Privacy Policy — Ask MyPAi

Ask MyPAi is operated by PSAI Technologies FZC, a company incorporated in the Sharjah Publishing City Free Zone, United Arab Emirates ("we," "us," "our," or "PSAI Technologies").

Privacy: privacy@askmypai.com
Support: support@askmypai.com
Website: www.askmypai.com

Overview

Ask MyPAi is a voice-powered productivity app that helps you capture and organize your thoughts using artificial intelligence. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, who we share it with, and what rights you have.

✓ Key Points

Voice recordings are stored locally on your device and are never uploaded to our servers
Text transcripts are synced to the cloud for AI processing and cross-device access
We use AI to structure, analyze, and generate insights from your transcripts
We collect approximate location (country/region) from your IP address during registration
We do not sell your personal data to third parties
We do not use your identifiable data to train AI models
You can export or delete your data at any time

What We Collect

1.1 Information You Provide Directly

Account information: First name (optional), email address, and password
Voice recordings: Audio captured through the app, stored only on your device
Transcripts: Text versions of your voice recordings, synced to our cloud servers
Edited content: Any changes you make to transcripts or AI-structured content
Support communications: Messages sent via in-app AI chat support, feedback forms, and support tickets (including subject, message content, and category)
Reminder content: Spoken reminders from which we extract reminder text, dates, and times

1.2 Information Generated by AI Processing

Structured content: Titles, summaries, key points, action items, decisions, and other structured data generated by AI from your transcripts
Context classification: Automatic detection of whether content relates to Work, Personal, or Family contexts
Transcript corrections: AI-corrected versions of your transcripts (e.g., fixing phonetic errors from speech-to-text)
Weekly insights: AI-generated analysis of patterns, themes, and observations from your captures

1.3 Information Collected Automatically

Device information: Device type, operating system version, app version
Usage data: Feature interactions, session duration, and usage patterns
Performance data: Error logs, crash reports, and processing metrics
Search queries: Anonymized search terms used within the app
Approximate location: Country and region inferred from your IP address at registration (we do not use GPS or request device location permissions)
Recording streaks: Consecutive days on which you have made at least one capture
Login attempt records: Timestamps and success/failure of login attempts for security monitoring
Engagement metrics: Capture counts, intent type distribution, and feature usage frequency

1.4 Biometric Data

If you choose to enable biometric authentication (Face ID, Touch ID, or Fingerprint), the biometric verification is handled entirely by your device's operating system.

      We do not collect, store, or transmit your biometric data. Your biometric templates remain securely on your device and never leave it. We only receive a confirmation of successful or failed authentication from the device.
    

1.5 What We Do Not Collect

Precise GPS or device location data
Contacts or address book information
Photos, camera access, or media files (other than voice recordings)
Cross-app tracking data
Browsing history
Your actual biometric templates or fingerprint data

How We Use Your Data

2.1 To Provide and Operate the Service

Legal Basis: Contract Performance

Convert your voice recordings to text using speech-to-text processing
Structure and organize your content using AI processing
Correct transcription errors through AI-powered transcript correction
Automatically detect content context (Work/Personal)
Analyze your transcripts to identify and provide related notes across your library
Sync your transcripts and structured content across your devices
Process reminder intents and schedule local notifications on your device
Authenticate your account and maintain session security
Process subscription purchases and manage trial periods

2.2 To Generate Insights and Analytics for You

Legal Basis: Contract Performance

Track your recording streaks and engagement patterns
Generate daily and weekly AI-powered insights analyzing themes, action items, and patterns
Discover related notes across your library

2.3 To Improve and Maintain the Service

Legal Basis: Legitimate Interest

Fix bugs, improve performance, and troubleshoot issues
Analyze aggregated and anonymized usage patterns to develop new features
Monitor system health, error rates, and processing performance
Monitor processing costs and resource usage
Conduct security audits and fraud prevention

