214ID App Privacy Policy
214 Innovation & Development LLC
The short version: We collect the minimum information needed to run the app. Your prompts and documents are sent to Anthropic to generate feedback and are not stored on our servers after your request completes unless you choose to save them. We do not sell your data. We do not use advertising networks.
214 Innovation & Development ("214ID," "we," "our," or "us") operates the iOS application 214ID Executive AI Fluency (the "App"). This policy explains what information we collect, how we use it, who we share it with, and your rights as a user.
1. Information We Collect
Account identity. When you sign in with Apple, Apple provides us with a unique identifier for your account (your Apple "sub" value). Depending on your choice at sign-in, Apple may also provide your email address. We store this identifier and, if provided, your email address in our database to associate your saved data with your account.
User profile. You may optionally provide your professional role, organization, and a brief context statement. This information is stored on our servers and used solely to calibrate the feedback the App provides on your prompts.
Prompt content and documents. When you use the Prompt Refinery, the text you submit and any documents you attach (PDFs, Word files) are transmitted to our backend servers and then to Anthropic's API to generate structured feedback and a refined prompt. Prompt content and document content are not stored on our servers after your request completes. If you choose to save a refined prompt to your library, the prompt text is stored on your device only (in local on-device storage). We do not store your document content at any point beyond the duration of a single request.
Trust Receipts. Each time you run a prompt refinement, the App generates a Trust Receipt — a signed record containing metadata about the interaction (the model used, the task type, timestamps, and a cryptographic signature). Trust Receipts do not contain your prompt text or document content. Receipts are stored on your device and may be transmitted to our servers for signature verification when you request it.
Subscription and transaction data. When you purchase a subscription, Apple processes the payment. We receive a verified transaction record from Apple's App Store Server API, which we store to maintain your subscription status. We do not receive or store your payment card details.
Session tokens. We issue a session token to your device when you sign in. This token is stored in your device's Keychain and is used to authenticate your requests to our servers. It does not contain personal information.
Usage analytics. The App counts certain in-app events locally on your device (for example, how many times you have refined a prompt). These counts are stored only on your device using iOS local storage and are never transmitted to us or any third party.
Server logs. Our backend infrastructure (Cloudflare Workers) generates standard server logs that may include your IP address, request timestamps, and HTTP status codes. These logs are retained for up to 30 days for security and operational purposes. Prompt content and document content are never written to server logs.
2. How We Use Your Information
To authenticate you and maintain your session.
To deliver prompt refinement feedback powered by Claude Opus (Anthropic's AI model).
To calibrate feedback quality using your optional profile information.
To maintain your subscription status and verify entitlements.
To generate and verify Trust Receipts.
To store prompts you explicitly choose to save to your library.
To operate, maintain, and improve the App and its backend infrastructure.
To comply with legal obligations.
We do not use your information to train AI models. Your prompts and documents are transmitted to Anthropic subject to Anthropic's data usage policies, which include API usage terms that restrict training on API-submitted content. See Section 4 for details.
3. How We Store Your Information
Our backend runs on Cloudflare's infrastructure (Workers, D1 database, and R2 object storage). Data at rest is encrypted by Cloudflare. Data in transit between your device and our servers is encrypted using TLS.
Prompt content and document content are processed in memory during a request and are not written to any persistent storage on our servers.
Saved prompts, Trust Receipts, and your subscription library are stored locally on your device using iOS SwiftData. This data remains on your device and under your control. You can delete it at any time from within the App (Settings → Clear Library & Receipt Data).
4. Information Shared With Third Parties
We share information with the following third parties to operate the App. We do not sell your information to any party for advertising or marketing purposes.
Anthropic, PBC. Your prompt text and any attached document content are transmitted to Anthropic's API to generate feedback and a refined prompt. Anthropic processes this data as a service provider under their API terms. Anthropic does not use API-submitted content to train its models by default. For more information, see Anthropic's Privacy Policy.
Apple Inc. Sign in with Apple is used for authentication. Apple processes your Apple ID credentials subject to Apple's privacy policy. Subscription purchases are processed by Apple through the App Store. Apple's App Store Server API is used to verify subscription status. For more information, see Apple's Privacy Policy.
