What We Collect
Usage Data
- Anonymous usage tracking: We track aggregate usage (queries made, costs incurred) to enforce free tier limits. This is linked to a device identifier, not your identity.
- Account data: If you create an account, we store your email and basic profile information from your authentication provider.
Query Data
Your queries are sent to third-party AI providers (via OpenRouter) to generate responses. What we store on our servers depends on how you use Eachie:
- Free tier users: We store your queries, AI responses, and usage analytics. We subsidize your usage, so we retain this data to improve our service.
- Paid users (using our API credits): By default, we store your queries and responses to provide chat history and sync across devices. You can opt out in settings to store only anonymous analytics (no query text).
- BYOK users (your own API key): We store only anonymous analytics (query length, model usage, costs) but not the text of your queries or responses. Your queries go directly to providers without being stored. To sync chat history, upgrade to paid.
- Attachments: Files you upload (images, PDFs, text) are processed in-memory and sent to AI providers. Attachment metadata (file types, counts) is stored for analytics; file contents are not stored.
All users can opt to "Errors Only" mode in settings, which disables all analytics except error tracking needed to keep Eachie working.
API Keys (BYOK Mode)
If you use your own API keys (OpenRouter for AI models, OpenAI for voice transcription), they're stored locally in your browser (localStorage). We never store your API keys on our servers—they're sent with each request, used once, then discarded.
Third-Party Services
Eachie uses the following third-party services:
- OpenRouter: Routes queries to AI providers. See OpenRouter's privacy policy.
- AI Providers: Your queries reach Anthropic, OpenAI, Google, and other providers. Each has their own data handling policies.
- Vercel: Hosts our application. See Vercel's privacy policy.
- Stripe: Processes payments. See Stripe's privacy policy.
- PostHog: Analytics and session recording (for users with full tracking). See PostHog's privacy policy.
- Sentry: Error tracking to identify and fix bugs. Query content is scrubbed from error reports. See Sentry's privacy policy.
Cookies and Local Storage
We use browser storage for:
- Settings: Your preferences (selected models, orchestrator choice) are stored in localStorage.
- Device ID: A random identifier for anonymous usage tracking.
- Authentication: Session cookies if you create an account.
- BYOK Session History: If you use BYOK mode (your own API key), your research sessions are stored locally in your browser so you can refresh the page and continue your work. This data never leaves your device — we never see it.
Your Rights (GDPR)
If you're in the European Economic Area, you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Object to processing of your data
- Data portability
To exercise these rights, email us at help@kevinhg.com.
Data Retention
- Usage analytics: Aggregated monthly after 6 months. Detailed data is available for recent queries; older data is summarized.
- Query content (if stored): Retained according to your preference: 6 months (default), 1 year, or 5 years. You can change this in settings.
- Payment records: Retained as required by law (typically 7 years).
- Account data: Retained until you delete your account. You can request full data deletion at any time.
Security
We use HTTPS for all connections. Your data in transit is encrypted. We follow security best practices, but no system is 100% secure. Use strong passwords and protect your API keys.
Children
Eachie is not intended for users under 13. We don't knowingly collect data from children.
Changes
We may update this policy. Significant changes will be announced via the app. Your continued use after changes constitutes acceptance.
Contact
Privacy questions? Email us at help@kevinhg.com.