Privacy Policy — AI Passenger
This Privacy Policy describes how AI Passenger (the “App”) handles information when you use it on your iPhone and with CarPlay. We designed the App around a Bring Your Own Key (BYOK) model: you connect your own Google AI (Gemini) API key -- all Google users can do this (already included in all Google plans), and live voice interaction goes directly between your device and Google’s services. PaprikaTech does not operate a cloud backend that stores your conversations.
Summary
- Your API key is stored on your device (iOS Keychain), not on PaprikaTech servers.
- We do not store your AI conversation content—not voice recordings and not transcripts—on PaprikaTech systems.
- Live sessions use your key to connect directly to Google; Google’s handling of that data is governed by Google’s policies.
- We use TelemetryDeck, a privacy-oriented analytics service, for limited, non-conversation telemetry to improve the App.
- Cars, riders, and setup choices you enter are stored locally on your device unless you choose to share them another way (e.g. support email).
1. Bring Your Own Key (BYOK) and what it means for privacy
AI Passenger uses a Bring Your Own Key (BYOK) model. You provide and control your own Google AI (Gemini) API key. The App uses that key only to establish a direct connection from your device to Google’s generative AI services when you start a live session (including CarPlay voice games and roadside assistance).
Implications:
- PaprikaTech does not receive, host, or store your API key on our servers.
- PaprikaTech does not sit in the middle of your live audio or text exchange with the model for the purpose of logging or replaying conversations.
- Google processes the content you send during a session (including audio) under your Google account and Google’s terms and privacy policies. We encourage you to review Google’s documentation for Gemini / Google AI Studio and to manage your key and usage in your Google account.
- PaprikaTech does not sell API credits and does not charge fees related to your Google API usage; any relationship you have with Google regarding your key is separate from your use of the App.
2. Information stored on your device
API key and related setup
- Your API key and related provider identifier are stored in the iOS Keychain on your device, with protection appropriate for sensitive data. They are not stored in PaprikaTech cloud storage.
- If you delete the key in the App or uninstall the App, that on-device storage is removed according to iOS behavior (uninstall removes App data including Keychain items tied to the App).
App content you create
- Information you enter in the App—such as vehicles (“Cars”), riders, trivia setup preferences, and similar settings—is stored locally on your device (e.g. using Apple’s on-device storage technologies). PaprikaTech does not sync this content to PaprikaTech servers.
Optional diagnostic log (on device only)
- The App may write a local debug log file on your device to help troubleshoot connection or session issues. This log is intended for technical diagnostics, not for storing your full conversation with the AI. You can share or delete this file from within the App’s diagnostics controls. PaprikaTech does not automatically upload this file.
3. What we do not collect or store
PaprikaTech does not store records of your conversations with the AI model, including:
- Voice audio from live sessions
- Transcripts or text of what you or the model said
We do not maintain a PaprikaTech server archive of your CarPlay or iPhone sessions for playback, training, or advertising.
If you contact support (see Section 6), you choose what to include in your message; we do not pull conversation history from Google on your behalf.
4. Information sent to Google (and other third parties you use)
When you use live features, your device sends data directly to Google using your API key, including audio and related session data required for the service to work. PaprikaTech does not control how Google processes that data. Please refer to Google’s privacy policy and product terms for details on retention, logging, and security.
Depending on how you use the App, other services may apply, for example:
- Apple (iOS, CarPlay, App Store, system permissions such as microphone access)
- RevenueCat (if you use in-app subscription / premium features)—subscription status and purchase-related identifiers as described in RevenueCat’s privacy materials
- TelemetryDeck (see Section 5)
5. Analytics (TelemetryDeck)
We use TelemetryDeck, which is designed with a privacy-first approach, to collect aggregated usage signals so we can understand how the App is used and improve stability and features.
Typical examples of what we track (not an exhaustive list):
- App launched
- Settings setup milestones (e.g. how many of the five setup steps are complete—not the text of your settings)
- Game session started / ended (e.g. game type, approximate duration, network type category)
- Paywall or premium activation events
- Support or review menu actions (e.g. that a screen was opened—not the content of your email)
What we do not intend to send via TelemetryDeck:
- Your API key
- Voice recordings or conversation transcripts
- The names or personal details of your riders or cars
TelemetryDeck’s handling of data is also subject to TelemetryDeck’s privacy policy. We use this data for product improvement, not to sell your conversation content.
6. Information you send to us voluntarily
If you use Contact Support, you may open your email app with a pre-filled message. You decide what to write and whether to send it. Support messages may include device or app version details to help us help you. We use support correspondence only to respond and improve the product, not to build a conversation history database tied to your AI sessions.
7. Permissions
The App may ask for permissions such as:
- Microphone — for live voice interaction with the model
- Network — to reach Google’s services and analytics endpoints
You can change many permissions in iOS Settings. Some features will not work without required permissions.
8. Children’s privacy
The App is not directed at children under 13 (or the age required in your region). We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us at support@PaprikaTech.io.
9. Security
We rely on Apple’s platform security (including Keychain and on-device storage) to protect sensitive data on your phone. No method of transmission or storage is 100% secure; you are responsible for safeguarding your device, your Google account, and your API key.
10. International users
If you use the App outside the United States, your information may be processed on your device and by third parties (such as Google and TelemetryDeck) under their own policies and locations. By using the App, you understand that those services may process data in countries other than your own.
11. Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised version with a new “Last updated” date. Continued use of the App after changes means you accept the updated policy.
12. Contact us
PaprikaTech LLC
Email: support@PaprikaTech.io