Privacy Policy

• Account data: name, email address, login credentials, and account settings.
• Usage and device data: IP address, device identifiers, browser/app metadata, and logs.
• Billing data: transaction metadata and payment records (payment details are processed by payment providers).
• Support and uploaded content: files or messages you submit for support or service features.

Reference images stay on your device. The reference image you select for an AI character is processed locally inside the Camify desktop app on your own computer. It is not uploaded to Camify servers, and we do not see it, copy it, or retain it.

Live webcam frames. To drive a character live, your webcam frames are streamed to our AI inference partner Decart (Decart Inc., USA) for real-time transformation and returned to your app. Frames are processed transiently to produce the live output and are not retained as a permanent recording by Camify. Decart processes the frames under its own privacy terms.

Biometric and special personal information (POPIA Sec 26). Webcam frames may contain biometric information (your face). Camify processes this information only for the purpose of producing the real-time character output you requested, on a contract-performance basis under POPIA, and does not build a biometric template, identification database, or profile from this data.

We do not process voice or audio. Camify currently does not capture, transmit, or process microphone audio. If this changes, this section will be updated and you will be notified before the change takes effect.

We do not sell live camera feeds. We do not store live feeds on our servers as recordings unless you explicitly upload content (for example, a support attachment).

Depending on your location, we process personal data under one or more of these legal bases:

• Performance of a contract (to provide requested services).
• Legitimate interests (security, fraud prevention, service improvement).
• Compliance with legal obligations.
• Consent, where legally required.

We do not sell personal data. We share the minimum data necessary with the following sub-processors:

• Decart Inc. (USA). Real-time AI face transformation. Receives live webcam frames transiently for inference.
• PayFast (South Africa). ZAR payment processing for EFT and card. Payment credentials go directly to PayFast and not to us.
• SendGrid / Twilio (USA). Transactional emails (verification, receipts, password resets). Receives your email address only.
• DigitalOcean (Netherlands / USA). Infrastructure hosting for the Camify API and admin systems.
• Manual cryptocurrency payments (Bitcoin, USDT). Where you choose to pay in BTC or USDT, the transaction id (TXID) and wallet reference are recorded against your account. No third-party crypto processor is used.
• Fraud and risk partners to detect and prevent abuse.
• Law enforcement or regulators when legally required, or when necessary to protect rights, prevent fraud, or enforce our policies.

Camify is operated from the Republic of South Africa. The following data may be transferred to processors outside South Africa:

• United States. Decart (live webcam frames). SendGrid (transactional email).
• European Union / Netherlands. DigitalOcean (infrastructure).
• South Africa. PayFast (ZAR payment processing).

By creating an account and using the Service you explicitly consent to these transfers (POPIA Sec 72(1)(b)). Where required, we rely on standard contractual safeguards with each processor. If you do not consent to these transfers, do not create an account.

Depending on your location, you may have rights to access, correct, delete, restrict, object, or export your personal data. You may also withdraw consent where processing is based on consent.

To exercise these rights, email privacy@camifycam.com. We may verify your identity before processing requests.