Artificial Intelligence (AI) Privacy Policy

How to Check:

1. App Store Privacy Labels: Check the app's App Store page under "App Privacy" section. If AI features are present, data sharing with third parties will be disclosed.
2. In-App Indicators: Apps with AI features will clearly label them (e.g., "AI-Powered", "Ask AI", "AI Assistant", "Smart Suggestions").
3. App Description: The App Store description will mention AI/ML capabilities if present.

Default Assumption: If an app does NOT explicitly mention AI in its App Store page or interface, assume it does NOT use AI services.

Complete AI Provider Details

Provider	Service	Privacy Policy	Data Location	Retention
OpenAI	ChatGPT, GPT-4, API	OpenAI Privacy	United States	30 days (API)
Anthropic	Claude AI	Anthropic Privacy	United States	90 days (API)
Google	Gemini AI	Gemini Privacy	United States	Per Google policy
xAI	Grok	xAI Privacy	United States	Per xAI policy
Alibaba Cloud	Qwen/Tongyi	Qwen Privacy	China	Per Alibaba policy
DeepSeek	DeepSeek AI	DeepSeek Privacy	China	Per DeepSeek policy

IMPORTANT: Retention periods shown are typical for API usage but may vary. Each provider's privacy policy is the authoritative source. We recommend reading them before using AI features.

Provider Independence: We are NOT affiliated with any of these AI providers. They process your data independently according to their own policies. We cannot control their data practices.

• [NO] Your name or contact information (unless you explicitly include it in your AI input)
• [NO] Your device identifiers (IDFA, device ID) - we anonymize requests where technically possible
• [NO] Background data collection - AI providers only receive data when you actively use AI features
• [NO] Data from other apps on your device
• [NO] Your location (unless your AI query specifically includes location)
• [NO] Your contacts, calendar, or other personal data stores (unless you explicitly paste/share that content)
• [NO] Payment information - all payments are handled by Apple, not AI providers

Step-by-Step Data Flow:

1. You Activate AI Feature: You tap "Ask AI", "Generate", "Analyze", or similar AI-powered button
2. Data Preparation: Our app packages your input and necessary context
3. Encryption: Data is encrypted using HTTPS/TLS for transmission
4. API Request: Encrypted data is sent to the AI provider's API endpoint
5. AI Processing: The AI provider processes your request on their servers
6. Response Return: AI response is sent back to the app (encrypted)
7. Display: The app displays the AI-generated response to you
8. Storage: The AI provider may store your request according to their retention policy (see table above)

What Happens on Our Servers (if applicable):

• Some apps route AI requests through our servers for API key management and abuse prevention
• In these cases, we may temporarily cache requests for seconds to minutes to optimize performance
• We do NOT permanently store AI inputs/outputs unless explicitly stated in the app (e.g., "Save AI conversation history" feature)
• Cached data is automatically deleted within 24 hours maximum

Direct API Calls:

• Some apps make direct API calls from your device to AI providers (no intermediary servers)
• This means your data goes directly from your device → AI provider → back to your device
• These apps will be labeled "Direct AI Connection" in their privacy labels

For California Users (CCPA/CPRA):

Sharing data with AI providers may constitute a "sale" or "sharing" of personal information under California law, even though no money is exchanged. You have the right to opt out.

How to Opt Out: Simply do not use AI features. There is no "partial opt-out" - AI features require data sharing to function.

For Brazilian Users (LGPD):

International transfers to countries without adequate protection require your consent or contractual safeguards. Your use of AI features after reading this disclosure constitutes consent under LGPD.

For Other Jurisdictions:

Check your local data protection laws regarding international transfers. Your use of AI features constitutes consent where legally permissible.

