Security & Legal

PicSurg was designed from the ground up with security as a core principle. Here's exactly how your photos are protected.

SecurityPrivacy PolicyTerms of Service

On-Device ML Processing

  • All photo analysis happens entirely on your device. No images are ever sent externally
  • The ML model runs locally with no internet connection required

AES-256-GCM Encryption

  • Every photo is individually encrypted using AES-256-GCM, the same standard used by governments and financial institutions
  • Encryption keys are securely stored in the iOS Keychain and never leave your device

Biometric & PIN Authentication

  • Face ID and Touch ID with a 6-digit PIN fallback
  • Auto-locks when backgrounded, requiring fresh authentication every session

Data Handling & Storage

  • Photos never leave your device. No servers, no cloud storage
  • Vault excluded from iCloud and iTunes backups by default

Privacy-Aware Design

  • Designed with healthcare data privacy as a core principle
  • Built primarily on Apple first-party frameworks for security and reliability

Last updated: March 2026

Privacy Policy

1. Introduction

PicSurg ("we", "our", or "the App") is committed to protecting your privacy. This Privacy Policy explains how we handle information when you use our iOS application. PicSurg is designed with a privacy-first approach where all data processing occurs on your device.

2. Information We Collect

We do not collect, transmit, or store any photos or personal health data on external servers.

The App processes the following data locally on your device:

  • Photos: The App accesses your photo library (with your permission) to analyze images using an on-device machine learning model. Photos identified as surgical are encrypted and stored locally in an encrypted vault.
  • Authentication data: Your PIN hash, biometric enrollment preferences, and optional recovery email are stored in the iOS Keychain on your device.
  • App preferences: Settings such as scan history and onboarding status are stored locally using iOS UserDefaults.

The App also sends anonymous usage analytics to help us improve the product:

  • Anonymous analytics: Feature usage counts (e.g. number of scans, photos secured), durations, and success/failure status. No photos, filenames, patient data, or personally identifiable information is ever included.

3. How We Use Your Information

All photo processing occurs on-device. Your data is used for:

  • Classifying photos as surgical or non-surgical using the on-device ML model
  • Encrypting and securely storing selected photos in your local vault
  • Authenticating you via Face ID, Touch ID, or PIN
  • Sending anonymous usage analytics to improve the app (no photos or personal data included)

4. Data Sharing

We do not share, sell, or transmit any photos or personal health data to third parties. The App sends anonymous usage analytics (e.g. feature usage counts, scan durations) to help us improve the product. This data contains no photos, patient information, or personally identifiable information.

5. Data Security

Your photos are protected by:

  • AES-256-GCM encryption for all vault contents
  • iOS Keychain storage for encryption keys (WhenUnlockedThisDeviceOnly)
  • Biometric authentication (Face ID / Touch ID) with PIN fallback
  • Automatic locking when the app is backgrounded
  • Vault exclusion from iCloud and iTunes backups

6. Healthcare Privacy

PicSurg is a photo management tool designed with healthcare data privacy in mind. All photos and health-related data remain on your device and are never transmitted externally. The only network activity is anonymous usage analytics, which contains no patient data. PicSurg is not itself a regulatory compliance solution. Healthcare providers are responsible for ensuring their own compliance and should consult their compliance officers regarding institutional policies.

7. Your Rights

You have full control over your data:

  • You can restore any photo from the vault to your camera roll
  • You can delete individual photos or all vault contents
  • You can reset the entire app and delete all data in Settings
  • Uninstalling the App removes all locally stored data

8. Children's Privacy

PicSurg is not intended for use by children under 17. We do not knowingly collect any information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected in the "Last updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy, please contact us at contact@picsurg.com.

Last updated: March 2026

Terms of Service

1. Acceptance of Terms

By downloading, installing, or using PicSurg ("the App"), you agree to be bound by these Terms of Service. If you do not agree to these terms, do not use the App.

2. Description of Service

PicSurg is an iOS application that uses machine learning to identify surgical and operative photos in your camera roll and stores them in an encrypted vault on your device. The App is designed for healthcare professionals who need to separate surgical documentation from personal photos.

3. Eligibility

You must be at least 17 years old to use PicSurg. By using the App, you represent that you meet this age requirement.

4. User Responsibilities

  • You are responsible for maintaining the security of your PIN and device
  • You are responsible for any photos you choose to secure or delete
  • You should maintain your own backups of important photos before securing them
  • You must comply with all applicable laws and institutional policies regarding medical images

5. ML Classification Accuracy

The machine learning model provides automated photo classification with confidence scores. While designed for high accuracy, the model may produce false positives or false negatives. You should always review the results before confirming actions. PicSurg is not responsible for incorrect classifications.

6. Limitation of Liability

PicSurg is provided "as is" without warranties of any kind. To the maximum extent permitted by law, we shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of data, loss of photos, or inability to access your vault.

7. No Medical Advice

PicSurg is a photo management tool. It does not provide medical advice, diagnosis, or treatment. The App does not analyze the medical content of photos. It only classifies whether a photo appears to be surgical in nature.

8. Intellectual Property

The App, including its design, code, ML model, and branding, is the intellectual property of PicSurg. You may not reverse-engineer, decompile, or create derivative works based on the App.

9. Termination

You may stop using PicSurg at any time by uninstalling the App. Uninstallation removes all locally stored data, including your encrypted vault. We recommend exporting any photos you wish to keep before uninstalling.

10. Changes to Terms

We reserve the right to modify these Terms of Service at any time. Changes will be effective upon posting. Your continued use of the App after changes constitutes acceptance of the updated terms.

11. Contact

For questions about these Terms of Service, please contact us at contact@picsurg.com.

Have questions about our security approach?

Contact Us