The short version: there are no accounts and no cloud database. Your photos and designs stay on your phone. A photo leaves your device exactly once, over an encrypted connection, to generate the image you asked for, and is not stored on any server afterward.
Nailed It was built with a simple privacy principle: your photos and designs are yours, and they stay on your phone. There is no user account, no login, and no server-side database of your content. This policy explains, in plain language, exactly what happens to your data and why.
Because there is no account system, we collect very little directly. What exists:
When you generate a design, request a try-on, or import inspiration from another app, the relevant photo (your hand photo, an inspiration image, or an imported image) is sent once, over an encrypted connection, to our AI image-generation partner to produce your requested result. This is the only time your photo leaves your device. It is not stored by us on any server, and it is not stored persistently by our AI processing partner beyond what is necessary to fulfill the request and their own standard, brief operational logging.
Photos are also screened by an automated content-safety check before generation (see Section 8), which involves a similarly brief, non-persistent transmission.
Once your result comes back, the finished image is saved directly to your device's local storage. We never see it and we cannot access it. There is nothing on our end to request, export, or delete on your behalf, because nothing is stored on our end in the first place.
All designs, edit history, favorites, and photos are stored locally on your iPhone using on-device storage. This data:
Because there is no cross-device sync, your saved designs live only on the one iPhone you used to create them.
We use the following categories of third-party service providers, solely to operate the App:
We do not sell your data to any third party, and we do not share your photos or designs with advertisers.
We use a client-side analytics SDK to understand aggregate app usage, for example how many people complete onboarding, or which creation mode is used most. This data is not tied to your name, email, or any account (since none exists), and does not include your photos, prompts, or generated designs. If you have granted App Tracking Transparency permission, some anonymized, aggregated attribution data may also be shared with advertising partners; you can decline this at any time via the App Tracking Transparency prompt or in iOS Settings under Privacy & Security and Tracking.
New installs receive a small number of free design generations and try-ons before a subscription is required. To keep this fair, and to prevent the same person from repeatedly deleting and reinstalling the App to claim unlimited free credits, we track how many free credits have been used in two ways:
Neither mechanism identifies you personally, and both are used exclusively for this anti-abuse purpose.
Every photo you upload (a hand photo, an inspiration or outfit photo, or an image imported via the share sheet) is automatically screened by an AI-based safety classifier before it is used to generate a design. This check exists to block content such as nudity or content unrelated to nails and beauty, and to prevent misuse of the App. The screening happens as part of the same brief transmission described in Section 3 and is not stored afterward.
We share data only in the limited ways described in this policy (with the AI processing partner, Apple, and analytics providers, each solely to operate the App), or when required to comply with a valid legal request, protect our rights, or prevent fraud or harm. We do not sell personal data.
Because we do not operate a server-side database of your content, there is no copy of your designs or photos on our servers to retain or delete. Deleting a design in the App, or deleting the App itself, removes it completely and immediately from the only place it ever lived: your device. Aggregate, non-identifying analytics events may be retained by our analytics provider per their standard retention practices, but these do not include your photos or generated content.
The App is rated 12+ and is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has used the App in a way that raises a privacy concern, please contact us at social@lockin.cz.
Depending on where you live, you may have rights to access, correct, delete, or restrict processing of your personal data (for example, under the GDPR in the EU and UK, or the CCPA in California). Because nearly all App data lives only on your device, you can exercise most of these rights directly and instantly by deleting the relevant design, or the App, on your device. For anything relating to the limited data described in this policy that is not purely on-device (such as analytics), contact us at social@lockin.cz and we will respond within a reasonable time.
When your photo or prompt is sent for AI processing or safety screening, it may be transmitted to and processed in the United States or other countries where our service providers operate, which may have different data protection laws than your country of residence. These providers are contractually and legally required to protect your data appropriately.
Data transmitted for generation or moderation is sent over encrypted (HTTPS/TLS) connections. Data stored on your device benefits from iOS's built-in device-level security, including the iOS Keychain for credit tracking. No method of transmission or storage is completely secure, but we designed the App to minimize what leaves your device in the first place.
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above and, where required, by an in-app notice.
Questions about this policy, or requests relating to your data, can be sent to social@lockin.cz.