Privacy Policy
Last updated: July 2026
Introduction
Welcome to Cleanup My Phone ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience when using our application. This Privacy Policy explains how we collect, use, and safeguard your information.
Information We Collect
We collect the following types of information:
- Photo Library Access: We access your photo library solely to identify duplicate photos, similar images, blurry photos, dark photos, screenshots, old screenshots, screen recordings, Live Photos, and burst photos for cleanup purposes. Your photos are processed entirely on your device and are never uploaded to our servers.
- Secret Album: When you use the Secret Album feature, photos and videos are encrypted and stored securely on your device. These files are protected by your password and/or Face ID/Touch ID. Secret Album data is stored only on your device and is never uploaded to our servers or any cloud service.
- On-Device AI Processing: We use machine learning models running entirely on your device to detect blurry images and analyze photo quality. No image data is ever sent to external servers for processing.
- Contacts Access (Contact Cleaner): When you open the Contact Cleaner, we read your contacts solely to find duplicate, incomplete, or empty entries and to help you merge or delete them. Contact analysis runs entirely on your device and your contacts are never uploaded to our servers.
- Calendar Access (Calendar Cleaner): When you open the Calendar Cleaner, we read your calendar events solely to identify old, duplicate, or cancelled events you may want to remove. This runs entirely on your device and your events are never uploaded to our servers.
- Microphone Access (Speaker Cleaner's Sound Meter): The Speaker Cleaner includes an optional Sound Meter that uses your microphone to show a live decibel reading, so you can confirm your speaker is loud and clear after cleaning. Audio is analyzed live on your device and is never recorded, saved, or uploaded. The microphone is active only while the Sound Meter is running.
- Crash Reports (Firebase Crashlytics): We collect anonymous crash and diagnostic reports — such as device model, OS version, app version, and the stack trace at the time of a crash — solely to find and fix bugs. This is the only third-party data collection in the app.
- No product analytics, no ad tracking: We do not run behavioral/product analytics, we do not use advertising-attribution SDKs, and we do not collect your advertising identifier (IDFA) or track you across other apps or websites. We do not send any statistics derived from your photo library off your device.
Email Cleaner — Any Provider
The Email Cleaner connects directly to your email provider. We do not operate any backend service that touches your mail. The provider list (Gmail, iCloud Mail, Outlook, Hotmail, Live, Yahoo, AOL, and any IMAP host) is handled as follows:
- Gmail — Google OAuth: Sign-in goes through Google's official OAuth flow. We never see your password. Once authorized, the app queries Gmail's official API directly from your iPhone to read email metadata (sender, subject, date, attachment size, list-unsubscribe headers) and to perform deletes / unsubscribes you explicitly initiate.
- iCloud Mail, Yahoo Mail, AOL Mail — App-Specific Passwords: These providers block IMAP sign-in with your real account password. The app walks you through generating a 16-character app-specific password at your provider's security page. That credential is stored only in the iOS Keychain on your iPhone and is revocable from your provider at any time. Your real account password is never used by the app and is never seen by us.
- Outlook, Hotmail, Live — Microsoft Password or App Password: If 2-step verification is enabled (recommended), the app walks you through generating an app password at account.microsoft.com. Stored in the iOS Keychain on your iPhone.
- Other IMAP servers (Fastmail, ProtonMail Bridge, Zoho, custom domains): You enter your IMAP host, port, email, and password. The credential lives only in the iOS Keychain on your iPhone.
- On-device categorization: All email analysis, sender grouping, subscription detection, and unsubscribe execution happens on your iPhone. We do not run any server that touches your mail.
- No retention of content: Message bodies are not retained off-device. Metadata used for categorization (sender, subject, headers, size, read state) is cached locally only and removed when you disconnect the account or delete the app.
- User Control: Disconnect any account at any time from the in-app account switcher. App-specific passwords can be revoked at the provider's security page even after disconnection.
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Smart Albums (On-Device AI Photo Classification)
The Smart Albums feature uses Apple's Vision framework (the same on-device classifier behind Apple's Visual Look Up and the People & Pets album) to categorize your photos by content (Pets, Food, Travel, Family, Nature, Architecture, Vehicles, Documents). Classification runs entirely on your iPhone's Neural Engine. Photos are not uploaded; the resulting category assignments are cached locally only and cleared when you delete the app.
HEIC Converter
The HEIC → JPEG / PNG converter reads HEIC photos from your photo library, decodes them with Apple's on-device imaging APIs, and writes the converted JPEG or PNG copy back to your photo library. No photo or metadata leaves your iPhone during conversion.
