Privacy Policy
This Privacy Policy explains how we handle your information when you use My AI Circle (the "App"), an independent project.
The short version
- We use Sign in with Apple. We never see your Apple password.
- Your chats and characters live on your device. They're sent to an AI provider only to generate the next reply, and we don't store the message bodies on our servers.
- We don't use any analytics or advertising SDKs. No third-party tracking.
- We don't train AI models on your conversations.
- You can delete your account at any time from inside the App.
What we collect
When you sign in. Apple shares a stable user identifier and an email address (which may be a private relay address). You can also share a display name.
When you subscribe. A transaction ID and the product you bought. We use it to grant access and track monthly usage.
Usage counters. Per billing period, we record token counts and approximate spend so we can enforce subscription limits. We don't keep message text in these records.
Your messages. Stored locally on your device using SwiftData. When you send a message, the message and recent context travel over HTTPS to our backend, which forwards them to the AI provider to generate a reply. If you've turned on Personal Info Protection, sensitive details (phone numbers, emails, IDs, etc.) are redacted on your device before the message is sent.
iCloud Backup. Optional. If you enable it in Settings, the App writes an encrypted backup file to your private iCloud Drive. We can't read it.
Diagnostics, ad IDs, location, contacts, browsing history. We don't collect these.
Who we share with
- Apple — Sign in with Apple, App Store / StoreKit purchases.
- Supabase (database and serverless backend) — stores your account row and subscription/usage records.
- OpenRouter — receives your message and recent context to generate the AI reply. OpenRouter routes the request to one of several model providers depending on the task. We use ZDR models. Your prompt and the reply pass through their systems; their data-handling is governed by OpenRouter's privacy policy.
- Authorities — if we're required by law.
We do not sell your data and do not share it with advertisers.
Where data is processed
Our backend and the AI provider operate in the United States and other regions. Where required, we use Standard Contractual Clauses or equivalent safeguards for international transfers.
How long we keep things
- Your account row: while your account is active.
- Subscription / usage rows: the current billing period plus a short record-keeping window after, then deleted when you delete your account.
- Message bodies on our servers: not stored beyond the request lifecycle.
- Local content on your device: stays until you delete chats, sign out and clear data, or delete your account.
When you tap Delete Account in Settings, we delete your account and all linked subscription/usage records from our database, and clear chats and characters from your device.
Security
- HTTPS with TLS for everything, plus certificate pinning so requests can only reach our backend.
- Authentication tokens are stored in the iOS Keychain.
- Database access goes through serverless functions; the app never connects to the database directly.
- The Personal Info Protection filter runs on your device before content leaves it.
If you find a security issue, please email aicircle@dropmsg.in.
Your rights
Depending on where you live (EEA, UK, California, India, etc.), you may have rights to access, correct, delete, port, or object to processing of your information, and to complain to your local data-protection authority. You can delete your account directly in the App. For other requests, email aicircle@dropmsg.in — we'll respond within the time limit set by your local law.
Children
The App is rated 17+ on the App Store (Apple's highest age tier), and our Terms require users to be at least 18. We don't knowingly collect data from children under 13 (or the local equivalent). If you believe a child has provided us information, contact aicircle@dropmsg.in and we'll delete it.
Changes
If we update this policy, we'll change the "Effective date" above. Significant changes will be announced inside the App or by email.
Contact
My AI Circle
Based in Bangalore, India
aicircle@dropmsg.in
Appendix — App Store data disclosure
| Data type | Collected | Linked to user | Used for tracking | Purpose |
|---|---|---|---|---|
| Email address | Yes | Yes | No | App Functionality |
| User ID | Yes | Yes | No | App Functionality |
| User Content (chat messages, in transit) | Yes | Yes | No | App Functionality |
| Purchase history | Yes | Yes | No | App Functionality |
| Diagnostics, identifiers, location, contacts, browsing history, advertising data | No | — | — | — |