots are read and analyzed on your device and are never uploaded to us or anyone else.

Shelf needs access to your photo library so it can find and organize your screenshots. This access is used only on your device:

• Reading — Shelf looks at your screenshots to read their text and sort them into shelves. It does not copy your photos off the device.
• On-device text recognition — text is extracted using Apple's Vision framework, and screenshots are categorized using Apple's on-device Foundation Models (Apple Intelligence) on supported devices. This processing is performed by the operating system on your device; nothing is sent to us.
• Deleting — when you use the purge feature, Shelf asks the system to delete the screenshots you choose. iOS always shows its own confirmation before anything is removed, and removed items go to your Recently Deleted album.

Screenshots that look like IDs or documents can be kept in a Face ID / Touch ID–protected Vault. Vault contents are unlocked only after a successful device authentication, which is handled by iOS. We never see this content.

Shelf may suggest helpful actions from a screenshot — for example adding a detected date to your calendar or copying a Wi‑Fi password. These actions happen only when you tap them, using the relevant Apple framework on your device. Shelf does not write to your calendar, contacts, or clipboard on its own, and these suggestions are not sent anywhere.

Shelf offers an optional "Shelf Pro" subscription and a lifetime purchase through Apple In-App Purchase. Payments are processed by Apple — we never see or store your card details. We use RevenueCat, a third-party subscription-management service, to verify and manage your purchase. To do this, RevenueCat processes a randomly generated, pseudonymous app user identifier, your purchase and receipt information, and basic device/app information. This is used only to deliver and restore your purchase, not to identify you personally.

The information Shelf creates about your screenshots (the text it read, the shelf assignments, and your settings) is stored locally on your device and protected by your device's built-in security. Because this data stays on your device, deleting the App removes it. We hold no copy of it.

• Photos — required so Shelf can find, organize, and (at your request) delete your screenshots.
• Face ID / Touch ID (optional) — used to unlock the Vault.
• Notifications (optional) — used to remind you about the weekly purge if you enable it.

Shelf does not request access to your location, microphone, or camera.

• Apple — App Store distribution, In‑App Purchase payments, and on‑device Vision and Apple Intelligence processing. Governed by Apple's Privacy Policy.
• RevenueCat — subscription management as described above. Governed by RevenueCat's Privacy Policy.

We do not sell your data, and we do not share it for advertising.

Shelf is not directed to children under 13 and does not knowingly collect data from them. Because the App collects no personal data, it presents minimal privacy risk to users of any age.

Privacy laws such as the EU GDPR, the UAE Personal Data Protection Law, and the California CCPA give you rights over your personal data. Because Shelf does not collect or hold your personal data, there is nothing for us to access, correct, export, or delete. You remain in full control of your on‑device data and can remove it at any time by deleting the App. For subscription data held by Apple or RevenueCat, please refer to their respective policies.

We may update this Policy as the App evolves. Material changes will be reflected here with a new effective date.

Questions about this Policy? Email [email protected].