System Boot
ScreenCache

INITIALIZING SYSTEM...

ScreenCache © 202600%
Logo
Policy Center // ScreenCache

Privacy
Protocol

ScreenCache is a personal image knowledge utility with social features. This document describes how we collect, process, store, and protect your data.

Version2026.2.0
Effective DateMarch 9, 2026
[01]

Privacy by Design

Account identity is never exposed publicly. On-device processing keeps your data local.

[02]

Safety

Automated scanning protects the community. EXIF metadata is stripped from every image.

[03]

Transparency

Every processing step, third-party service, and retention period is documented here.

01

Eligibility

ScreenCache requires users to be at least 13 years of age. Users between 13 and 17 must have parental or guardian consent to use the platform. In the European Economic Area and United Kingdom, the minimum age is 16 years in accordance with GDPR.

Child Safety:We do not knowingly collect data from children below the applicable minimum age. If we discover an underage account, it will be terminated and all associated data purged immediately.

02

Two-Tier Identity

ScreenCache uses a two-tier identity model designed to separate your private identity from your public presence.

Private

Account

Your private human identity. Tied to your email, manages privacy settings, owns all content. Has Connections (up to 2,000). Account details (email, real identity) are never exposed in public contexts.

Public

Avatar

A public persona with an @handle. Publishes Posts, builds audience, receives messages. An Account can own multiple Avatars (3 on Free, 10 on Premium). Avatars are the only identity visible to the public.

03

Data Collection

We collect the following categories of data.

Account

Signup Data

Email address, display name, DM permission preference, contact discoverability setting, and push notification preference. Passwords are hashed by AWS Cognito and never stored by ScreenCache directly.
Content

Images

Screenshots and photos you capture or import into your library. Images only — ScreenCache does not accept video, audio, or document files.
Social

Activity Data

Posts (1–10 images each), Connections, Avatar follows, messages, bookmarks, and notification history.
Device

App & Device Info

Device model, OS version, app version, push notification tokens (via Firebase Cloud Messaging), and crash-level diagnostic data. We do not collect Advertising IDs.
Interests

Topic Engagement

Curated interest topics you follow (e.g., food, travel, tech). Engagement analytics are aggregate counters only — not per-user behavior logs. Failures in analytics collection are silently dropped.
Financial

Subscription Data

Subscription tier and status stored by ScreenCache. All payment processing is handled by Stripe — we never see or store your card number or payment method details.
04

On-Device Processing

The following processing happens entirely on your Android device. No image data is sent to Google or any third party for these operations.

Google ML Kit

Text Recognition (OCR)

Extracts readable text from your images so they become searchable. Runs in the background after app launch (30-second delay). Results stored locally in your device's Room database.

Google ML Kit

Image Labeling

Generates descriptive labels for your images to improve search. Processed entirely on-device. Labels remain local unless you publish a Post.

05

Server-Side Processing

When you back up an image or create a Post, it passes through the following pipeline on our AWS infrastructure.

STAGE 1

Malware Scan

Service: AWS GuardDuty S3 Malware Protection

Every uploaded file is scanned. Infected files are quarantined and never served.

STAGE 2

Content Moderation

Service: Amazon Rekognition

Checks for policy-violating content (explicit material, violence, child exploitation). Rekognition reads directly from S3 — images are not downloaded to a separate system. Moderation labels and confidence scores are logged to an audit bucket.

STAGE 3

Image Transcoding

Service: Scrimage (server-side)

EXIF metadata is stripped (GPS location, camera info, timestamps removed). Images are auto-oriented and transcoded to display.webp (2048px) and thumb.webp (400px). The original is preserved.

STAGE 4

AI Metadata Extraction

Service: Amazon Nova Lite (via AWS Bedrock)

Extracts text (OCR), assigns topic categories from a predefined set (food, travel, nature, etc.), and generates up to 30 descriptive labels. Powers search and interest-based discovery. Non-fatal — the pipeline continues if this step fails.

STAGE 5

Storage

Service: AWS S3 + CloudFront

Processed image variants are stored in permanent S3 storage. CDN URLs are written to the asset record. Your storage quota is incremented.

EXIF StrippingAll image metadata (GPS coordinates, camera model, timestamps, etc.) is permanently removed during Stage 3. This data is never stored or logged by ScreenCache.

06

Content Moderation

Automated + Human Review

Every uploaded image is scanned automatically via Amazon Rekognition moderation labels and AWS GuardDuty malware detection.

Zero Tolerance

Child exploitation content is auto-rejected at any confidence level. Reported to NCMEC (18 U.S.C. § 2258A) with IP, email, and content metadata.

Auto-Reject

Explicit nudity, sexual activity, violence, and visually disturbing content rejected at ≥90% confidence. Content moved to quarantine.

Manual Review

Borderline content (suggestive, gambling, drugs, tobacco, alcohol) is queued for human review before a decision is made.

