ideAI by Magentic
Effective Date: December 10, 2025
This policy pairs plain-language summaries with formal legal terms. The formal terms govern if there is any ambiguity.
Plain English
This policy explains minimal data collection and careful handling practices. The app preserves private thoughts locally.
1.1This Privacy Policy governs collection, use, storage, and disclosure regarding the IdeAI application between Magentic ("the Company") and users.
1.2Installation and use constitute acceptance. Non-acceptance requires avoiding the app entirely.
1.3The Company reserves the right to modify this Policy at any time. Material changes will be communicated via in-app notification.
2.1Personal Data: Information relating to identified or identifiable persons.
2.2User Content: Text, audio, images, or content created within the app, including journal entries and AI conversation logs.
2.3On-Device Processing: Computational operations performed locally without external server transmission.
2.4Device Credentials: Cryptographic keys and authentication materials in secure storage.
Plain English
The company excludes journal entries, personal information, location data, and usage analytics from collection.
3.1The company does not collect: User Content including journals and transcripts; Personal identifiers (names, emails, phone numbers); Device identifiers for advertising or analytics; Geolocation data; Behavioral or usage analytics; Contact or calendar information.
3.2The Company does not possess the cryptographic keys necessary to decrypt User Content.
Plain English
Journal entries use AES-256-GCM encryption. Encryption keys reside exclusively on your device's secure keychain.
4.1All User Content is encrypted on the User's device using the Advanced Encryption Standard with 256-bit keys in Galois/Counter Mode (AES-256-GCM).
4.2Keys are generated and stored exclusively within device hardware-backed secure storage with appropriate access controls.
4.3Encryption keys are not transmitted, stored on servers, or escrowed elsewhere.
4.4The company lacks technical capability for decryption.
Plain English
AI features operate entirely on-device using Apple's machine learning frameworks without internet requirements.
5.1The app utilizes Apple Core ML, MLX, and on-device speech recognition for AI features.
5.2On-Device Processing occurs without network transmission.
5.3Features function without active internet connectivity.
Plain English
Optional iCloud sync backs up encrypted data to user accounts. The company cannot access iCloud or view unencrypted content.
6.1Users may optionally enable iCloud synchronization.
6.2When enabled: User Content remains encrypted with user-controlled keys; The company lacks iCloud access or credentials; Data follows Apple's iCloud terms; The Company receives no data, metadata, or notifications regarding iCloud synchronization activity.
6.3Users may disable sync via iOS Settings or app settings.
Plain English
Camera and microphone access supports voice and vision features. All processing occurs locally. Users can revoke permissions anytime.
7.1The app may request: Camera access for vision features processed on-device; Microphone access for Apple's on-device speech recognition.
7.2Permissions are revocable via iOS Settings without affecting other functionality.
Plain English
Crash reporting is disabled by default. Optional participation shares technical crash information only, never journal entries.
8.1The app does not collect diagnostics or crash reports automatically.
8.2Users may opt into anonymous crash reporting via settings.
8.3Reports may include device model, OS version, app version, and technical crash information.
8.4Reports expressly exclude: User Content; Personal identifiers; Encryption keys; Device memory beyond app execution stack.
8.5Users may opt out anytime.
Plain English
No analytics, advertising networks, or data brokers are integrated. Any future integrations will prompt notifications.
9.1The app does not integrate analytics, advertising, or data broker services.
9.2User data is not transmitted to third parties for marketing or profiling.
9.3Future integrations will trigger policy updates and in-app notifications.
Plain English
This app targets users 13 and older. No child data collection occurs.
10.1The app is not directed toward children under 13.
10.2The company does not knowingly collect data from children under 13.
10.3Given no personal data collection occurs generally, no child data exists in company systems.
Plain English
Your data resides exclusively on your device and optional iCloud backup. Uninstalling removes local data permanently.
11.1User Content is stored exclusively on-device and optionally on personal iCloud accounts.
11.2The company retains no content on its infrastructure.
11.3Users may delete content by: Removing individual entries; Uninstalling the app; Managing iCloud storage.
11.4Device credentials may persist in keychain until manually removed.
Plain English
Privacy regulations grant access, deletion, and export rights. You already possess all your data locally. Export functionality is available without account creation.
12.1Since the company does not store content, traditional data subject rights are fulfilled by the User's possession and control of their own data.
12.2Data portability is exercised through app export functionality.
12.3Erasure is accomplished through deletion methods outlined above.
12.4No account creation is required.
Plain English
Data remains on your device and iCloud. The company performs no international transfers.
13.1Content is stored exclusively on-device or in personal iCloud accounts.
13.2The Company does not transfer User Content internationally as the Company does not receive or store User Content.
13.3iCloud sync follows Apple's practices and terms.
Plain English
Industry-standard encryption applies to company infrastructure. The strongest protection is that the company never possesses your data.
14.1The company implements industry-standard security for its infrastructure.
14.2The primary security mechanism is architectural: the Company does not possess User Content or the means to decrypt it.
Plain English
California residents have enhanced protections. The company does not sell data (it does not possess any) or use it for targeted advertising.
15.1California residents have rights under CCPA and CPRA.
15.2The company does not sell personal information.
15.3The company does not share information for behavioral advertising.
15.4Categories collected or disclosed in the preceding 12 months: None.
Plain English
Contact support through the designated support page for policy questions.
16.1Inquiries should be directed to support@ideai.app.
16.2EU/EEA users may reach support for GDPR inquiries. No Data Protection Officer has been appointed given data practices.
17.1Delaware law governs this policy without conflict-of-law application.
17.2Disputes resolve in Delaware courts.