Current Training Policies (as of December 2025):

Providers That Do NOT Use API Data for Training:

• OpenAI: Does NOT use API data for training (policy as of 2023+)
• Anthropic: Does NOT use API data for training (policy as of 2024+)

Providers That MAY Use Data for Training:

• Google (Gemini): May use data to improve Google services unless you opt out via Google account settings
• xAI (Grok): Review xAI privacy policy for current training practices
• Qwen: Review Alibaba/Qwen privacy policy for current training practices
• DeepSeek: Review DeepSeek privacy policy for current training practices

IMPORTANT Caveats:

• Policies can change - providers may start or stop using data for training
• "Not used for training" typically has exceptions for abuse prevention, safety, legal compliance
• Aggregated, anonymized, or de-identified data may have different rules
• Human review for quality control may occur even if not used for automated training

Rights You Can Exercise:

1. Right to Opt Out (Universal)

• Method: Simply don't use AI features in the app
• Scope: Complete - if you don't use AI features, no data goes to AI providers
• Alternatives: Many apps provide non-AI alternatives for core functionality

2. Right to Access (GDPR, CCPA, others)

• Our Data: Request what AI-related data we have about you by emailing ladotatishvili@protonmail.com
• Provider Data: You must contact AI providers directly using their privacy request processes
• Limitation: We do NOT have access to data stored by AI providers on their servers

3. Right to Deletion (GDPR "Right to Erasure", CCPA "Right to Delete")

• Our Data: Request deletion of AI-related data we control
• Provider Data: You must contact AI providers directly - we CANNOT delete data on their servers
• Limitation: Providers may retain data for their stated retention period or legal obligations

4. Right to Correction (GDPR, CPRA)

• Limited Applicability: Most AI inputs are transient queries, not stored personal profiles
• For Stored Data: Contact us to correct any AI-related data we maintain

5. Right to Object / Restrict Processing (GDPR)

• Method: Don't use AI features, or contact us to disable AI features for your account (if app supports accounts)
• Impact: AI-powered functionality will not be available

6. Right to Data Portability (GDPR)

• Scope: If the app stores AI conversation history, you can request a copy in a portable format
• Method: Email ladotatishvili@protonmail.com

7. Right to Withdraw Consent (GDPR, others)

• Method: Stop using AI features at any time
• Effect: Future data will not be shared; past data already shared with providers remains subject to their retention policies

For Parents and Guardians:

If your child has used AI features in our apps:

1. Contact us immediately at ladotatishvili@protonmail.com
2. Request deletion of any data we control
3. Contact AI providers directly to request deletion of data on their servers
4. Enable parental controls on the child's device to prevent future AI usage

Parental Control Options:

• Use iOS Screen Time to restrict app usage or specific features
• Enable "Ask to Buy" for in-app purchases that unlock AI features
• Review app privacy settings together with your child
• Consider using apps without AI features for younger children

Our Security Practices:

Data in Transit:

• Encryption: All AI API requests use HTTPS with TLS 1.2+ encryption
• Certificate Pinning: Implemented where technically feasible to prevent man-in-the-middle attacks
• No Unencrypted Transmission: AI data is NEVER sent over unencrypted connections

Data Minimization:

• Only What's Needed: We send only the minimum data required for AI functionality
• No Identifiers When Possible: We avoid sending device identifiers or user IDs when technically possible
• Anonymization: Where feasible, we anonymize requests before sending to AI providers

API Key Security:

• Server-Side Storage: API keys are stored on our secure servers, not in the app binary
• Rate Limiting: We implement rate limiting to prevent abuse
• Monitoring: We monitor for unusual patterns that might indicate compromise

Access Controls:

• Developer Access: Only authorized developers have access to AI API configurations
• Logging: We log API access for security monitoring (logs are anonymized and retained for 90 days max)

Example Scenario 1: AI Writing Assistant

User Action: You use an AI feature to improve your writing (e.g., "Make this text more professional")

Data Shared:

• Your original text
• Your editing instruction ("make this more professional")
• Technical metadata (timestamp, token count)

Data NOT Shared: Your name, contact info, other documents in the app, device location

Provider Processing: AI provider receives your text, processes it, returns improved version, retains according to policy

Privacy Impact: If your text contains sensitive info, it's now with the AI provider

Example Scenario 2: AI Image Analysis

User Action: You ask AI to describe what's in a photo

Data Shared:

• The photo file itself
• Your question ("What's in this photo?")
• Technical metadata

Data NOT Shared: Other photos in your library, photo metadata (GPS location, date), your identity

