Privacy Policy

Last updated: March 8, 2026

1. Introduction

Ara ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our messaging service ("the Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

Email address (via Apple or Google sign-in)
Display name and profile photo (user-provided)
Date of birth (optional)

2.2 Messages

Messages are encrypted using strong symmetric encryption both in transit and at rest in our database. To provide AI-powered features such as automatic translation, summarization, and suggested replies, our servers may process message content when these features are enabled by you.

2.3 Device Information

Push notification tokens and platform type (iOS/Android)
Activity logs for your account (visible only to you)

2.4 Subscription & Payment

Subscription purchases are processed entirely by Apple (App Store). We receive only transaction identifiers and subscription status to verify your plan. We do not collect or store credit card numbers or billing addresses.

3. Information Accessed on Your Device Only

With your explicit permission, Ara may access the following data directly on your device. This data is processed locally on your device and is never transmitted to or stored on our servers.

Calendar: To view your schedule and help manage events
Contacts: To help you find and communicate with people you know
Reminders: To view and create reminders on your behalf

These permissions are requested only when needed and require your explicit approval through your device's system dialog. You can revoke access at any time in your device settings.

4. Email Integration (Optional)

With your explicit consent, Ara may connect to your email account to provide AI-powered email features:

Gmail:Connected via OAuth 2.0. Access is granted only after you explicitly authorize it through Google's consent flow.
iCloud Mail: Connected via IMAP using app-specific passwords you provide.

How we handle your email data:

Email credentials are encrypted at rest using AES-256-GCM on our servers
Email content is fetched and processed temporarily to fulfill your request (e.g., search, summarize), then discarded
We do not permanently store email content on our servers
You can disconnect your email account at any time, which immediately revokes access and deletes stored credentials

5. Google API Limited Use Disclosure

Ara's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

6. AI Processing

Ara uses AI technology to provide features such as chat assistance, translation, summarization, and suggested replies. When you use these features:

Your input is sent to our AI service provider for processing
AI inference data is not retained or used for model training (store: false)
AI responses are generated in real-time and not stored beyond your conversation

Important: Do not input sensitive personal information into AI conversations, including but not limited to passwords, credit card numbers, social security numbers, government-issued ID numbers, or financial account details. We are not responsible for any consequences arising from the voluntary disclosure of such information through the Service.

AI-generated responses are provided for reference purposes only and may not always be accurate. You should verify important information independently before acting on it.

7. Encryption & Security

We implement strong security measures to protect your data:

Messages are protected with strong encryption in transit (TLS) and at rest
Email credentials are encrypted using AES-256-GCM
Authentication is handled through trusted providers (Apple, Google)
Database access is protected by row-level security policies

8. How We Use Your Information

We use your information to:

Provide and maintain the messaging service
Send push notifications for new messages
Process AI-powered features (translation, summarization, suggested replies)
Provide email integration features as described in Section 4
Improve the Service and resolve technical issues

9. Data Sharing

We do not sell, trade, or share your personal information for advertising or marketing purposes. We may share data with the following categories of service providers solely to operate the Service:

Cloud infrastructure providers: For hosting and database services
AI service providers: For processing AI features (with no data retention)
Authentication providers: Apple and Google for sign-in
Payment processors: Apple for in-app subscription management

We may also disclose your information if required to do so by law, or in response to valid legal requests by public authorities (e.g., a court order or government agency).

10. Data Retention

Account information: Retained until you delete your account
Messages: Retained until you or the conversation participants delete them
Activity logs: Retained until you delete your account
Email credentials: Retained until you disconnect the email integration
AI conversation data: Not retained after processing

11. Account Deletion

You can delete your account at any time through the app. Upon deletion, we will remove your profile, account information, activity logs, stored credentials, and push notification tokens from our systems.

Please note that messages you have sent in conversations with other users may remain visible to those users, as they are part of the shared conversation history.

12. Children's Privacy

Ara is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information promptly.

13. International Data

Your information may be processed and stored on servers located outside your country of residence. By using the Service, you consent to the transfer of your information to these locations.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

15. Contact Us

If you have questions about this Privacy Policy, please contact us at support@ara-app.com.