Speaker Cleaner
The Speaker Cleaner plays specially-tuned tones (and synced vibration) through your iPhone's speaker to push out trapped water and shake loose dust, and includes a Speaker Test sweep and an optional Sound Meter. The Sound Meter uses your microphone to display a live decibel level only — audio is analyzed live on your device and is never recorded, saved, or uploaded, and the microphone is active only while the meter is running. The Speaker Cleaner does not require an internet connection and sends no data off your iPhone.
Secrets Vault (Private Photos & Videos)
The optional Secrets vault lets you hide private photos and videos behind a PIN and Face ID. Everything you add is encrypted on your device with AES-GCM and stored only in the app's protected storage — it is never uploaded to us or synced off your iPhone. To help you detect unauthorized access, an optional Intruder Capture feature (toggleable in the vault's settings) uses the front camera to silently take a photo after repeated failed unlock attempts. Any such photo is encrypted, stored only on your device, shown to you in the in-app Intruder Log, and is never uploaded. The camera is used solely for this purpose and only after failed unlock attempts.
Device Diagnostics & Speed Test
Cleanup My Phone includes several diagnostic tools that read values your iPhone already exposes to apps, on-device only:
- Device Health Score, Storage Breakdown & Battery Monitor: These read system-reported storage, battery, and device-status values locally to show you a health score and storage breakdown. None of this information is uploaded or shared.
- Speed Test: The network Speed Test measures your connection by transferring test data to and from Cloudflare's public speed-test endpoints. This is the only feature that makes an outbound network connection of its own. It sends no personal data, no photo-library data, and no identifiers — only the throwaway test payload needed to measure download/upload speed and latency. Results are stored on your device only.
- Widgets & Notifications: Home/Lock Screen widgets display storage and battery values from local caches only. Local notifications (cleanup reminders, trial reminders, backup-expiry alerts) are scheduled on-device and contain no data sent to us. You can disable any notification in the app's settings or in iOS Settings.
Background Processing (Scan While Charging)
If you enable the optional Scan While Charging feature (off by default), the app asks iOS to run a cleanup scan while your iPhone is connected to power — typically overnight — and posts a local notification when a cleanup plan is ready. The scan runs entirely on your device using the same on-device analysis as a normal scan; results are stored only on your phone, no data is transmitted anywhere, and nothing is ever deleted without your explicit confirmation in the app. The app also schedules a local backup-expiry alert when items in your 30-Day Backup are close to permanent removal, computed on-device from local data. The app has no server that sends push notifications — every notification is a local iOS notification you can turn off in Settings → Notifications.
Invite Friends (Referrals)
If you invite friends, we track only an anonymous referral count on your device in order to credit bonus cleanup items. We do not collect your contacts or your friends' personal information through the referral feature.
How We Use Your Information
We use the collected information to:
- Provide and maintain our photo cleanup services
- Improve and optimize our app's performance
- Provide customer support
- Send important notifications about the app
- Comply with legal obligations
Data Storage and Security
Your privacy is our priority:
- All photo, video, contact, and calendar analysis is performed locally on your device using Apple's Vision, Core ML, Contacts, and EventKit frameworks.
- We do not upload, store, or have access to your photos, videos, contacts, calendar events, or email content. There is no backend service operated by us that touches any of this content.
- Deleted photos and videos are moved to the 30-day Recovery Vault on your device, then to iOS Recently Deleted for the standard retention.
- Secret Album files are encrypted using industry-standard encryption (AES-256 with keys held in the iOS Keychain), stored only on your device, and protected by Face ID / Touch ID / passcode.
- Email IMAP / app-specific passwords are stored only in the iOS Keychain on your iPhone. They are never transmitted to our servers because we do not operate any servers that handle email.
- We use industry-standard security measures to protect any anonymous device / app diagnostics we do collect.
Third-Party Services
Our app may use third-party services that collect information:
- Apple App Store: For subscription management and processing payments.
- Google APIs: For Gmail integration in the Email Cleaner feature (only when you choose to connect your Google account). Used directly from your iPhone — we do not relay through any of our infrastructure.
- Email providers (Apple iCloud Mail / Microsoft Outlook / Yahoo / AOL / your IMAP host): Connected directly from your iPhone over the provider's standard IMAP-over-TLS endpoint when you choose to connect an account.
- Cloudflare: Used only by the Speed Test feature to measure your connection. No personal data is sent; see "Device Diagnostics & Speed Test" above.
These services have their own privacy policies governing the use of your information.
Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Withdraw consent at any time
- Lodge a complaint with a supervisory authority
Children's Privacy
Our app is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Email: support@cleanupmyphone.com