Privacy Policy
PROMPTCLOAK · UPDATED APRIL 11, 2026
01Our Core Philosophy
This Privacy Policy explains how M1 Insights Inc. handles your data when you use PromptCloak. Our core philosophy is data minimization: we cannot leak, sell, or surrender data that we do not collect.
02Data We Do NOT Collect
No Personal Identifiers: We do not collect your name, email address, phone number, or physical address. No Chat History: We do not store your chat logs — including Character Chat conversations — on our servers. All conversations are stored locally on your device. No Age Data: When you confirm you are 18 or older to use Character Chat, that confirmation is stored only as a local flag on your device; we do not collect, transmit, or verify your age. No IP Logging: We do not maintain logs of your IP address. IP addresses are used ephemerally to route your request and enforce rate limits to prevent abuse, after which they are discarded.
03Data We DO Collect
Anonymous Cryptographic Identifiers: Your device generates a mathematically random Ed25519 Public Key. We store this Public Key to authenticate your access to our API. It cannot be reverse-engineered to identify you. Subscription Status: We process anonymous purchase receipts via Apple In-App Purchases (StoreKit) and our billing provider (RevenueCat) to verify if your Public Key is entitled to premium features. Aggregated Crash Logs: If you have opted into sharing crash data with developers via your Apple iOS settings, we receive anonymized crash reports to help us fix bugs.
04Third-Party Service Providers (LLMs)
To generate AI responses — for both free-form chat and Character Chat — your prompts are transmitted ephemerally through our servers to third-party LLM providers including Groq, xAI, and Perplexity. We use these providers under their standard developer API terms, which include provisions that API inputs and outputs are not used to train their models. Your prompts are processed transiently and are not persistently stored by these providers in the ordinary course of API usage. Character Chat conversations follow the same routing — the character backstory and your roleplay direction are sent as system and user prompts to the LLM, and responses are returned to your device. For details on how each provider handles API data, refer to their respective privacy policies.
05Bring Your Own Key (BYOK) Connections
When you use your own API keys to connect to third-party providers (OpenAI, Anthropic, etc.) or to self-hosted services (Hermes Bridge): (a) your requests travel directly from your device to the provider or server you configured — they do not pass through M1 Insights Inc. infrastructure; (b) your API keys are stored locally in the iOS Keychain on your device and are never transmitted to M1 Insights Inc.; (c) we have no visibility into the content of your BYOK requests or responses; (d) the data handling practices of third-party providers or your self-hosted infrastructure are outside our control and governed by the respective provider's policies or your own configuration.
06Data Deletion
Because we do not have accounts or databases of your chats, you are entirely in control of your data deletion. To delete all your data, simply uninstall the PromptCloak app from your device.
07Changes to This Policy
We may update this policy. If we make material changes, we will notify you within the App.
08Contact
For privacy inquiries, contact M1 Insights Inc. at info@m1labs.io.