Last Updated: 2026-03-09
Welcome to ThinkFlow. This Privacy Policy explains how AppForges ("we", "us", or "our") collects, uses, and protects your information when you use the ThinkFlow application. ThinkFlow is a privacy-first learning tool that processes your video content locally on your device. We are committed to protecting your privacy and complying with applicable data protection regulations, including the GDPR and the CCPA.
By using ThinkFlow, you agree to the data practices described in this policy.
2.1 Account Information When you sign in via AppForges OAuth, we collect: - Email address - Display name - Unique account identifier
2.2 Subscription Information Payment is processed directly by Apple through StoreKit. We only receive: - Subscription status (active/inactive) - Subscription tier (Plus/Pro) - Expiration date We do NOT have access to your payment method or billing details.
2.3 Usage Data To improve service quality, we may collect anonymous usage statistics: - App launch frequency - Feature usage (e.g., mind map generation count) - Crash logs - Device type and operating system version - Processing time for ASR tasks
2.4 Information We Do NOT Collect ThinkFlow is designed with a privacy-first architecture: - Video files: Your videos are stored only on your local device. We never upload or access your videos. - Speech transcriptions: Whisper speech recognition runs entirely on your device. Transcription results are stored locally. - Mind map data: Generated mind maps are stored only on your local device. - Video content: We do not analyze, process, or store your video content on any server.
We use the information we collect to: - Provide and maintain ThinkFlow services - Verify your account and subscription status - Generate AI mind maps (transcription text is sent to our API server via HTTPS, processed via LLM, and returned as structured mind maps) - Improve app performance and user experience - Send important service notifications - Comply with legal obligations
When you use AI mind map generation: - Transcription text is sent to our server via encrypted connection (HTTPS) - Our server forwards the text to a Large Language Model service (OpenAI) to generate mind map structures - We do NOT permanently store your transcription text after processing - The transcription text is held in memory only during processing and discarded immediately after
OpenAI's data handling is governed by their privacy policy. We have a data processing agreement with OpenAI that prohibits them from using your data for model training.
We do not sell your personal information to third parties.
ThinkFlow uses the following third-party services: - AppForges OAuth: User authentication (email, username) - OpenAI API: Mind map generation from transcription text (temporary transmission only) - Apple StoreKit: Subscription payment processing (handled entirely by Apple)
We may share your information when: - Required by law or legal process - Necessary to protect our rights, safety, or property - You have given explicit consent
Local data protection: - Videos, transcriptions, and mind maps are stored in your device's local application directory - Local data is protected by the operating system's sandboxing mechanism
Network security: - All network communications use HTTPS encryption - OAuth tokens are stored using system secure storage (macOS Keychain) - Server-side data is limited to account and subscription information only
- Account information: Retained until account deletion - Subscription records: Retained as required for financial record-keeping - Usage analytics: Aggregated and anonymized after 90 days - Crash logs: Deleted after 90 days - Transcription text sent for AI processing: Not retained; discarded immediately after processing
Upon account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
Under GDPR (for EU/EEA residents), you have the right to: - Access your personal data - Rectify inaccurate data - Erase your data ("right to be forgotten") - Restrict processing of your data - Data portability - Object to processing - Withdraw consent at any time
Under CCPA (for California residents), you have the right to: - Know what personal information is collected - Know whether your data is sold or disclosed, and to whom - Opt out of the sale of personal information (we do not sell your data) - Access your personal information - Request deletion of your personal information - Non-discrimination for exercising your rights
To exercise any of these rights, please contact us at privacy@appforges.com. We will respond within 30 days.
Your account data and transcription text (during AI processing) may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses approved by relevant authorities.
ThinkFlow is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at privacy@appforges.com, and we will take steps to delete such information.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the app or on our website. The "Last Updated" date at the top indicates the most recent revision.
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us: - Email: privacy@appforges.com - Website: https://appforges.com/contact