Legal

Privacy Policy

Last updated: April 6, 2026

PrettyPrint is built with privacy as a core principle. We are fully transparent about what data we collect, how it flows through our systems, and what third parties are involved. This policy covers the PrettyPrint iOS app, keyboard extension, and backend services.

1. Overview

PrettyPrint is an AI-powered keyboard for iPhone and iPad that transforms text using artificial intelligence. When you use an action (e.g., Fix Grammar, Translate, Formalize), your text is sent to our backend server, which forwards it to Google's Gemini API for processing. The transformed text is returned to you and is not stored by PrettyPrint.

We believe you should know exactly what happens to your data. This policy explains every data flow in detail.

2. Data We Collect

2.1 Account Information

When you sign in with Google or Apple, we receive and store:

  • Email address — used to identify your account
  • Display name — shown in the app UI
  • Authentication provider — whether you signed in with Google or Apple
  • Firebase UID — a unique identifier generated by Firebase Auth

If you sign in with Apple and choose to hide your email, we only receive the private relay email address that Apple generates. We never see your real email in that case.

2.2 Usage Metrics (Aggregated, Not Text)

When you use a text transformation, we store only aggregate metrics:

  • Character and word counts — the number of characters/words in your input and output (not the text itself)
  • Token counts — how many AI tokens were used (a billing metric)
  • Daily, monthly, and lifetime call counts — how many transforms you've used
  • Latency — how long the transform took (in milliseconds)
  • Estimated cost — the computed API cost for internal budgeting

These metrics are used for quota enforcement, billing, and improving the service. They contain no text content whatsoever.

2.3 Analytics Events

We collect lightweight analytics events to understand how the app is used. Examples include:

  • App opened, keyboard opened/closed
  • Which action was tapped (by name, e.g., "Fix Grammar")
  • Tab switches and UI interactions
  • Onboarding funnel progress
  • Error types (e.g., "network_error", not the text that caused it)

Analytics events never include your text content. They only contain metadata like action names, character counts, platform info, and app version.

2.4 Subscription Information

If you subscribe to PrettyPrint Pro, your subscription is managed by RevenueCat and Apple's App Store. We store your subscription plan ("free", "pro", "pro_annual") and expiration date. We do not have access to your payment method, credit card details, or Apple ID password.

3. Data We Do NOT Collect or Store

We want to be explicit about what we never store:

  • Your text — the words you type and transform are never saved in our database, logs, or anywhere on our servers
  • AI outputs — the transformed text returned to you is not stored
  • Prompt content — the action instructions (system prompts) used for your transforms are not logged
  • Clipboard data — we never read or access your clipboard
  • Contacts, photos, location, or other device data — we have no access to these
  • Keystrokes — we do not log individual keystrokes. The keyboard extension only reads text when you explicitly tap an action button
  • Other apps' content — we only access text in the active text field when you trigger an action

4. How Your Text Flows Through Our System

When you tap an action (e.g., "Fix Grammar"), here is exactly what happens:

  1. The keyboard extension reads the text in your current text field
  2. The text is sent over HTTPS to our backend server (hosted on Google Cloud Run)
  3. Our server forwards the text to Google's Gemini API along with the action instruction
  4. Gemini processes the text and returns the result to our server
  5. Our server returns the result to your device
  6. The keyboard extension displays the result (or replaces your text directly)
  7. Your text is discarded at every step — it is not written to any database or log file

Our server code explicitly prohibits logging user text content. The logger utility includes a code-level warning: "Never pass user text content, full Firebase ID tokens, or API keys."

5. Third-Party Services

PrettyPrint uses the following third-party services. Each has its own privacy policy:

5.1 Google Gemini API

Your text is processed by Google's Gemini API (model: gemini-2.5-flash-lite). Our Google Cloud project has billing enabled, which means:

  • Your text is NOT used to train Google's AI models — this is guaranteed by Google's paid API terms
  • Google retains prompts and responses for up to 55 days solely for abuse monitoring (automated policy enforcement)
  • We have requested Zero Data Retention (ZDR) to eliminate even this retention where possible
  • Human reviewers at Google do NOT read your text under the paid tier unless it is flagged by automated abuse detection

For full details, see Google's Gemini API Terms of Service and their abuse monitoring documentation.

5.2 Firebase (Google)

We use Firebase for authentication (sign-in), Firestore (database for user profiles, usage metrics, and action library), and Firebase Analytics (aggregated app usage). Firebase is operated by Google under the Google Cloud Data Processing Addendum.

5.3 RevenueCat

Subscription management is handled by RevenueCat. They process purchase receipts from Apple's App Store to verify your subscription status. RevenueCat receives your anonymized App User ID (your Firebase UID) and purchase receipts. See RevenueCat's Privacy Policy.

5.4 Apple App Store

App distribution, in-app purchases, and payment processing are handled entirely by Apple. We do not have access to your Apple ID, payment method, or purchase receipts beyond what RevenueCat provides.

6. Keyboard Extension & Full Access

PrettyPrint's keyboard extension requires Full Access to function. This is an iOS requirement for any keyboard that needs to make network requests. Here's what Full Access means and what we do with it:

What Full Access enables:

  • Network access — required to send your text to our API for AI processing
  • Shared container access — required to sync your action preferences between the app and keyboard

What we do NOT do with Full Access:

  • We do not log keystrokes
  • We do not send text to our server unless you explicitly tap an action
  • We do not read text from other apps unless you trigger a transform
  • We do not access your clipboard, contacts, location, or any other device data

iOS shows a warning when you enable Full Access for any third-party keyboard. This is a standard Apple warning and applies to all keyboards that need network access, including popular keyboards like Gboard and SwiftKey.

7. Data Retention

  • Account data — stored as long as your account exists. Deleted when you request account deletion.
  • Usage metrics — stored indefinitely for billing and quota purposes. Contains no text content.
  • Analytics events — retained for up to 90 days, then deleted. Contains no text content.
  • Your text — never stored. Exists only in memory during the transform request and is discarded immediately after.

8. Data Security

  • All data in transit is encrypted with TLS (HTTPS)
  • Authentication tokens are stored in the iOS Keychain (hardware-encrypted)
  • API keys and secrets are stored in Google Cloud Secret Manager
  • Admin endpoints use timing-safe comparison to prevent timing attacks
  • Rate limiting prevents abuse of the API
  • Our backend runs on Google Cloud Run with Google-managed infrastructure security

9. Children's Privacy

PrettyPrint is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it.

10. Your Rights

You have the right to:

  • Access — request a copy of the data we have about you
  • Delete — request deletion of your account and all associated data
  • Correct — update your account information by signing out and signing back in
  • Port — request your data in a machine-readable format

To exercise any of these rights, contact us at privacy@prettyprint.ai.

11. Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify you through the app or by email.

12. Contact

If you have any questions about this privacy policy or our data practices, contact us at:

privacy@prettyprint.ai