Legal

Privacy Policy

Effective date: March 15, 2026

Back to home

1. Overview

Mithrel ("we", "us", or "our") is a personal AI social application for iOS. This Privacy Policy explains what data we collect, how we use it, and the choices you have. We built Mithrel with a privacy-first architecture: the most sensitive processing happens on your device, and nothing is published without your explicit approval.

By using the Mithrel app, you agree to the practices described in this policy.

2. Data We Collect

2.1 Data processed on-device only (never sent to our servers)

  • Photos and camera roll — used to detect patterns and generate draft captions via the Gemini Vision API (images are sent to Google's API, not stored on our servers)
  • Apple Music / media library — used to identify listening patterns
  • HealthKit data — steps, activity, sleep patterns used for behavioral context
  • Screen Time / DeviceActivity — app usage patterns used for behavioral context
  • Location clusters — approximate location patterns derived on-device from photo metadata

2.2 Account data (stored on our servers)

  • Name, email address, and profile photo from your Google or Apple account (provided at sign-in)
  • Authentication tokens (JWT) used to maintain your session

2.3 Content you choose to publish

  • Post captions and any photos you explicitly choose to include in a published post
  • Timestamps and metadata associated with published posts

2.4 Usage data

  • Basic app interaction logs (e.g., drafts reviewed, posts published) used to improve the service
  • Crash reports and error logs

3. How We Use Your Data

We use your data only for the following purposes:

  • To authenticate your account and maintain your session
  • To generate AI-drafted posts for your review (using on-device processing and the Google Gemini API)
  • To display your published posts in the social feed
  • To improve Mithrel's pattern detection and AI quality
  • To respond to support requests

We do not sell your personal data. We do not use your data for third-party advertising.

4. Google Gemini API

When you request an AI-generated caption for a draft post, the relevant photo and contextual text are sent to Google's Gemini API for processing. This transmission is governed by Google's API Terms of Service and Privacy Policy.

We do not store the photos or inputs sent to Gemini on our servers. Only the generated caption text is returned and stored temporarily in your draft.

5. iOS Permissions

Mithrel requests the following iOS permissions. All are optional — you can use a reduced version of the app without granting them:

PermissionPurposeStored
PhotosIndex your photo library to detect patterns and generate draftsOn-device only
CameraCapture new photos directly within the appOn-device only
Apple MusicDetect music listening patterns for behavioral contextOn-device only
HealthKitDetect activity and sleep patterns for behavioral contextOn-device only
Screen Time (Family Controls)Detect app usage patterns for behavioral contextOn-device only

6. Data Sharing

We share data only in these limited circumstances:

  • Google Gemini API — photo and text inputs for caption generation (see Section 4)
  • Google Sign-In / Apple Sign-In — authentication tokens processed by these providers
  • Legal compliance — if required by applicable law, court order, or governmental authority
  • Business transfer — in the event of a merger, acquisition, or sale of assets, with advance notice to you

7. Data Retention

Account data and published posts are retained for as long as your account is active. You may delete your account at any time from the Profile → Settings screen, which will permanently remove your account data and all published posts from our servers.

On-device data (indexed photos, location clusters, draft history stored in SwiftData) is deleted when you delete the Mithrel app from your device.

8. Your Rights

Depending on your jurisdiction, you may have rights including:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of your account and associated data
  • Portability — request an export of your data in a machine-readable format
  • Objection — object to certain processing activities

To exercise any of these rights, contact us at privacy@mithrel.app.

9. Children's Privacy

Mithrel is not directed to children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Security

We use industry-standard security measures including TLS encryption in transit and JWT-based authentication. On-device data is protected by iOS device encryption. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via in-app notification or email. Continued use of Mithrel after the effective date of a revised policy constitutes acceptance of the changes.

12. Contact

If you have questions about this Privacy Policy or your data, please contact us:

Email: privacy@mithrel.app