Security and Privacy

Updated 4/23/2024

“Airi does not own your data, nor do we sell it to others or use it for advertising. It’s your data, period.”

This policy applies to all information collected or submitted on Airi’s website and apps for iPhone and other devices and platforms.

Sign in with Apple

Sign-in with Apple provides a private and secure login method using your Apple ID with two-factor authentication. Sign in with Apple does not give access to your Apple ID credentials or any data stored in iCloud. For details, see Apple’s documentation.

What does Airi do with my Contacts data?

The app references contacts only to identify birthdays and names mentioned in conversations. Names are saved only to your account and never shared.

Technical Information

Email Marketing

Airi uses account email for product features including daily and weekly summaries, product update newsletters, and transactional notifications like subscription receipts and support issues. Users can unsubscribe from newsletters and notifications at any time.

Ads and Analytics

The iOS and Web apps collect usage metrics — such as feature usage percentages and sign-in timing — to improve the app and identify errors or performance issues. Telemetry is limited to high-level product usage and never includes sensitive data like notes or contact information. Future anonymization of telemetry data is planned.

Information Usage

Information collected operates and improves the website, apps, and customer support. Personal information is not shared with outside parties except as necessary for functionality.

Information may be disclosed in response to subpoenas, court orders, or legal requirements; to exercise legal rights or defend against claims; to investigate illegal activities, suspected fraud, abuse, or policy violations; or to protect rights and property.

In future business transactions, user information may be transferred as part of assets.

Information Isolation

Contact information is accessible only to users who explicitly added it through integrations or manually. Software safeguards enforce appropriate visibility.

Passwords

Passwords are hashed, not stored, using industry-standard methods (currently the PBKDF2 algorithm with a SHA256 hash). All app and website communication requires HTTPS.

Other

  • Notification tokens are stored only if notifications are enabled; never used for marketing
  • Cookies and app tokens maintain login sessions
  • Server software may store basic technical information like IP addresses in temporary memory or logs

Use of Contact Data

Airi accesses contact lists only with explicit permission to identify birthdays and names mentioned in app interactions. Data personalizes experience and sets reminders. Contact data is temporarily cached on secure servers and not used otherwise. Access logs are maintained for security and compliance.

Security Vulnerability Disclosure

Security or privacy vulnerabilities should be reported to support@airi.space.

Reports should include:

  • Specific product and software version(s) affected
  • Observed behavior and expected behavior description
  • Numbered reproduction steps and video demonstration if applicable

Reports receive acknowledgment, and Airi contacts reporters if more information is needed. Issues remain undisclosed until investigation is complete and updates are available.

Accessing, Changing, or Deleting Information

Users may access, change, or delete account information from the Airi app or by emailing support@airi.space.

Deleted information may be kept in encrypted backups for up to 90 days, accessed only for disaster recovery. Airi may delete information at any time for technical needs, legal concerns, abuse prevention, idle account removal, data loss, or other reasons.

Compliance Information

Third-Party Links and Content

Airi displays third-party social site and API content with independent privacy policies. Airi has no responsibility or liability for their content or activities.

California Online Privacy Protection Act Compliance

The company complies with COPPA and will not distribute personal information to outside parties without consent.

Children’s Online Privacy Protection Act Compliance

Airi never collects or maintains information from those known to be under 13, and no website part targets anyone under 13.

Google API Services User Data Policy Compliance

Airi’s use of information received from Google APIs will adhere to the Google API Services User Data Policy, including its Limited Use requirements.

Information for European Union Customers

By using Airi and providing information, users authorize collection, use, and storage outside the European Union.

International Transfers of Information

Information may be processed, stored, and used outside users’ countries. Data privacy laws vary by jurisdiction, and different laws may apply depending on processing, storage, or usage location.

Your Consent

Using the site or apps constitutes consent to the privacy policy.

Questions or Concerns

For questions or concerns regarding terms, privacy, or security, contact support@airi.space.

Important Disclaimer

Airi is not designed to assist with crises such as abuse, severe mental health conditions that may cause feelings of suicide, harm to self, and any other medical emergencies. The app cannot provide medical or clinical advice and does not replace human therapists or doctors. Users in emergencies should contact country-specific suicide hotlines.