Privacy Policy

1. Introduction

Marmot-Apps ("we", "us", or "our") built MarmotNote as an AI-powered document scanning and organization app for iPhone and iPad. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using MarmotNote, you agree to the collection and use of information as described in this policy. We are committed to protecting your privacy and handling your data responsibly.

2. Information We Collect

Information you create directly

Scanned documents: Images captured with the camera or imported from your photo library, stored locally on your device.
Extracted text (OCR): Text extracted from scanned documents, stored locally on your device.
Document titles, notes, and group names: Metadata you add to organize your scans, stored locally.

Information used during AI features

Document images: When you request AI-enhanced OCR, the document image is securely sent to our AI backend for text extraction. It is not retained after the response is returned.
Extracted text: When you use the AI Workspace (summaries, Q&A, key data extraction), the relevant text is sent to our AI backend for analysis.

Information we do NOT collect

We do not collect your name, email address, or any account credentials.
We do not use advertising SDKs, tracking identifiers, or third-party analytics.
We do not access your contacts, location, or audio microphone.
We do not access your camera except when you are actively scanning a document.
We do not access your photo library except when you explicitly import a document from Photos.

3. How We Use Your Information

Your scanned documents remain on your device at all times. AI features are strictly opt-in—no processing occurs without your explicit action:

AI OCR: Document images are sent for text extraction when you scan a document and request AI enhancement.
Summaries & analysis: Document text is sent for AI analysis when you use the AI Workspace features.
Search: Full-text search is performed entirely on-device using locally stored text.
Templates & groups: Organizational data is managed entirely on-device.

No AI processing runs in the background or without your knowledge.

4. Third-Party Services & AI Data Sharing

Important: MarmotNote shares user data with a third-party AI provider. When you use AI-powered features, your data is transmitted to OpenAI (a third-party company) via our secure proxy server at marmot-api.fly.dev. No data is sent until you explicitly grant permission through the in-app AI consent dialog that appears before any AI feature is used for the first time.

What data is sent to the third party

Document images: When you scan a document and request AI-enhanced OCR, the document image is sent to OpenAI's Vision API for text extraction.
Extracted text: When you use AI Workspace features (summaries, Q&A, key data extraction), the extracted text from your documents is sent to OpenAI's GPT API.
No other personal data (name, email, device identifiers, contacts, photos, location, or browsing data) is ever sent to OpenAI or any other third party.

Who receives the data

OpenAI, Inc. — The sole third-party recipient of your document images and text data, accessed via their API.
Data is routed through our secure proxy server at marmot-api.fly.dev, which adds a privacy layer. The proxy does not log, store, or retain any of your data.
No other third parties, advertisers, analytics providers, or data brokers receive your data.

How your permission is obtained

On first launch, MarmotNote presents an AI consent dialog that clearly explains what data is sent, who receives it, and how it is handled.
You must tap "Allow Cloud AI Features" to enable any data sharing. If you choose "Use Device Only", no data is ever sent to any third party.
You can change your choice at any time in Settings > AI Privacy. Enabling "AI Privacy Mode" immediately stops all data sharing with OpenAI.
No AI processing occurs in the background or without your explicit action (tapping a button like "Scan" or "Summarize").

How your data is handled by OpenAI

We use OpenAI's API under their Zero Data Retention (ZDR) policy. This means:

Your document images and text data are processed ephemerally — they are not stored, logged, or retained by OpenAI after the response is returned.
Your data is not used to train, improve, or fine-tune any AI models.
For more information, see OpenAI's Privacy Policy.

Our Proxy Server (marmot-api.fly.dev)

We operate a server-side proxy to securely route AI requests. This proxy does not log, store, or retain your document images or extracted text after each request is fulfilled. The proxy exists to protect our API credentials and to maintain a controlled privacy boundary between you and OpenAI.

Apple

Subscriptions are managed through Apple's App Store. iCloud sync (if enabled) is handled by Apple's CloudKit service, subject to Apple's Privacy Policy.

5. iCloud Sync

MarmotNote offers optional iCloud sync to keep your documents available across all your Apple devices. When enabled:

Your scanned documents and metadata are synced via Apple's CloudKit service.
This sync is end-to-end encrypted by Apple and subject to Apple's privacy and security standards.
You can disable iCloud sync at any time in iOS Settings → [Your Name] → iCloud → MarmotNote.

iCloud sync is entirely optional. The app functions fully without it, with all data stored locally.

6. Data Retention

All scanned documents, extracted text, and AI-generated outputs are stored locally on your device (and optionally in your iCloud account). We do not retain any of this data on our servers. Our proxy server processes requests in real time and does not write your data to any persistent storage. When you delete a document in the app, it is permanently removed from your device and iCloud (if sync is enabled).

7. Security

All data transmitted between the app and our proxy is encrypted using HTTPS/TLS 1.2+. Local data is protected by iOS's standard data protection APIs. iCloud data is protected by Apple's end-to-end encryption where applicable. While no method of transmission is 100% secure, we follow industry best practices to protect your information.

8. Children's Privacy

MarmotNote is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child under 13 has used AI features through the app, please contact us and we will take appropriate action.

9. Your Rights

Since all data is stored locally on your device, you retain full control at all times:

Delete any document or scan at any time from within the app.
Revoke camera access in iOS Settings → Privacy & Security → Camera → MarmotNote.
Disable iCloud sync in iOS Settings → [Your Name] → iCloud → MarmotNote.
Cancel your subscription at any time through iOS Settings → [Your Name] → Subscriptions.
Enable "AI Privacy Mode" in the app settings to disable all AI feature requests.

If you are in the EU/EEA, you have additional rights under the GDPR, including rights of access, correction, and deletion. Please contact us to exercise these rights.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date above and, where appropriate, through an in-app notice. Continued use of MarmotNote after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Contents