Privacy

Last Updated: January 8, 2025

The Truth

Every app watches you.

We don't.

Every app wants your data.

We don't.

Every app sells your attention.

We can't. We don't have it.

What We Collect

Device Identifier

A random UUID like “7B3A9D2F-4E6A-8C9B”. Generated once. Stored in iOS Keychain. Not linked to you.

Apple Category: Identifiers → Device ID

Product Interaction

Which experiments completed. Completion timestamps. Time spent. Creates your gold thread.

Apple Category: Usage Data → Product Interaction

Preferences

Language choice. Notification settings. Memory tier status. Stored locally and synced.

Nothing Personal

No name. No email. No age. No location. No contacts. No photos. No tracking across apps.

What We Don't Do

No accounts to create.

No profiles to build.

No data to sell.

No ads to show.

No trackers to install.

No cookies to plant.

No analytics to run.

No AI training on your behavior.

We measure success by how little we know about you.

Your Rights

Delete Everything

Settings → Data & Privacy → Delete All Data. Removes local and server data. Generates new device ID.

See Your Data

Your device ID and completion dates. Visible in app. No hidden data.

Export Your Data

Email hello@kinsuku.com with your device ID. We'll send your data in JSON format.

Control Notifications

iOS Settings → Notifications → Kinsuku. Your system, your control.

Storage & Security

On Your iPhone

Core Data with FileProtectionType.complete. iOS encryption at rest. Keychain for device ID.

On Our Servers

PostgreSQL on Vercel (US East). HTTPS only. TLS 1.2 minimum. Encrypted at rest.

Data Retention

Active users: Kept while app installed

Memory subscribers: Duration of subscription

Inactive 90+ days: Automatically deleted

Manual deletion: Instant and permanent

Money

Apple handles payments.

We never see your card.

We never know who paid.

Just that device “7B3A9D2F” has Memory.

Children

We don't know if you're 7 or 70.

We don't ask.

We can't tell.

Everyone gets the same nothing.

The Law

GDPR (Europe)

We comply. But there's nothing to comply with. No personal data.

CCPA (California)

We don't sell data. We barely have data.

COPPA (Children)

We don't collect from anyone. Age irrelevant.

Changes

If this changes, the date changes.

We won't take more data without telling you.

We can't. It would break the manifesto.

Contact

Questions about privacy?

hello@kinsuku.com

Ctrl AI, Inc.

800 North King Street

Wilmington, DE 19801

United States

Technical Implementation

Authentication

No user accounts. Device ID only. No passwords. No OAuth. No social logins.

Network Requests

API: kinsuku-backend.vercel.app. Headers: X-Device-ID, Accept-Language. No cookies. No tracking pixels.

Third-Party Services

Apple StoreKit (payments). Vercel (hosting). PostgreSQL (database). No analytics. No ads. No trackers.

Open Source Verification

Our privacy manifest: PrivacyInfo.xcprivacy. Declares all data use. Required by Apple. Publicly auditable.

The Philosophy

Privacy isn't a feature.

It's the absence of features.

Every byte we don't collect

is a victory against surveillance capitalism.

Your data stays yours

because we never wanted it.

The best privacy policy

is having nothing to policy about.

HomeManifestoTerms