Prismara
Get started
Back to home

Privacy Policy

Effective date: June 25, 2026. Prismara. Joy Madhu.

This Privacy Policy explains what information Prismara (the app, we, us) collects, why we collect it, how it is used, and the choices you have. We have tried to write it in plain English. If anything here is unclear, please contact us at support@prismara-ai.app.

1. Quick summary

  • Your chats stay on your device. Conversations and attachments are stored locally on your iPhone, not on our servers.
  • To answer you, your messages are sent to AI providers. When you send a message, its content (and any attachments) is transmitted to third party AI model providers (such as Anthropic, OpenAI, and Google) so they can generate a response. We do not store that chat content on our servers.
  • We keep a small account record. To sign you in and manage your subscription, we store your Apple account identifier, the name and email Apple provides, hashed session tokens, and your purchase and subscription records.
  • No ads, no tracking, no analytics SDKs, no selling of data.

2. Who is responsible for your data

The data controller for the account information described below is Joy Madhu. You can reach us at support@prismara-ai.app.

3. What we collect and where it is stored

3.1 Account data (stored on our backend)

Our backend runs on secure cloud infrastructure. When you sign in and use the app, we store:

DataSourceWhy we have it
Apple account identifier (Sign in with Apple)AppleTo identify your account across sign ins
NameAs provided by Apple at sign upTo personalize your account
Email address (may be a private Apple relay address such as one ending in privaterelay.appleid.com)As provided by AppleAccount identification and essential service communication
Session tokens (stored hashed, never in plain text)Generated when you sign inTo keep you signed in securely
Subscription and purchase records (transaction IDs, product identifier, status)Apple App StoreTo grant and manage your subscription and credit entitlements

When you use Sign in with Apple, you may choose to hide your email. In that case Apple gives us a private relay address instead of your real one, and we never receive your real email.

3.2 Network and edge data

Our infrastructure provider processes your device IP address as part of delivering and protecting the service, for example routing requests and defending against abuse. This is standard infrastructure processing.

3.3 Chat content and attachments

Your conversations are stored only on your device in local storage. We do not keep a copy of your chat content on our servers.

When you send a message, the message content and any attachments you include (images, PDFs, and other documents) are transmitted to third party AI model providers so they can generate a reply. Once the response is returned, the result is stored locally on your device. How those providers handle the data they receive is governed by their own privacy policies (see Section 5).

3.4 What we do not collect

  • No advertising identifiers and no advertising.
  • No tracking across apps or websites.
  • No third party analytics or telemetry SDKs.
  • We do not sell or rent your personal data to anyone.

4. Why we use your data (purposes)

We process the data above for these purposes only:

  • Authentication, to sign you in with Apple and keep your session secure.
  • Subscription and credit entitlement, to confirm purchases and grant the right access level.
  • Abuse prevention, to protect the service and other users from misuse.
  • Providing the chat service, to transmit your message to AI providers and return their response.

Legal bases (where GDPR applies): performance of our contract with you (providing the app and your subscription), our legitimate interests (securing the service and preventing abuse), and compliance with legal obligations (for example retaining transaction records).

5. Processors and sub processors

We rely on the following third parties to operate the app. They process data on our behalf or as independent providers, each under their own terms and privacy policies:

  • Apple, for Sign in with Apple (authentication) and App Store payments and subscriptions.
  • Our cloud infrastructure provider, for backend hosting and edge processing (including IP at the edge).
  • AI model providers, including Anthropic, OpenAI, Google, and others, which process your message content and attachments to generate responses.

We recommend reviewing the privacy policies of the AI providers, since your message content is processed by them.

6. How long we keep data (retention)

  • Account data (Apple identifier, name, email, subscription records) is kept until you delete your account, except where we must keep certain records longer (see below).
  • Session tokens expire automatically and are removed or invalidated after expiry.
  • Transaction and purchase records may be retained for as long as required to meet legal, tax, accounting, and audit obligations, even after account deletion.
  • Chat content lives only on your device and is removed when you delete the conversation or the app, according to your device behavior. We hold no server copy to delete.

7. Your rights and choices

7.1 Access and deletion

You can delete your account directly in the app using Delete Account. This removes your account and the associated records on our backend.

Please note:

  • Your Apple subscription is managed by Apple and is cancelled separately in iOS Settings, your Apple ID, then Subscriptions. Deleting your Prismara account does not automatically cancel an active App Store subscription, and we cannot cancel it for you.
  • Some records (such as transaction records) may be retained where the law requires, as described in Section 6.

7.2 GDPR (EEA and UK users)

If you are in the EEA or UK, you have the right to access your personal data (GDPR Article 15) and to request its erasure (GDPR Article 17), along with rights to rectification, restriction, objection, and data portability. You also have the right to lodge a complaint with your local data protection authority. To exercise these rights, contact us at support@prismara-ai.app.

7.3 CCPA (California users)

If you are a California resident, you have the right to know what personal information we collect, to request its deletion, and to not be discriminated against for exercising your rights. We do not sell your personal information. To make a request, contact us at support@prismara-ai.app.

8. Security

We use Sign in with Apple for authentication, store session tokens in hashed form, and rely on secured cloud infrastructure. No method of transmission or storage is 100 percent secure, but we take reasonable measures to protect your data.

9. Children

Prismara is not directed to children under 13, and we do not knowingly collect personal information from children under 13. In addition, the app provides access to AI models that can produce mature or unfiltered output, so it is intended for a mature audience and rated accordingly. If you believe a child has provided us personal information, contact us and we will delete it.

10. International transfers

Because we use Apple, our cloud infrastructure provider, and AI providers, your data may be processed in countries other than your own, including the United States. Where required, we rely on appropriate safeguards (such as the providers standard contractual clauses).

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the effective date above and, where appropriate, notify you in the app. Continued use of the app after changes take effect means you accept the updated policy.

12. Contact

Questions or requests about this policy or your data:

support@prismara-ai.app

This policy is hosted at https://prismara-ai.app/privacy.