Cloudflare, Inc. Our backend infrastructure is hosted on Cloudflare. Cloudflare may process data that passes through our Workers as part of infrastructure operation. For more information, see Cloudflare's Privacy Policy.
We may disclose your information if required by law, regulation, or valid legal process, or to protect the rights, property, or safety of 214ID, our users, or the public.
5. Data Retention
Account identity (Apple sub, email) and profile information are retained for as long as your account exists. You may request deletion at any time — see Section 7.
Subscription transaction records are retained for up to seven years for accounting and compliance purposes, even after account deletion.
Server logs are retained for up to 30 days.
Data stored on your device (saved prompts, Trust Receipts) is retained until you delete it within the App or uninstall the App.
6. Children's Privacy
The App is intended for senior professional users and is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at privacy@214id.com and we will delete it promptly.
7. Your Rights and Choices
Depending on where you are located, you may have the right to access, correct, or delete your personal information; to restrict or object to certain processing; and to data portability. To exercise any of these rights, contact us at privacy@214id.com.
Deleting local data. Within the App, go to Settings → Clear Library & Receipt Data to delete all locally stored prompts and Trust Receipts.
Deleting your account. To delete your account and all associated server-side data (excluding transaction records retained for legal compliance), email privacy@214id.com from the address associated with your Apple ID, or contact us through the support address below. We will process account deletion requests within 30 days.
Subscription management. You may cancel your subscription at any time through iOS Settings → Subscriptions. Cancellation stops future billing but does not entitle you to a refund of amounts already charged; refund requests are handled by Apple under the App Store terms.
Opting out of Sign in with Apple data sharing. You may control what information Apple shares with us at the time of sign-in. If you used Hide My Email, Apple routes messages through an anonymized relay address. You can manage this in iOS Settings → Apple ID → Password & Security → Apps Using Apple ID.
8. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information we collect, the right to delete personal information, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at privacy@214id.com.
9. International Data Transfers
Our backend infrastructure is operated in the United States via Cloudflare. Anthropic is also based in the United States. If you access the App from outside the United States, your information may be transferred to and processed in the United States or other countries. By using the App, you consent to this transfer.
10. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) or equivalent local law applies to our processing of your personal data.
Data controller. 214 Innovation & Development is the data controller for personal data processed in connection with the App. Contact us at privacy@214id.com for any data protection enquiries.
Lawful basis for processing. We rely on the following legal bases:
Performance of a contract — processing your account identity, session tokens, and subscription data is necessary to provide the App and fulfil your subscription.
Legitimate interests — operating and securing our backend infrastructure, generating server logs for abuse prevention, and improving the reliability of the App. These interests do not override your fundamental rights.
Consent — where you voluntarily provide optional profile information (role, organisation, context), we process it on the basis of your consent. You may withdraw consent at any time by removing or updating your profile within the App.
Legal obligation — retaining subscription transaction records for accounting and tax compliance.
Your rights under the GDPR. You have the right to:
Access — request a copy of the personal data we hold about you.
Rectification — ask us to correct inaccurate or incomplete data.
Erasure — ask us to delete your personal data ("right to be forgotten"), subject to legal retention obligations.
Restriction — ask us to restrict processing of your data in certain circumstances.
Portability — receive your personal data in a structured, commonly used, machine-readable format.
Objection — object to processing based on legitimate interests.
Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at privacy@214id.com. We will respond within 30 days. We may need to verify your identity before fulfilling a request.
International transfers. Our servers are located in the United States. Transfers of personal data from the EEA to the United States are made on the basis of Standard Contractual Clauses (SCCs) where applicable, or under Cloudflare's and Anthropic's respective data transfer mechanisms. You may request a copy of the applicable transfer safeguards by contacting us.
Right to lodge a complaint. You have the right to lodge a complaint with your local data protection authority. In the EU, a list of national authorities is available at edpb.europa.eu. In the UK, the relevant authority is the Information Commissioner's Office (ico.org.uk).
11. Changes to This Policy
We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If changes are material, we will provide notice within the App. Your continued use of the App after any changes constitutes your acceptance of the updated policy.
12. Contact
If you have questions about this policy or our privacy practices, please contact us:
General: mattsanf@214id.com
Website: www.214id.com