Quarantined content is retained for 90 days for legal and appeals purposes, then auto-deleted. All moderation decisions are logged with labels and confidence scores (90-day retention). Contact safety@screencache.com to appeal a moderation decision.

07

Third-Party Services

We do not sell personal data. We do not use any third-party analytics, crash reporting, or advertising services. Data is shared only with the following service providers.

AWS CognitoAuthenticationEmail, hashed password, user ID
AWS DynamoDBPrimary databaseAll user, content, and social data
AWS S3Image storageImage files (original + transcoded)
AWS CloudFrontCDN deliveryCached image variants, access logs
AWS GuardDutyMalware scanningUploaded image bytes
Amazon RekognitionContent moderationS3 image reference (pointer, not download)
Amazon Nova Lite (Bedrock)Image classification & OCRTranscoded display image
Google ML KitOn-device OCR & labelingImage pixels — on-device only, never sent to Google
Firebase Cloud MessagingPush notificationsDevice tokens, notification title/body
StripeSubscription paymentsEmail, account ID — payment method handled entirely by Stripe

NO THIRD-PARTY ANALYTICS // NO AD NETWORKS // NO CRASH REPORTING SERVICES

08

Data Retention

All cloud data is stored on AWS infrastructure in the US-East (N. Virginia) region. Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

Account & Profile Data

Soft-deleted upon account deletion. Retained indefinitely while account is active.

ACTIVE
Image Files (display/thumb)

Permanent storage. Intelligent Tiering applied after 30 days.

INDEFINITE
Original Images

Permanent storage. Transitioned to Glacier Deep Archive after 90 days.

GLACIER 90D
Staging Uploads

Temporary files during processing pipeline. Auto-deleted.

1 DAY
Quarantined Content

Rejected or infected uploads held for legal/appeals purposes.

90 DAYS
Moderation Audit Logs

Labels, confidence scores, and decisions. Gzipped JSON.

90 DAYS
Push Notification Tokens

FCM device tokens with TTL. Stale tokens auto-cleaned on UNREGISTERED.

180 DAYS
Messages

Soft-deleted (placeholder shown). Not hard-deleted from storage.

INDEFINITE
Subscription Records

Tier, status, and expiration. Retained for billing reconciliation.

INDEFINITE
Interest Analytics

Aggregate counters only (not per-user). No individual behavior logs exist to delete.

AGGREGATE
Local Storage (Your Device)

Room database (cached account data, assets, posts, messages, notifications, bookmarks, search presets), DataStore (user preferences), EncryptedSharedPreferences (auth tokens), Android Keystore (Cognito refresh tokens). All local data is cleared when you uninstall the app or log out.

09

Messaging

ScreenCache supports Account-to-Account and Avatar-to-Avatar direct messaging. Messages can include text (up to 5,000 characters) and up to 4 image attachments.

Messages are delivered in real-time via WebSocket with Firebase Cloud Messaging fallback when offline. Messages are not end-to-end encrypted — they are stored server-side to enable content moderation and safety auditing.

Deleted messages are soft-deleted (a placeholder is shown to recipients). Blocked accounts cannot send messages. DM permissions are controlled per-account (Connections only, or Anyone).

10

Subscription & Payments

Free$0

10 GB storage, 3 Avatars

Premium$4.99/mo

250 GB storage, 10 Avatars

Payments are processed entirely by Stripe Checkout (hosted by Stripe). ScreenCache never sees, processes, or stores your card number or payment method details. Subscription status (tier, active/past due/cancelled/expired, expiration date) is stored in our database via Stripe webhook events.

11

Your Rights

GDPR (EEA/UK)
  • Access and obtain a copy of your data
  • Rectify inaccurate personal data
  • Request erasure (“right to be forgotten”)
  • Data portability (export your data)
  • Object to or restrict processing
  • Contest automated decision-making (Art. 22)
  • Lodge a complaint with your supervisory authority

Legal basis: contract performance (account operation, content hosting), legitimate interest (security, fraud prevention, content moderation), legal obligation (CSAM reporting).

CCPA (California)
  • Know what personal information is collected
  • Request deletion of personal information
  • Opt out of the sale of personal information
  • Non-discrimination for exercising your rights

We do not sell personal information. We do not share personal information with third parties for advertising purposes.

To exercise any right, contact privacy@screencache.com. We will respond within 30 days. Account deletion can be initiated directly within the app under Settings.

12

Policy Changes

We may update this policy to reflect changes in our practices or legal requirements. For material changes, we will notify you via email and/or a prominent notice within the app at least 30 days before the changes take effect. Continued use of the platform after the effective date constitutes acceptance of the updated policy. The version number and effective date at the top of this page will always reflect the current revision.

Questions or Concerns?Privacy: privacy@screencache.comSafety: safety@screencache.com

This policy is governed by the laws of the United States (Delaware). International users are subject to data transfer to the US under applicable legal mechanisms.