Privacy Policy

01

Introduction

At Device Optical Aid (DOA), your privacy is taken seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our desktop application and website. Please read it carefully.

By using DOA, you agree to the collection and use of information in accordance with this policy.

02

Information We Collect

2.1 Account Information

Email address and display name when you create an account
Authentication data when you sign in via Google, Apple, or email
Subscription and payment status (processed by Creem — DOA never sees card details)

2.2 Prescription & Settings Data

Optical prescription values (SPH, CYL, AXIS, ADD) you enter
Visual filter preferences (blue light level, color blindness mode)
App configuration and toggle states

2.3 Usage & Diagnostics

Device and OS information (Windows version, screen resolution, DPI)
Feature usage patterns and session duration
Crash reports and error logs (no screen content included)
GPU model and driver version for shader compatibility checks

03

Screen Capture & Shader Processing

DOA captures your screen in real time to apply vision correction via a GPU shader overlay. This is the core technical mechanism of the product. Here is exactly what happens:

Screen frames are captured locally on your device using Windows Graphics Capture (WGC)
Frames are processed entirely on your GPU — they are never uploaded, transmitted, or logged
DOA does not read, store, or analyze the content of what is on your screen
The corrected overlay is rendered directly back to your display and discarded immediately after

What DOA never captures: Windows system UI, login screens, UAC (User Account Control) prompts, banking or payment windows, and other OS-protected elements are excluded by design — not by policy. The operating system blocks their capture automatically.

04

How We Use Your Information

Authenticate your account and persist your prescription settings across sessions
Enforce free tier limits (daily usage timer, single monitor restriction)
Verify premium subscription status with Creem
Improve shader accuracy and app performance based on anonymized diagnostics
Send transactional emails (subscription confirmations, renewal reminders)
Respond to support requests

05

Data Storage & Security

Account and prescription data is stored in Firebase (Google Cloud) with encryption at rest and in transit
Usage timers and session state are stored locally and synced to prevent reset exploits
Payment records are held exclusively by Creem — DOA has no access to card numbers, bank details, or billing addresses
Access to user data is restricted to essential personnel only

06

Third-Party Services

DOA uses the following third-party services, each governed by their own privacy policies:

Firebase (Google) — authentication and database storage
Creem — subscription and payment processing
Google / Apple — optional OAuth sign-in providers

We do not sell, rent, or share your personal data with advertisers or any other third parties outside the above.

07

Anonymized Aggregate Data

With your explicit opt-in consent, DOA may collect anonymized aggregate data including prescription distribution ranges and correction usage patterns. This data cannot identify you individually and may be shared with optometry researchers or vision care organizations.

You will always be asked before this data is collected. You can opt out at any time from the app settings.

08

Your Rights

Access the personal data DOA holds about you
Correct or update inaccurate information
Delete your account and all associated data
Opt out of non-essential communications
Withdraw consent for anonymized data collection at any time

To exercise any of these rights, contact us at the address below or use the account deletion option in the app.

09

Data Retention

Your account and prescription data is retained for as long as your account is active. If you delete your account, all personal data is permanently removed within 30 days. Anonymized diagnostic data may be retained indefinitely as it cannot be attributed to any individual.

10

Children's Privacy

DOA is not intended for users under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided their information through our service, please contact us immediately and we will remove it.

11

International Data Transfers

Your data may be stored and processed in countries other than your own, including the United States, where Firebase and Creem infrastructure operates. We ensure appropriate safeguards are in place in compliance with GDPR, CCPA, and other applicable regulations.

12

Changes to This Policy

We may update this Privacy Policy as the product evolves. When we do, the "Last Updated" date at the top of this page will be revised. For significant changes, registered users will be notified by email at least 14 days in advance.

13

Contact

If you have any questions about this Privacy Policy or how your data is handled, reach out to us:

doaappsup@gmail.com doa-app-web.vercel.app

For legal terms, see our Terms of Service.