Privacy Policy
Last updated: March 16, 2026 · Effective: March 16, 2026
Cairn is developed by INFO WEB s.r.o., Czech Republic. Contact: privacy@getcairnapp.com
The short version
Your data belongs to you and most of it never leaves your device. All AI processing, health data analysis, and journal content is processed on-device using Apple's Foundation Models framework. We do not sell your data. We do not use it for advertising. We do not share it with third parties except where required to provide the service or required by law.
What Cairn collects
Journal entries
Stored locally in CoreData on your device. Eligible for end-to-end encrypted iCloud sync via CloudKit if you have iCloud enabled. We have no access to your iCloud data.
Health & biometric data (HealthKit)
| Data type | Purpose |
|---|---|
| Heart Rate | Biometric context per entry; pattern correlation |
| HRV (SDNN) | Stress and recovery indicator |
| Blood Oxygen (SpO₂) | Physiological context |
| Wrist Temperature | Recovery context (Watch Series 8+) |
| Mindfulness Minutes | Written back to Apple Health |
| State of Mind | Read and written for mood enrichment |
Health data is processed entirely on-device. It is never transmitted to our servers, never used for advertising, and never sold. You may revoke access at any time via iOS Settings → Privacy & Security → Health → Cairn.
Calendar data (EventKit)
Event titles, durations, and attendee counts — read in real time on-device, never stored or transmitted externally. Used only for calendar intelligence features.
Voice recordings
Audio is transcribed on-device immediately. Raw audio is never stored or transmitted. Only the text transcript is saved as a journal entry.
AI processing
On-device AI (all tiers): Uses Apple Foundation Models. No data leaves your device.
Core tier (BYOK): Journal content may be sent to your chosen API provider (Anthropic or OpenAI). Your API key is stored in the iOS Keychain and never transmitted to Cairn's servers.
Pro tier (managed): Anonymised journal excerpts may be processed by Mistral AI's API for deep synthesis. No name, Apple ID, health data, or directly identifying information is included. You may opt out in Settings.
Your rights (GDPR)
- Right of access — request a copy of your data
- Right to erasure — request deletion (most data is on-device; delete the app to remove it)
- Right to data portability — export via Settings → Export Data (JSON)
- Right to object — object to processing based on legitimate interest
- Right to lodge a complaint — ÚOOÚ (uoou.cz) or your local EU authority
To exercise your rights: privacy@getcairnapp.com. We respond within 30 days.
Third-party services
| Service | Purpose | Data shared |
|---|---|---|
| Apple App Store | Distribution & payment | Transaction ID, subscription status |
| RevenueCat | Subscription analytics | Anonymised subscription events |
| Mistral AI (Pro only) | Cloud AI synthesis | Anonymised journal excerpts |
Contact
INFO WEB s.r.o. · Czech Republic
privacy@getcairnapp.com