Privacy Policy
Last Updated: March 28, 2026
MimiSeka is an iOS app that uses AI to interpret scenes from photos and videos, generating literary narratives and summary text. The generated text can be embedded as photo captions (ALT text) or read aloud.
- MimiSeka Scia: Generates scene summaries and narratives from your photos. The generated text can be saved as ALT text on the photo or read aloud.
- MimiSeka Lupe: A real-time camera reading feature primarily designed for users with visual impairments. The AI instantly recognizes text and objects in the camera's view and describes them via audio.
This policy describes how data is handled across both apps. It applies to users in the European Economic Area (EEA), the United Kingdom, and Switzerland.
1. Data Controller
The data controller responsible for your personal data is:
MimiSeka Project
Email: privacy@mimiseka.jp
2. Data We Collect, Transmit, and Legal Basis
Under the General Data Protection Regulation (GDPR), we are required to inform you of the legal basis for processing your personal data. The table below summarises the data we collect, why we collect it, and the legal basis for each.
| Data | Purpose | Legal Basis |
|---|---|---|
| Photos (sent to generative AI services) | Generate summaries and narratives | Consent (you choose to use the feature) |
| Initial survey (vision status, age, preferences) | Optimise app settings; anonymised statistics for service improvement | Legitimate interest (service improvement) |
| Device identifier (identifierForVendor) | Daily request rate limiting | Legitimate interest (service stability) |
| Location data (optional) | Photo metadata; narrative context | Consent (iOS system permission prompt) |
| Usage data (anonymised) | App improvement and analytics | Legitimate interest (service improvement) |
| X (Twitter) authentication token | Optional posting to X | Consent (you choose to connect) |
Photo Data
To generate summaries and narratives for your photo captions, photos you take or select are sent to external generative AI services. How data is handled after transmission is governed by each service's privacy policy.
- MimiSeka Scia: Generated summaries and narratives are embedded as metadata in the photo and saved to your device's photo library (in the "MimiSeka" album). This feature can be disabled in Settings.
- MimiSeka Lupe: Captured photos are not saved to your device's photo library.
Initial Survey
On first launch, the app asks for the following information:
- Vision status
- Age
- Narrative mode preference
- Auto-read-aloud setting
This information is used to optimise app settings and is also stored in anonymised form on our servers to improve the service. It is never used to identify any individual.
Device Identifier
To maintain stable service operation (daily request rate limiting), a device-specific identifier assigned by Apple (identifierForVendor) is sent to our server. This identifier changes when the app is reinstalled and is not used for cross-app tracking or advertising purposes.
Location Data (Optional)
Location data is only collected when you grant the app location access through your device's iOS system settings. When enabled, location data is used for:
- Adding location metadata to photos (when saving to album in Scia)
- Providing contextual information for narrative generation
Precise location data (latitude and longitude) is not sent to our servers. However, a coarse location name (city or municipality level) may be sent to generative AI services as contextual information for narrative generation.
Usage Data
To improve the app, the following usage data is recorded on your device:
- Number and completion rate of narrative generations
- Feature usage frequency
- Error occurrences
- Accessibility feature usage (VoiceOver, etc.)
This data is anonymised and stored on our servers solely for the purpose of service improvement. It is never used to identify any individual.
Data Retention
Usage data and device identifiers are retained for the duration of service operation and deleted when the service is discontinued. Initial survey data is retained as anonymised statistical information for the duration of service operation.
3. Third-Party Services (Data Processors)
We use the following third-party services to provide app functionality. These services act as data processors on our behalf or as independent controllers for data transmitted to them.
Generative AI Services
The following generative AI services are used for photo analysis and narrative generation. All communications are routed through our server over encrypted connections (HTTPS).
- OpenAI — Photo analysis, text generation
- Anthropic (Claude) — Text generation
How data is handled after transmission is governed by each service's privacy policy:
Text-to-Speech Services
The following services may be used to convert generated text to audio. Only text generated within the app is sent; no photos or user-identifying information is included.
- ElevenLabs — Speech synthesis for summaries and narratives
- Aivis Cloud — Speech synthesis for summaries and narratives
X (formerly Twitter)
Posting to X is optional. If you choose to use this feature, you connect your account via X's secure account authorisation. The app only requests posting (write) permission; it does not access your timeline, followers, or any other read permissions. Authentication credentials are securely stored in the device's secure credential storage (Keychain) and deleted upon logout.
4. Data Stored on Your Device
Scia
Generated summary and narrative text can be embedded as a description field stored inside the photo file (IPTC caption) and saved to the "MimiSeka" album in your device's photo library. This feature can be toggled on or off in Settings. Saved photos may include the following embedded data:
- Summary/narrative text (as ALT text)
- Emotion tags (if selected)
- Vision level and narrative mode
- Location data (if location services are enabled)
Lupe
The AI instantly reads text and objects captured by the camera and reads them aloud. Images used for analysis are not saved to your device's photo library.
5. Data Security
- All external communications are encrypted via HTTPS
- Service credentials are managed on our server, not stored in the app
- Apple's App Attest framework is used to verify that requests come from genuine, unmodified copies of the app
- Authentication credentials and device identifiers are securely stored in the device's secure credential storage (Keychain)
6. Sharing with Third Parties
Except for the data processors and services described above, we do not sell, rent, or otherwise provide your data to third parties.
7. International Data Transfers
Your data may be processed by third-party generative AI and speech synthesis services in countries outside the EEA/UK that may not offer the same level of data protection. All transfers are conducted over encrypted connections (HTTPS) via our server. Where personal data is transferred outside the EEA/UK, we rely on the European Commission's adequacy decisions or standard contractual clauses as appropriate to ensure adequate protection of your data.
8. Children's Privacy
This app is not directed at children under the age of 16 in the EEA/UK, but it may be used by children with visual impairments. All survey responses and usage data are collected exclusively as anonymous, non-personally identifiable information for all users regardless of age. Device identifiers are sent to our server solely for request rate limiting and are not linked to any personal information. Core app features (photo analysis, narrative generation, and read-aloud) remain fully available regardless of age.
If we become aware that we have inadvertently collected personal data from a child without appropriate consent, we will take steps to delete such data promptly. If you believe a child has provided us with personal data, please contact us at privacy@mimiseka.jp.
9. Your Rights Under the GDPR
If you are in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:
- Right of Access — Request a copy of the personal data we hold about you
- Right to Rectification — Request correction of inaccurate or incomplete personal data
- Right to Erasure ("Right to be Forgotten") — Request deletion of your personal data
- Right to Restriction of Processing — Request that we limit how we use your data
- Right to Data Portability — Request your data in a structured, commonly used, machine-readable format
- Right to Object — Object to processing based on legitimate interest
- Right to Withdraw Consent — Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing
To exercise any of these rights, please contact us at privacy@mimiseka.jp. We will respond to your request within 30 days.
Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place of the alleged infringement. For the UK, you may contact the Information Commissioner's Office (ICO).
Additional Controls
- Disable location services, album saving, and other features at any time from the in-app Settings
- Disconnect X integration by logging out, which deletes your authentication credentials
- Delete all on-device data by uninstalling the app (excluding photos already saved to your photo library)
10. Changes to This Policy
If we make changes to this policy, we will notify you through the app or our website. For significant changes, a notification will be displayed when the app launches.
11. Contact Us
If you have any questions or requests regarding privacy or wish to exercise your rights, please contact us:
Data Controller: MimiSeka Project
Email: privacy@mimiseka.jp