iAgent Privacy Policy

1. Information we process

This policy is provided by Shanghai Aijingte Artificial Intelligence Technology Co., Ltd (上海爱晶特人工智能技术有限公司), the legal entity that owns and operates iAgent.

iAgent is designed to process locally by default. tables, reports, contracts, and other business materials imported by the user stay on the user's device by default for workflows the user starts.

The app may store local preferences such as language, model choice, interface settings, workflow definitions, and local runtime state. These details keep the desktop experience consistent.

To prepare local document-processing capabilities, the app may contact the update server in the background to download or update the Python Runtime, document-processing components, and security update components. These requests may include app version, platform, and component version information, but they do not include documents imported by the user.

When a user registers, signs in, purchases, uses Web Chat, uses managed model credits, submits feedback, or submits an error report, iAgent may process account information, device information, request time, model name, token usage, cost, status code, error information, the user's description, app version, platform information, and necessary runtime details.

On iOS, iAgent may also process Sign in with Apple or Google sign-in identifiers, Apple in-app purchase transaction identifiers, subscription product identifiers, restore-purchase records, App Store storefront and environment information, mobile device or push-token identifiers, and iOS permission state needed to provide the requested mobile experience.

If the user chooses to attach mobile content, iAgent may process files selected from the iOS Files app, photos selected from the photo library, camera captures, and cloud files already stored in the user's iAgent workspace. iAgent does not access these sources unless the user grants permission or selects the content.

2. When data may be sent

File parsing, amount handling, format conversion, and storage writes that can run locally should run locally first on desktop. On iOS, agent chat, file review, workspace browsing, workflow drafts, workflow runs, MCP-backed capabilities, Python Runtime, QuickJS, and similar agent capabilities are cloud-side services. The iOS app is a mobile client for these cloud services and does not run those runtimes locally on the device.

When a user uses Web Chat, iOS Chat, managed model credits, AI-assisted generation, semantic understanding, document Q&A, rule generation, script drafts, cloud workflow actions, or another feature that needs large model or cloud processing, related content may be sent to the iAgent cloud proxy, model providers, and necessary cloud service providers.

Content sent through the model path may include user prompts, conversation context, document excerpts placed into model context, table content, converted file text, tool call parameters, model responses, and intermediate model output. Users should not submit data they are not allowed to process, secrets, payment information, identity numbers, complete sensitive contracts, or other content they do not want to enter the cloud model path.

This data is used to provide AI features, generate responses, run user-started workflows, investigate issues, improve service quality, control cost, prevent abuse, support billing, and protect system security.

For App Store purchases, iAgent sends Apple signed transaction data or restore data to iAgent servers to verify the purchase, reconcile billing, and update Access Center entitlements. Apple processes App Store payments under Apple's own App Store terms and privacy practices.

3. AI interaction logs and third-party processing

iAgent may use Cloudflare AI Gateway or similar cloud logging systems to record AI interaction logs. These logs may include user prompts, document content placed into model context, model responses, model name, request time, token usage, cost, latency, status code, and error information.

These logs are used for debugging, quality analysis, security review, cost control, abnormal request tracing, and service operations. Cloudflare, DeepSeek, or other necessary providers may process this data as third-party processors.

iAgent limits internal access and may set retention policies based on operations, security, compliance, and cost-control needs. Unless required by law, dispute handling, abuse investigation, or a security incident, iAgent will not use AI interaction logs for unrelated public display.

4. Logs, diagnostics, and security

Regular application logs and diagnostics help investigate errors, crashes, and performance issues. They may include request metadata, device information, app version, status codes, and error types. AI interaction logs are handled under Section 3 of this policy.

Secrets, tokens, and authentication data should not be written to public logs, prompts, script source, or publicly visible files. Users can log out and clear local tokens.

iOS push notifications, when enabled, should contain only safe task status information such as event type, task identifier, and status. Sensitive prompt text, file content, secrets, payment details, and full task output should not be placed in notification payloads.

Capabilities that affect security or compliance, such as redaction, secret handling, cross-border transfer, and third-party processing, should receive separate review before formal release.

5. User controls

Users control which files they import, what they submit to AI, which workflows they run, whether generated script nodes are saved, and whether model or rule output is accepted. Critical actions should retain human review before execution.

Users can log out, clear local tokens, manage iOS permissions in system Settings, use Restore Purchase for App Store purchases, and use the supported billing modes shown in the public plan source.

If a user sees sensitive content where it should not appear in generated output, logs, or diagnostics, they should stop using that output and inspect it manually.

6. Policy updates and review notice

This page describes the current public data handling approach. Data flows, model calls, target markets, and third-party services should be updated here when they change.

The privacy policy may change as product features, data flows, model calls, third-party services, and launch regions change. Updates should be published on the official site with an effective date or applicable version.

If this policy conflicts with the terms of service, user notice, or applicable law, the applicable law and more specific written agreement control.