Privacy Policy
1. Introduction
AI Frame ("the App") is a personal AI assistant app for Android that connects to your own self-hosted gateway server. This Privacy Policy explains what data the App collects, how it is used, and how it is protected.
The App does not send your data to any third-party service. All communication is between the App on your device and a gateway server that you operate.
2. Data We Collect
2.1 Data Stored Locally on Your Device
The App stores the following data in an encrypted local database on your Android device:
- Chat messages — your conversations with the AI assistant (text content, timestamps, session identifiers)
- Tasks — to-do items you create (text, completion status, due dates, repeat patterns)
- Reminders — scheduled reminders (text, time, repeat pattern)
- Device identity keys — a cryptographic key pair (Ed25519) generated on your device, used to authenticate communication with your gateway server
- Connection credentials — your gateway URL and authentication tokens, stored in encrypted shared preferences (AES-256-GCM)
This data remains on your device and is never uploaded to our servers or shared with third parties.
2.2 Data Transmitted to Your Gateway Server
When you use the App, the following data is sent to the gateway server you have configured:
- Chat messages — your text input is sent to your gateway for AI processing, and the AI response is sent back to the App
- TTS requests — when text-to-speech is used, the text to be spoken is sent to your gateway's TTS service and audio is returned
All transmissions are encrypted in transit (TLS) and authenticated with your device's cryptographic keys.
2.2.1 Network Routing
Traffic between the App and your gateway server is routed through Cloudflare's global network infrastructure. Cloudflare processes encrypted TLS traffic for routing purposes but does not have access to the decrypted content of your communications. Cloudflare's handling of network traffic is governed by Cloudflare's Privacy Policy.
2.3 Data We Do NOT Collect
- No analytics or usage tracking
- No crash reporting (Firebase Crashlytics is not enabled)
- No advertising identifiers
- No location data
- No contacts or call logs
- No browsing history
- No data shared with or sold to third parties
3. Permissions
| Permission | Purpose |
|---|---|
| Internet | Connect to your self-hosted gateway server |
| Record Audio | Voice input when you tap the mic button; audio is transcribed via your gateway and never stored |
| Post Notifications | Display reminder notifications |
| Schedule Exact Alarm / Use Exact Alarm | Deliver reminders at the exact time you set |
| Access Network State | Check connectivity before attempting server communication |
All permissions are used solely for the stated purposes. No permission is used for tracking, advertising, or data collection.
4. Data Security
- Encryption at rest: Sensitive data (tokens, keys) is encrypted using AES-256-GCM via Android's EncryptedSharedPreferences
- Encryption in transit: All network communication uses TLS (HTTPS / WSS)
- Message signing: All messages to your gateway are digitally signed with your device's Ed25519 private key
- No backup: Android system backup is disabled (allowBackup: false) to prevent credentials from being copied to cloud backups
5. Data Retention and Deletion
All data is stored locally on your device. You can delete your data at any time by:
- Clearing the App's data through Android Settings
- Uninstalling the App
When you clear data or uninstall, all local data (chat history, tasks, reminders, credentials) is permanently deleted.
6. Children's Privacy
The App is not directed at children under 13. We do not knowingly collect personal information from children under 13.
7. Third-Party Services
The App does not integrate with any third-party analytics, advertising, or tracking services. The only external communication is with the gateway server that you configure and operate.
8. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted within the App or on our distribution page. Your continued use of the App after changes constitutes acceptance of the updated policy.
9. Contact
If you have questions about this Privacy Policy, contact us at:
reach [at] getaiframe [dot] com