Privacy Policy

Last updated: May 4, 2026.

Dossier AI (“Dossier AI,” “the App,” “we,” “us”) is a personal AI memory tool designed to help you capture, organize, and retrieve your thoughts, notes, relationships, projects, decisions, and open loops. This Privacy Policy explains what information we access, collect, use, share, retain, and delete.

This Privacy Policy applies to the Dossier AI Android app and the Dossier AI legal/support website. It is intended to work with the in-app disclosures shown when you use features such as Google Sign-In, audio recording, file upload, notifications, AI processing, and subscriptions.

1. Information We Collect

We collect information you provide directly, information generated through your use of the App, and limited information from service providers you choose to use with the App:

• Account information — email address, account identifiers, authentication status, and basic profile information used to create and access your account.
• Google Sign-In information — if you sign in with Google, we receive the Google account information required to authenticate you, such as your email address and account identifier. We do not receive your Google password.
• Briefs — memory entries you create, including text, tags, timestamps, source metadata, and related app records.
• Voice and audio recordings — audio you record within the App for transcription and memory capture, after you grant microphone permission.
• Transcripts — text generated from your audio recordings.
• Uploaded files and OCR text — documents and images you upload, and any text extracted from them.
• Chat and Debrief queries — questions you ask and the responses generated when interacting with your memory data.
• People, projects, decisions, open loops, and memory records — entities and structured data derived from your content, including information about third parties that you choose to record.
• Preferences and settings — configuration choices you make within the App.
• Push token — a device identifier used to send you notifications, if enabled.
• Purchase and subscription status — subscription tier, entitlement status, product identifiers, transaction identifiers, renewal/cancellation status, and related billing metadata received from Google Play and subscription-management providers. We do not receive your full payment card number from Google Play.
• Diagnostics, device, and usage metadata — crash reports, error information, app version, device/operating-system information, performance data, event counts, and security metadata used to operate, protect, and improve the App.

2. How We Use Information

We use the information we collect to:

• Provide and maintain core app functionality, including storing and retrieving your memory data.
• Perform AI processing such as transcription, optical character recognition (OCR), information extraction, embedding generation, semantic search and retrieval, summarization, and conversational responses (Debrief).
• Manage your subscription and process payments in coordination with Google Play.
• Send push notifications, if you have enabled them.
• Provide customer support and troubleshoot issues.
• Ensure the security and integrity of the service, including detecting and preventing abuse.
• Analyze diagnostics, usage metadata, and service performance to improve reliability, safety, and product quality.
• Comply with law, enforce our Terms, resolve disputes, and protect the rights, privacy, safety, and property of Dossier AI, users, and others.

3. AI Training, Improvement, and Tier Differences

• Audio recordings are never used by us for model training under any tier.
• Dossier free tier content and metadata, including brief text, transcripts, extracted text, extractions, chat messages, derived memory metadata, diagnostics, and usage metadata, may be used to operate, maintain, analyze, improve, evaluate, and train Dossier AI systems and AI features. Depending on the purpose and risk, this may involve raw, filtered, redacted, aggregated, or anonymized data. We do not promise that all free-tier improvement or training data is anonymized.
• Dossier Plus content is excluded from Dossier AI's model-training and model-improvement pipeline. Dossier Plus does not mean that every external provider offers absolute zero retention; provider-side retention depends on the provider, endpoint, contract, and feature.
• Data already used in aggregated, derived, or model-training artifacts may not be separately removable unless the relevant pipeline or provider exposes a deletion mechanism.

4. Service Providers and Sharing

We rely on third-party service providers to operate the App. These providers may process your data on our behalf. Categories of providers include:

• Hosting, database, storage, and authentication — infrastructure for running the App and storing your data.
• Transcription services — converting your audio recordings into text.
• AI, embedding, and OCR services — processing your content for extraction, embeddings, retrieval, summarization, and OCR.
• Payment and subscription services — managing purchases and subscriptions via Google Play.
• Push notification services — delivering notifications to your device.
• Diagnostics and monitoring — tracking app stability and performance.

We share personal and sensitive user data only as needed to provide and improve the App's user-facing features, operate the service, process subscriptions, deliver support, protect security, comply with law, or complete a merger, acquisition, financing, or sale of assets with legally appropriate notice. We do not sell personal and sensitive user data.

We select providers with care and seek contractual commitments to handle data responsibly, but we cannot guarantee that every third-party provider never retains, logs, or uses data in accordance with its own policies and agreements. For more detail on AI-related processing, see our AI and Data Processing Disclosure.

5. Google User Data and Limited Use

If you use Google Sign-In or any other Google-connected feature, Dossier AI's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We use Google account data only to provide and secure user-facing App features that are visible in the App, such as authentication, account management, and subscription entitlement. We do not sell Google user data, use it for advertising, transfer it to data brokers, use it to determine creditworthiness, or allow humans to read it except when necessary for support with your permission, security, legal compliance, or aggregated internal operations.

6. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal and sensitive user data. Data is transmitted using encrypted connections such as HTTPS/TLS. Data stored in App infrastructure is protected by access controls and encryption provided by our infrastructure providers. No system can be guaranteed perfectly secure, and you are responsible for keeping your account access secure.

7. Data Retention

Our general retention practices are as follows; actual retention may vary based on operational needs and provider behavior:

• Original uploads (audio recordings, uploaded files, images) may be retained by us for up to 90 days before deletion.
• Chat and Debrief conversation history may be retained by us for up to 90 days.
• Derived data (transcripts, extracted text, embeddings, memory records) is kept as part of your account until you delete your account or request deletion.
• We may keep limited records beyond these periods where required by law, to enforce our terms, or to protect our rights.

8. Your Choices

• You can access and update your account information within the App settings.
• You can delete or manage certain app records through the controls available in the App.
• You can request full account and data deletion. See our Account and Data Deletion page for instructions.
• You can choose not to use optional features such as audio recording, file upload, push notifications, or Debrief.
• You can revoke app permissions through your device settings, although some features may stop working.

9. Account and Data Deletion

When you delete your account or request data deletion, we will remove your account-associated app data from our systems. Deletion requests are processed generally within 30 days. We may retain limited records as required or permitted by applicable law. Providers that have processed your data may have their own retention practices; we make reasonable efforts to delete data held by our providers but cannot guarantee immediate, complete removal across all third-party systems.

For full instructions, see Account and Data Deletion.

10. Third-Party Information You Add

Dossier AI may store memory records about people, organizations, or events you mention. You are responsible for ensuring that you have the right to submit, record, or upload content about other people. Do not use the App to secretly record conversations, upload unlawful content, or violate another person's privacy or rights.

11. Children’s Privacy

The App is not intended for children under 13, and it is not directed to children or families. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly.

12. Regional Rights

Depending on where you live, you may have rights to access, correct, export, delete, restrict, or object to certain processing of your personal information. To exercise privacy rights, contact us at the email below. We may need to verify your identity before fulfilling a request.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or by other means. Continued use after changes take effect constitutes acceptance.

14. Contact

If you have questions about this Privacy Policy, please contact us at service@dossierai.ca or visit our Support page.