2.4 To Communicate With You

Legal Basis: Contract Performance / Legitimate Interest

Send email verification codes (OTP) during registration and email changes
Send password reset communications
Notify you of material changes to these terms or our service
Respond to support requests and feedback submissions
Deliver AI chat support responses within the app
Deliver AI powered insights on using the app more effectively

2.5 To Ensure Security

Legal Basis: Legitimate Interest

Track login attempts to detect and prevent unauthorized access
Enforce account lockout after repeated failed login attempts
Verify device integrity (the app will not run on rooted or jailbroken devices)
Validate secure communications through certificate verification

Automated Decision-Making

Ask MyPAi uses automated processing to deliver its core functionality. This includes:

AI content structuring: Your transcripts are automatically processed by AI to generate titles, summaries, key points, action items, and other structured content. You can review, edit, or reprocess all AI-generated content.
Context auto-detection: AI automatically classifies your captures as Work, Personal, or Family context based on content analysis. This classification is used for organization only and does not affect service access or pricing.
Transcript correction: AI automatically corrects phonetic errors in speech-to-text output. The original transcript is preserved and editable.

Third-Party Service Providers

We use trusted third-party service providers to deliver specific functions of the app. All providers operate under data processing agreements and are contractually bound to process your data only for the purposes we specify.

Service Category	Purpose	Data Shared	Retention by Provider
AI Processing	Structure transcripts, generate insights, correct transcription errors, power AI chat support, and identify related notes	Text transcripts and chat messages (no audio)	Not retained after processing
Speech-to-Text	Transcribe longer recordings or audio where on-device transcription cannot achieve sufficient accuracy	Audio data (only when cloud transcription is required)	Not retained after transcription
Cloud Infrastructure	Store and sync your account data, transcripts, and structured content; manage authentication	Account information, transcripts, structured content, metadata	Retained until account deletion
In-App Payments	Process subscription purchases	Handled entirely by Apple (App Store) or Google (Play Store) — we do not receive or store payment card details	Per Apple/Google terms
Email Delivery	Send verification codes, password resets, and support ticket notifications	Email address and message content	Transient processing only

      We do not share your data for advertising, marketing by third parties, or data brokerage.
    

Data Storage and Security

5.1 Where Your Data Is Stored

Data Type	Storage Location
Voice recordings	Locally on your device only (never uploaded)
Transcripts and structured content	Secure cloud servers
Account and profile data	Secure cloud servers
Biometric authentication data	Your device's secure enclave (never leaves your device)
Reminder schedules	Locally on your device

5.2 Security Measures

Encryption in transit: All data transmitted between the app and our servers is encrypted using industry-standard protocols
Encryption at rest: All cloud-stored data is encrypted at rest using industry-standard encryption
Access control: Security policies ensure that only you can access your own data
Password security: Passwords are securely hashed using industry-standard algorithms and are never stored in plain text
Session security: Authentication sessions are encrypted and stored only in device memory — never persisted to disk
OTP security: Verification codes are securely hashed before storage and expire after 10 minutes
Secure communications: All communications between the app and our servers are verified to prevent interception
Device integrity: The app does not operate on rooted or jailbroken devices
Account lockout: Accounts are temporarily locked after 5 failed login attempts within 15 minutes
Regular security audits: We conduct periodic reviews of our security practices

5.3 Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users without undue delay and in accordance with applicable law (including within 72 hours where required by GDPR, and as required by UAE PDPL and other applicable regulations). We will also notify the relevant supervisory authorities as required.

Data Retention

Data Type	Retention Period	Notes
Voice recordings	90 days on your device	Automatically deleted after 90 days; you can delete sooner
Transcripts and structured content	Until you delete them or your account	You can delete individual captures or all data
Account and profile data	Until account deletion	Includes name, email, preferences
AI-generated insights	Until account deletion	Weekly insights accumulate over time
Support tickets	2 years after resolution, then deleted	Retained for service improvement and audit purposes
AI chat support conversations	Not retained	Session-only; deleted when chat session ends
Login attempt records	90 days	Used for security monitoring
Email verification codes (OTP)	Deleted after expiry	Active codes expire after 10 minutes
Unverified accounts	Deleted periodically	Accounts that never complete email verification
Aggregated analytics	Indefinitely	Fully anonymized and non-identifiable

After account deletion: All cloud-stored data associated with your account is permanently and irreversibly deleted. Voice recordings on your device continue to be automatically deleted after 90 days (or you can delete them sooner within the app). Other local data (cached content, reminder schedules) can be fully removed by uninstalling the app from your device.