Provider Processing: AI provider receives image, analyzes it, returns description, retains according to policy

Privacy Impact: If photo contains identifiable people or sensitive content, it's now with AI provider

Example Scenario 3: AI Chatbot Conversation

User Action: You have a multi-turn conversation with an AI chatbot in the app

Data Shared:

• All your messages in the conversation
• Conversation context (AI needs previous messages to respond coherently)
• Session identifier (to maintain conversation continuity)

Data NOT Shared: Your conversations in other apps, your identity beyond the session

Provider Processing: AI provider stores conversation history for the duration of the session (and retention period), uses it to generate contextual responses

Privacy Impact: Longer conversations = more data retained by AI provider

Example Scenario 4: AI Data Analysis

User Action: You upload a spreadsheet and ask AI to analyze trends

Data Shared:

• The entire spreadsheet contents
• Your analysis request
• Follow-up questions

Data NOT Shared: Other files on your device

Provider Processing: AI provider receives full spreadsheet, analyzes it, returns insights, retains according to policy

Privacy Impact: If spreadsheet contains business secrets, personal data, or confidential information, it's now with AI provider

Method 1: Don't Use AI Features (100% Effective)

1. Identify AI features in the app (they're clearly labeled)
2. Simply don't tap/use those features
3. Use non-AI alternatives for core functionality where available

Result: Zero data sent to AI providers. This is the only 100% guaranteed method.

Method 2: Disable AI Features (If App Supports)

1. Open app settings
2. Look for "AI Features", "Smart Features", or similar section
3. Toggle off AI features
4. Restart app if prompted

Result: AI features are disabled in the app interface. Note: Not all apps support disabling AI.

Method 3: Delete App (Nuclear Option)

1. If you're uncomfortable with AI data practices and can't avoid AI features
2. Delete the app
3. Look for alternative apps without AI features

Result: No future data sharing. Past data already shared with AI providers remains subject to their retention policies.

Method 4: Request Account Deletion (For Apps with Accounts)

1. Email ladotatishvili@protonmail.com with subject "Delete My Account"
2. Provide your account email/username
3. Specify "Delete all AI-related data"
4. We'll confirm deletion within 30 days

Result: We delete AI-related data we control. You must separately contact AI providers to delete data on their servers.

Method 5: Provider-Level Opt-Out (Partial)

Some AI providers offer opt-out mechanisms:

• Google (Gemini): Google Account privacy settings - can disable data usage for improvements
• OpenAI: Check OpenAI privacy settings if you have an account (note: app API usage may be separate from OpenAI account)
• Others: Check each provider's privacy policy for opt-out options

Limitation: Provider-level opt-outs typically don't prevent initial data transmission, only subsequent use (e.g., for training).

Update Policy:

• Frequency: We review this policy quarterly and update when significant changes occur
• Notification: Material changes will be announced via app update notes and/or email (if you have an account)
• Effective Date: Changes take effect on the "Changed" date shown in the metadata above
• Your Consent: Continued use of AI features after changes = acceptance of new policy

What Triggers a Policy Update:

• Adding or removing AI providers
• Significant changes to AI provider privacy policies
• New AI features that process data differently
• Changes to data retention practices
• Legal/regulatory changes requiring policy updates
• User feedback indicating policy clarifications needed

How to Stay Informed:

• Check this page periodically (bookmark it)
• Review app update notes when updating apps
• Subscribe to notifications (if app supports)
• Follow our developer updates (if we publish any)

The Most Important Things to Remember:

1. AI Features = Data Sharing: Using AI features means your data goes to third-party AI companies in other countries
2. Read Provider Policies: Each AI provider has different privacy practices - read their policies before use
3. International Transfers: Your data will leave your country and be processed under different privacy laws
4. Opt-Out is Simple: Just don't use AI features - that's the only 100% effective opt-out
5. Think Before You Type: Assume anything you input to AI could be retained, reviewed, and potentially used for training
6. Children Require Extra Care: Children under 13-16 should not use AI features without parental supervision and consent
7. We're Independent: We don't control AI providers' practices - they're independent companies
8. Policies Change: AI provider policies can change - check links periodically if you use AI regularly