Legal

Privacy Policy

Effective: March 2, 2026

Privacy First: Your conversations are stored in your private iCloud account — we have no access to them. Your health data never leaves your device. We never sell your data to third parties.

This Privacy Policy describes our practices with respect to personal data we collect when you use Secure AI on iPhone, iPad, and Mac.

1. Personal Data We Collect

Account Information

Apple ID information (via Sign in with Apple)
Email address
Account preferences and settings
Transaction history (for paid subscriptions)

Health Data

With your explicit permission through iOS Settings, the app may access health data from Apple HealthKit including activity, sleep, heart rate, nutrition, and body measurements.

Your health data never leaves your device. All HealthKit data remains on your device unless you enable iCloud sync, in which case it's stored in your private iCloud account. We never transmit health data to our servers or any third party.

Conversation Data

Messages you send and responses you receive are stored locally on your device, optionally synced via Apple CloudKit to your other devices, and sent to our AI provider's servers to generate responses (encrypted in transit via HTTPS).

Device and Usage Information

We automatically collect device type, OS version, app version, anonymized crash logs, and aggregated usage statistics for improving the app.

Payment Information

Payment processing is handled entirely by Apple. We do not collect or store payment card information — only subscription status and transaction receipts for verification.

2. How We Use Personal Data

Purpose	Data Used
Provide AI responses	Conversation data (sent to AI provider)
Sync across devices	Conversation data (stored in your iCloud)
Process subscriptions	Apple ID, transaction receipts
Improve performance	Crash logs, anonymized usage stats
Prevent fraud	Device information, usage patterns
Legal compliance	As required by law

We do not use your data to:

Train AI models
Sell or rent to third parties
Show targeted advertisements
Create marketing profiles

3. Data Storage and Security

Local Storage

Your conversation history and preferences are stored locally on your device using Apple's secure Core Data framework.

iCloud Sync (Optional)

When you enable CloudKit sync, your conversation history is stored in your private iCloud account, encrypted in transit and at rest. Only you can access this data. We cannot access data stored in your iCloud.

Third-Party AI Processing

To generate AI responses, your messages are sent to our AI provider's servers. We have configured our API usage so that our provider does not use your data to train their models. Messages are transmitted securely via HTTPS.

Security Measures

Encryption in transit (TLS 1.3)
Encryption at rest (iOS data protection, iCloud encryption)
Secure authentication (Sign in with Apple)
Limited data retention

4. Data Sharing and Disclosure

We share your personal data only in the following limited circumstances:

Apple: For app distribution, payments, iCloud sync, and authentication
AI provider: For generating responses (as described above)
Legal requirements: When required by law or court order
Business transfers: If we are involved in a merger or acquisition, with prior notice to you

We do not sell your data. We do not share your data with advertisers. We do not use your data for cross-site tracking.

5. Data Retention

Account data: Stored until you delete your account (processed within 30 days)
Conversation history: Stored locally and in iCloud until you delete it
Health data: Never stored on our servers — remains on your device or iCloud only
Crash reports: Retained 90 days, anonymized and cannot be linked to you

6. Your Rights and Controls

Delete conversations: Tap and hold any conversation to delete
Clear all history: Settings → Privacy → Clear All Data
Delete account: Settings → Account → Delete Account
Manage HealthKit permissions: iOS Settings → Health → Data Access & Devices
Control iCloud sync: App Settings → Sync → Enable/Disable

Depending on your location, you may also have rights to access, correct, port, or object to processing of your data. Contact us through the app to exercise these rights.

7. California Privacy Rights (CCPA)

California residents have the right to know what personal information we collect, the right to delete it, and the right to opt-out of sale. We do not sell personal information and do not share it for cross-context behavioral advertising.

8. Children's Privacy

Our Services are not intended for children under 13. We do not knowingly collect personal information from children under 13. Users between 13 and 18 must have parental permission.

9. International Data Transfers

Your data may be processed in the United States where our AI provider's servers are located. We ensure appropriate safeguards including encryption in transit and at rest.

10. Third-Party Services

Apple Services: The app uses Apple HealthKit, CloudKit, and Sign in with Apple. Apple's privacy practices are governed by their Privacy Policy.

AI provider: AI responses are generated via an AI API. Their data practices are described in their privacy policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by posting the updated policy in the app and updating the effective date. Continued use of the Services constitutes acceptance.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us through the support page or via the support section in the app.