Skip to content
ZeroRoll

Legal

Privacy Policy

Last updated April 26, 2026

ZeroRoll is built on a single principle: your photos are yours. This policy describes — in plain English — what data ZeroRoll touches, where it lives, and what we ourselves see. The short answer is: we see almost nothing. The long answer follows.

What ZeroRoll runs on your device

When you grant ZeroRoll access to your photo library, the app reads photos and metadata directly from the operating system’s photo store (Apple Photos on iOS, MediaStore on Android). All of the following happens on your device only:

  • Indexing of photo identifiers, EXIF metadata (date, dimensions, file size), and per-photo flags such as “is screenshot” or “is favorite”.
  • Perceptual hashing (dHash) used to find near-duplicate photos.
  • Blur detection scoring each photo for sharpness.
  • Clustering (DBSCAN) to group near-duplicate photos into Smart Stacks.
  • Triage decisions — your keep / delete choices and the 30-day undo queue.

This data is stored locally in a SQLite database (managed by Room) and a small key-value store (DataStore on Android, NSUserDefaults on iOS). The original photo bytes are never copied into ZeroRoll’s storage — we reference the system identifiers and read the photos through the OS framework.

What never leaves your phone

  • Photo content (pixels, video frames).
  • Photo metadata, EXIF, hashes, or any derived data.
  • Your triage history or keep / delete decisions.
  • Any analytics, telemetry, or crash logs.

ZeroRoll has no servers under our control. We do not run a backend. We do not collect logs. We do not run A/B tests on you. We do not have an analytics SDK in the app.

What does touch the network

Exactly one thing: subscription validation. ZeroRoll uses RevenueCat to verify that an active App Store or Google Play subscription is in good standing. When you subscribe, restore a purchase, or open the app on a device with a Pro subscription, ZeroRoll asks RevenueCat:

Is this App Store / Play Store user entitled to Pro?

This call sends:

  • An anonymous installation identifier generated by RevenueCat on your device.
  • Your store-issued purchase receipt (which Apple or Google manages, not us).

It does not send any photo, any photo-derived data, your name, or your email. RevenueCat’s privacy practices are documented at revenuecat.com/privacy.

If you never subscribe and never tap “Restore Purchases”, ZeroRoll makes no network calls related to your photo library at all.

Your rights

  • Deletion is uninstalling. Because all of your ZeroRoll data lives on your device, removing the app removes everything ZeroRoll knew. There is no server-side account to delete.
  • Cancel anytime. Subscriptions are managed through your App Store or Play Store account. You can cancel from there at any time; cancellation stops auto-renewal and we do not retain any subscription data on our side.
  • Limited Photos access (iOS). If you grant ZeroRoll only “Limited Library” access, ZeroRoll can only see the photos you selected. You can change this anytime in iOS Settings → Privacy & Security → Photos → ZeroRoll.

Children

ZeroRoll is not directed at children under 13 and does not knowingly collect data from anyone, including children.

Changes to this policy

If we change this policy, we’ll bump the “Last updated” date at the top and call out material changes. Because we don’t run a backend, you’ll see the new policy when the app or website updates.

Contact

Questions or concerns: support@zeroroll.com.