Skip to main content

Privacy-First by Design

AI Thing assumes everything on your screen is sensitive, and anything outside your system is treated as insecure. We believe privacy is not a premium feature—it’s for everyone.

How Privacy Works in AI Thing

  • No Continuous Capture
    Never records your screen or listens in the background.
  • Selective Context Only
    Context (like part of your screen or an open app) is only captured when you explicitly choose to.
  • Secure Access
    No API keys, tokens, or sensitive user information are stored on our servers; everything remains local to your system.
  • Transparency
    Before any file or text is sent to a model, you see exactly what will be shared in the preview.
  • Local History
    No conversation is stored on our servers. All conversations are stored locally on your system.
  • Secure Files
    Files are not persisted on our servers. They are encoded on your system and used only within your active tab.
  • Local Privacy Checks (Coming Soon)
    On-device models will scan shared content for sensitive data before it leaves your system.

Data We Collect

  • What We Collect:
    • Your email and profile information (name and profile picture, if available) when you download and sign in. This is collected via Firebase Authentication.
    • Basic usage analytics within AI Thing only — such as which buttons are clicked, which screens are viewed, and what errors occur. This is collected via Firebase Analytics.
  • Why We Collect It:
    • Email and profile information: To understand who our users are.
    • Analytics: To improve the product experience by identifying errors and common usage patterns.
  • What We Don’t Do:
    • We do not sell your data.
    • We do not collect or store any conversations, images, or API keys that you use within AI Thing.
    • We do not collect any usage data from outside AI Thing.
  • Where Your Data Lives:
    • All configurations, API keys, and conversation history are stored locally on your system, not on our servers. This ensures your sensitive data and personal conversations remain entirely under your control.

Managed Models

Managed Agents

  • Google Workspace:
    • Access:
      • Access to your Google Account is managed through authentication tokens.
      • Tokens are stored only in memory within the AI Thing app and in temporary in-memory sessions on the server. They are never stored permanently.
      • Each time an action is performed, the token is transmitted from the app to the agent’s server using encryption.
    • Retention:
      • We retain the tokens (that expire every hour) in memory only until they are needed to complete the requested action.
      • No Google data is persisted on our servers or stored beyond the active session.
      • No user data or access credentials (tokens) are shared, transferred, or disclosed to third parties, or persisted anywhere.
      • With a strict one-hour expiration policy, access tokens expire and are refreshed only if the user uses the Google agent.
    • Deletion:
      • You can revoke AI Thing’s access to your Google account at any time via Google Account.
      • Once revoked, AI Thing immediately loses access, and any in-memory tokens are permanently discarded.
    • Note:
      • AI can make mistakes. Perform irreversible actions carefully.
  • Others:
    • These agents are not hosted on our servers. Refer to their individual privacy policies.

MacOS Permissions

  • Finder Access
    Used to retrieve screenshots taken by the user while AI Thing is open, enabling selective context.
  • Screen Capture Permission
    Allows AI Thing to capture the screen when the user clicks the app’s context button, supporting selective context.
  • Accessibility Permission
    Required to capture selected text when the user uses the Text Selection feature for selective context.
Have questions? Email us at help@aithing.dev.