FamilAI Privacy Policy
Summary in plain English
FamilAI helps you preserve your family’s stories. To do that we need a few things from you — your name, your email, and the stories you choose to record. Here is exactly what we collect, who sees it, and what you can do about it.
- FamilAI does not upload your voice recordings. Transcription runs on-device using Apple’s Speech framework. Voice recordings are stored locally in the app for playback and export unless you delete them.
- Only the transcribed text is sent to our AI. Claude (from Anthropic) helps us identify people and events in your stories. Anthropic does not retain the data for training.
- You own your stories. You can export or delete everything from inside the app at any time.
- We do not track you. No App Tracking Transparency prompt, no advertising IDs, no third-party analytics that follow you around.
1. What we collect
| Data | Why | Where it lives |
|---|---|---|
| Your name | To label your account and the stories you record | Supabase Postgres (encrypted at rest) |
| Your email | For Sign in with Apple / account recovery | Supabase Auth |
| Voice recordings | To let you replay or export the original family story audio | On-device local app storage; not uploaded to FamilAI, Supabase, or Anthropic |
| Story transcripts | The text of what you recorded, so you can read it back | Supabase Postgres (encrypted at rest) |
| Family tree data | Names, dates, places for the people in your stories | Supabase Postgres (encrypted at rest) |
| User ID | Apple SiwA user ID + Supabase user ID | Supabase Auth |
2. Who we share it with (subprocessors)
- Apple — Sign in with Apple identifies you when you sign in. Apple may see your name and email on first sign-in. StoreKit processes your subscription payment. Apple’s privacy policy applies. Region: worldwide.
- Supabase — Our backend database and authentication. Supabase stores your data on AWS in the region where we provision the project (currently Northeast Asia / Tokyo). Supabase is GDPR-compliant and SOC 2 Type II audited.
- Anthropic PBC — We send the text of your stories (never the audio) to Claude via our Supabase Edge Function proxy, for the sole purpose of identifying people, places and events and suggesting follow-up questions. Per Anthropic’s API terms (anthropic.com/legal/api), Anthropic does not retain API inputs or outputs for training.
We do not share your data with any other third party. No advertisers, no analytics vendors, no data brokers.
3. What we do NOT do
- We do not track you across apps or websites.
- We do not sell or rent your data.
- We do not fingerprint your device.
- We do not use advertising identifiers (IDFA).
- We do not upload your voice audio to FamilAI, Supabase, or Anthropic.
4. Your rights (GDPR / CCPA / LGPD)
You have the right to:
- Access — see everything we have about you (use the “Export data” button in Settings).
- Rectify — correct any incorrect information.
- Erase — delete your entire account with one tap in Settings → Delete Account. Deletion is immediate and cascades across Supabase and local storage. Apple Sign In tokens are best-effort revoked server-side.
- Portability — export your data as JSON from Settings.
- Object — you can stop using the app at any time by unsubscribing via Apple Settings.
- Complain — you may lodge a complaint with your supervisory authority (in the EU, that is your national data protection authority).
To exercise any of these rights outside the app, email privacy@familai.app. We will respond within 30 days.
5. Data retention
We retain your data for as long as your account exists. When you delete your account, we remove all of your data from Supabase immediately. Backups are purged within 30 days.
6. Children
FamilAI is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has used the app, please contact us and we will delete the account.
7. Security
- All network requests use TLS 1.2+.
- Supabase data is encrypted at rest (AES-256).
- Your authentication session is stored in the iOS Keychain (hardware-backed where available).
- Row-Level Security policies enforce that you can only read / write your own family’s data — even if our anon key leaks, your data is protected.
- The Anthropic API key never touches the iOS client. It lives as an encrypted secret in our Supabase Edge Function environment.
8. International transfers
If you are in the EU, your data may be transferred outside the EU. FamilAI’s current Supabase project stores backend data in Northeast Asia / Tokyo, and communication with Anthropic’s API may transit to the US. We rely on our subprocessors’ published compliance programs and contractual safeguards for these transfers.
9. Changes to this policy
We will post any changes here and bump the effective date at the top. Material changes will be notified in-app before they take effect.
10. Contact
Wisewood Srl
Email: privacy@familai.app
Support: support@familai.app
Website: familai.app