Your Rights

7.1 Rights Available to All Users

Regardless of your location, you can:

Access your data: View all your captures, transcripts, insights, and structured content within the app
Export your data: Request a complete export of your data by emailing privacy@askmypai.com
Delete individual captures: Remove specific captures from your library at any time
Delete your account: Permanently delete your account and all associated cloud data from Settings > Account > Delete Account
Correct your data: Edit your transcripts, structured content, profile name, and email address
Withdraw consent: Disable optional features (biometric login, notifications) at any time through Settings

7.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

Know what personal information we collect, use, disclose, and sell (we do not sell personal information)
Delete your personal information, subject to certain exceptions
Correct inaccurate personal information
Opt-out of sale or sharing — we do not sell or share your personal information for cross-context behavioral advertising
Non-discrimination — we will not discriminate against you for exercising your rights

Categories of personal information collected (per CCPA): Identifiers (name, email), internet or electronic network activity (usage data, search queries), geolocation data (approximate, from IP address), audio/electronic information (voice recordings stored on-device, transcripts), inferences drawn from the above (AI-generated content, context classification, well-being indicators).

To exercise your rights, email privacy@askmypai.com or use the in-app data controls in Settings. We will respond within 45 days.

7.3 Rights for UAE Residents (UAE Personal Data Protection Law)

If you are located in the United Arab Emirates, you have the right to:

Access your personal data and obtain a copy
Request correction of inaccurate or incomplete data
Request deletion or destruction of data that is no longer necessary
Restrict or object to the processing of your data in certain circumstances
Request data portability in a common electronic format
Withdraw consent at any time for processing based on consent

We process sensitive personal data (including AI-inferred well-being indicators) only with your consent, which you provide by using the Insights features. You can disable Insights processing by contacting privacy@askmypai.com.

Supervisory Authority: The UAE Data Office is the competent authority for data protection matters in the UAE.

We will respond to all privacy rights requests within 30 days, or within the timeframe required by applicable law.

International Data Transfers

Your data may be processed and stored outside your country of residence. When we transfer personal data internationally, we implement appropriate safeguards:

EU/EEA and UK transfers: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical and organizational measures where necessary
UAE transfers: We comply with the cross-border data transfer requirements under the UAE PDPL, including ensuring that the receiving jurisdiction provides adequate data protection or implementing appropriate contractual safeguards
Other jurisdictions: We ensure that all international transfers comply with applicable local data protection laws

Children's Privacy

Ask MyPAi is designed for individuals aged 16 and older. We do not knowingly collect personal data from anyone under the age of 16. If you believe that a person under 16 has provided us with personal data, please contact us at privacy@askmypai.com, and we will take steps to delete that data promptly.

In jurisdictions where the age of digital consent is lower than 16 (such as 13 in the United States under COPPA), we apply the higher threshold of 16 to maintain a consistent global standard.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Update the "Last Updated" date at the top of this policy
Notify you via email or in-app notification at least 14 days before the changes take effect
Where required by law, obtain your consent before applying changes that affect how your data is processed

Your continued use of Ask MyPAi after the effective date of changes constitutes acceptance of the updated policy. If you do not agree with the changes, you should stop using the app and delete your account.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

Privacy inquiries: privacy@askmypai.com
General support: support@askmypai.com
Website: www.askmypai.com

PSAI Technologies FZC
Sharjah Research Technology and Innovation Park
Sharjah, United Arab Emirates

We respond to privacy requests within 30 days, or within the timeframe required by applicable law.

By using Ask MyPAi, you acknowledge that you have read and understood this Privacy Policy.