Privacy Policy for Ghosty AI

Effective Date: January 27, 2025

1. Introduction

Welcome to Ghosty AI ("we," "our," or "us"). We are committed to protecting your privacy and providing you with full control over your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our desktop application ("Application") and our website (collectively, the "Services"). Please read this policy carefully.

2. Information We Collect

We collect information necessary to provide and operate our Services.

  • Account Information: When you register, we collect your name, email address, phone number, and generate a unique access key for your account.
  • Payment Information: When you subscribe, our third-party payment processors collect your payment card details. We do not store or have access to this information ourselves.
  • User Content: We collect the resume, background information, and other text you provide to personalize the AI's responses ("User Info").
  • API Keys: We collect and store your personal Google Gemini API key if you provide one for use within the Application.
  • Screen Captures: The Application captures screenshots of your screen only when you explicitly trigger it via a hotkey.
  • Microphone Audio: In "Transcription Mode," the Application captures audio from your microphone. This raw audio is processed locally on your device for transcription and is never uploaded to our servers or any third-party cloud service.
  • Keystroke Information: When the "Global Typing" feature is active (toggled by you), the Application captures keystrokes to allow you to type into the prompt box from any window. This feature is inactive by default.
  • Usage Data: We may collect anonymized diagnostic data, such as the frequency of feature usage and performance metrics, to identify bugs and improve our Services.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Maintain our Service: To create your account, process transactions, and operate the core functionalities of the Application.
  • To Personalize Your Experience: To use your "User Info" to tailor the AI's responses and make them relevant to your background.
  • To Improve Our Services: To understand how our users interact with the Application and to make improvements.
  • To Communicate With You: To send you service-related updates, security alerts, and support messages.

4. Data Handling, Control, and Your Privacy

We are committed to user privacy and control. Your information is used solely to provide and improve the Services.

  • Screen Captures and Analysis: When you trigger a screenshot analysis, the image(s) and your prompt are sent directly to the Google Gemini API to generate a response. The AI response and the URLs of your screenshots (hosted on Cloudinary) are stored in your account's analysis history. You have full control over this history. You can permanently delete any analysis entry, including the stored screenshot and AI response, at any time from your user dashboard.
  • Microphone Audio and Transcription: In "Transcription Mode," audio from your microphone is processed locally on your device. Your raw audio is never sent to our servers. The generated text transcript is sent directly to the Google Gemini API for analysis. Your transcript text is not stored on any server owned or operated by Ghosty AI.
  • API Keys and User Information: Your API keys and personal background information are stored to personalize your experience. You have full control over your API keys and can permanently delete them from your user dashboard at any time.
  • Chat and Message Data: To protect your privacy, all chat messages and message history are permanently and automatically deleted from our systems on a weekly rolling basis. We do not retain long-term logs of your conversations.

5. Data Storage, Security, and Our Commitment

  • Local Storage: Your primary access key and custom API key are stored in a configuration file on your local computer at C:\Ghosty\config.ini.
  • Cloud Storage & Deletion: Your account information and analysis history are stored in our secure backend database. Deleting an item from your dashboard permanently deletes the record from our database and the associated image file(s) from our Cloudinary storage.
  • Our Commitment: We do not sell your personal data to third parties. Ever. Our business model is based on subscriptions, not monetizing your data.

6. Sharing and Disclosure of Information

Our data sharing is limited and transparent, designed to make the Application functional.

  • Google Gemini: Your screenshots, transcripts, and prompts are sent to Google's API, governed by Google's Privacy Policy.
  • Cloudinary: Screenshots are hosted on Cloudinary and are deleted when you delete the corresponding analysis history.
  • OnRender (Our Backend Host): Our application servers and database are hosted on OnRender.
  • Legal Compliance: We may disclose your information if required by law or other valid legal process.

7. Your Data Rights and Data Retention

  • Right to Access & Correct: You can access and update your profile information and API keys through your user dashboard.
  • Right to Deletion (Right to be Forgotten): You have the right to delete your analysis history at any time. You may also request the complete deletion of your account and all associated data by contacting us.
  • Data Retention: We retain your account information and analysis history for as long as your account is active, unless you delete it. Chat history is automatically deleted weekly.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on our website and, if changes are significant, by notifying you through the Application or via email.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at support@ghosty-ai.com or through our support portal in ghosty-ai.com.