Our Privacy Commitment

Lorelio is built on a fundamental belief: your most personal memories deserve the highest level of privacy. Unlike other memoir and autobiography apps that process your voice and stories in the cloud, Lorelio runs all AI processing — speech recognition (ASR), interview question generation (LLM), and text-to-speech (TTS) — entirely on your device.

This isn’t just a feature. It’s the architecture of the entire app.

Data That Stays on Your Device

The following data is created and stored on your device. It is never transmitted to our servers because we do not operate content servers:

• Your voice recordings during interview sessions
• Speech-to-text transcripts
• AI-generated interview questions and acknowledgements
• Your autobiography prose and chapters
• Photos you add to the app
• Photo metadata (EXIF data including dates, locations, camera info) — processed on-device only
• Your timeline, entity data (people, places, dates), and session history
• Your name and any personal information within your stories

iCloud Sync

Lorelio requires iCloud to sync your autobiography data across your Apple devices. This sync uses Apple’s CloudKit infrastructure. Key details:

• Your data is encrypted in transit and at rest by Apple
• Your data resides in your personal iCloud account under your Apple ID
• We do not have access to your iCloud data
• Sync is governed by Apple’s iCloud security policies
• Photos sync in three tiers: thumbnails and previews immediately, full-resolution on demand

You can manage your iCloud storage and data through your Apple ID settings.

On-Device AI

Lorelio uses three AI models, all of which run entirely on your device:

• Speech recognition (ASR): Converts your spoken words to text on-device. No audio is sent to any server.
• Language model (LLM): Generates interview questions, acknowledgements, and autobiography prose on-device. No text is sent to any server.
• Text-to-speech (TTS): Reads questions and responses aloud on-device. No data is sent to any server.

These models are downloaded once when you first set up the app and run locally thereafter.

Photo EXIF Handling

When you add photos to Lorelio, the app reads EXIF metadata (date taken, GPS coordinates, camera model) to provide context for your autobiography. This metadata is processed entirely on-device and is never transmitted externally.

Data We Do NOT Collect

We want to be explicit about what we do not do:

• No analytics: We do not currently collect any analytics or usage data
• No third-party sharing: We do not share any data with third parties
• No cloud AI: We do not send any content to cloud AI services
• No advertising: We do not display ads or share data with ad networks
• No location tracking: We do not access your device’s location services
• No contacts access: We do not access your contacts
• No tracking across apps: We do not use device identifiers or cross-app tracking

Purchase Information

All purchases are processed through Apple’s App Store. Apple is the merchant of record. We do not collect, store, or have access to your payment information, credit card details, or Apple ID.

Third-Party Services

Lorelio does not use any third-party AI services, advertising networks, analytics platforms, or data brokers. The only third-party services involved are:

• Apple App Store — for app distribution and payment processing
• Apple CloudKit — for syncing your data across your devices via iCloud

Sharing & Export

When you choose to export your autobiography as a PDF, Word document, or shareable web link, you control where that content goes. PDF and Word files are generated entirely on your device. Shareable web links upload a copy of selected content to a temporary, secure server only at your explicit request.

Data Deletion

You have complete control over your data:

• “Delete My Story” within the app permanently removes all your autobiography data from your device and iCloud
• Deleting the app removes all local data
• You can manage iCloud data through your Apple ID settings

Since we never had your data on our servers, there is nothing for us to delete on our end.

Children’s Privacy

Lorelio is designed for adults and is not directed at children under 13. We do not knowingly collect information from children. If you believe a child under 13 has used the app, please contact us. In compliance with the U.S. Children’s Online Privacy Protection Act (COPPA), we do not collect personal information from children.

Country-Specific Provisions

India — Digital Personal Data Protection Act (DPDP), 2023

As your data is processed entirely on-device, Lorelio acts as a minimal data fiduciary. Your rights as a data principal — including the right to access, correct, and erase your data — are exercised directly through the App’s built-in controls. iCloud sync data is governed by Apple’s data processing practices under Indian law.

United Kingdom — UK GDPR

We comply with the UK General Data Protection Regulation. As no personal data is transmitted to our servers, our data processing activities are limited to on-device processing under your control. Your rights under UK GDPR (access, rectification, erasure, portability) are exercised through the App. iCloud sync is governed by Apple’s data processing terms.

Australia — Australian Privacy Principles (APP)

We comply with the Australian Privacy Principles under the Privacy Act 1988. As we do not collect personal information on our servers, our obligations relate primarily to transparency about on-device data handling. You may contact us regarding privacy concerns at the address below.

Canada — PIPEDA

We comply with the Personal Information Protection and Electronic Documents Act. As personal information is processed on-device and synced via Apple’s iCloud, we do not collect or store personal information on our servers. Your consent to on-device processing is provided through your use of the App.

New Zealand — Privacy Act 2020

We comply with New Zealand’s Privacy Act 2020. As we do not hold personal information on our servers, information privacy principles relating to collection, storage, and disclosure by us do not apply in the traditional sense. You maintain full control of your data through the App.

United States — California (CCPA/CPRA)

For California residents: We do not sell your personal information. We do not share your personal information for cross-context behavioural advertising. Since all data is processed on-device and we do not collect personal information on our servers, the categories of personal information collected by us are limited to purchase transactions processed by Apple. You may exercise your rights under the CCPA by contacting us at the address below.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes through the App or on this page. The “Last updated” date at the top reflects the most recent revision.

Contact

If you have any questions about this privacy policy, please contact us at privacy@lorelio.app.