Skip to main content

Privacy Policy

Effective Date: October 1, 2025

Last Updated: October 1, 2025

Version: 1.0

By using Thoughtmarks, you agree to the collection and use of information in accordance with this policy.

1. Introduction

Thoughtmarks ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

This policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Information We Collect

2.1 Information You Provide

Account Information

  • Email address (required for account creation)
  • Display name (optional)
  • Password (encrypted, never stored in plain text)

Content You Create

  • Thoughtmarks (your notes, voice recordings, and captured thoughts)
  • Tags and labels you assign
  • Voice recordings (if you use voice capture)

2.2 Information We Do NOT Collect

  • Biometric data (Face ID/Touch ID stays on-device)
  • Contacts or address book
  • Location data (unless you enable location features)
  • Health data
  • Payment information (handled by Apple App Store)

3. How We Use Your Information

  • Provide core functionality: Store, organize, and retrieve your Thoughtmarks
  • Enable synchronization: Sync your data across your devices
  • Process AI requests: Provide AI-powered features
  • Maintain security: Authenticate your identity and protect your account

4. AI Processing and Data Usage

You choose how your data is processed for AI features:

On-Device Processing (Most Private)

  • AI runs entirely on your device
  • Your data never leaves your device
  • Fastest processing

Cloud Encrypted Processing

  • Data encrypted in transit and at rest
  • Advanced AI features available
  • Data cached for 24 hours, then deleted
Your data is NEVER used to train AI models without explicit opt-in.

5. Data Storage and Security

Encryption

  • At rest: AES-256 encryption
  • In transit: TLS 1.3
  • End-to-end: Optional E2EE for cloud-synced data

6. Data Sharing

We do NOT sell your personal information. Period.

We may share limited data with trusted service providers bound by confidentiality agreements.

7. Your Rights

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal data
  • Portability: Export your data in a portable format
  • Opt-out: Disable analytics and marketing

8. Data Retention

Data Type Retention Period
Account Data While active + 30 days
Content According to your preferences
Usage Data 12 months, then anonymized
Backups 90 days after deletion

9. Children's Privacy

Thoughtmarks is not intended for children under 16. We do not knowingly collect personal information from children.

10. Contact Us

Questions about this Privacy Policy: