Privacy Policy

Last updated: February 3, 2026

The short version: Your data is encrypted, never sold, and you can delete everything at any time. We built Doris to be the assistant we'd want for ourselves.

What We Collect

Account Information

When you sign in with Apple, we receive your Apple ID identifier and, if you choose to share it, your name and email address. We use this solely to create and manage your account.

Conversations

Your messages with Doris are stored to provide continuity across sessions. This is core to how Doris works — she remembers your conversations so you don't have to repeat yourself.

Memories

Doris extracts and stores facts, preferences, and context from your conversations. These memories help her understand you better over time. You can view and delete any memory at any time.

Connected Services

If you connect external services (Google Calendar, Microsoft 365, Apple Calendar, etc.), we access only the data necessary to provide the features you've enabled. We do not store copies of your emails or calendar events — we query them in real-time when needed.

Device Information

We collect device tokens to send you push notifications (like calendar reminders). We do not collect device identifiers for tracking or advertising purposes.

How We Protect Your Data

Encryption at Rest

All messages and memories are encrypted using AES-256-GCM before being stored. Your data is unreadable without the encryption keys, which are managed separately from the database.

Encryption in Transit

All data transmitted between your device and our servers uses TLS 1.3 encryption.

AI Processing

Your conversations are processed by Anthropic's Claude AI. Anthropic does not train their models on data sent through their API. See Anthropic's Privacy Policy for details.

Your Rights & Controls

Export Your Data

You can export all your data (conversations, memories, settings) at any time from the app's Privacy settings. The export is provided as a JSON file.

Delete Your Account

You can permanently delete your account and all associated data from the app's Privacy settings. This action is immediate and irreversible — we hard-delete everything, not just mark it as deleted.

Conversation Retention

You can configure how long conversations are retained (30 days, 90 days, 1 year, or forever). Older conversations are automatically and permanently deleted.

Disconnect Services

You can disconnect any connected service at any time. When disconnected, we immediately revoke our access and delete any stored credentials.

What We Don't Do

We don't sell your data. Ever.
We don't show you ads.
We don't share your data with third parties for marketing.
We don't use your data to train AI models.
We don't track you across apps or websites.

Data Location

Your data is stored on servers in the United States, operated by Railway (our infrastructure provider). See Railway's Privacy Policy for details about their infrastructure practices.

Children's Privacy

My Doris is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Changes to This Policy

We may update this policy from time to time. We'll notify you of significant changes through the app. Continued use after changes constitutes acceptance of the updated policy.

Contact Us

Questions about this policy or your data? Email us at privacy@mydoris.ai.