Privacy Policy — DraftKai

As of: April 2026 · Version 2.0

Translation for convenience only. The German version is the legally binding text.

1. Data Controller

Daniel Stengel-Dori
Ostendstr. 88, 60314 Frankfurt am Main, Germany
Contact: support@medienkommission.de

2. Data Processed

DraftKai processes the following categories of data:

• Clause text and additional instructions you type, capture via OCR, or dictate
• Photographs of contract pages for Track Changes detection
• Voice input transcribed by Apple Speech Recognition
• Profile data and usage/billing records stored in your private iCloud database
• Subscription status managed by Apple StoreKit
• Local settings (drafting style, appearance) in UserDefaults
• Optional Anthropic API key stored in iOS Keychain
• Local diagnostic logs (os.Logger) that remain on your device

3. Purposes and Legal Bases

• Art. 6(1)(b) GDPR: Contract performance (providing rephrasing, analysis, Track Changes detection, export, subscription management)
• Art. 6(1)(a) GDPR: Consent for camera, photo library, and microphone input (revocable in iOS Settings)
• Art. 6(1)(f) GDPR: Legitimate interest for diagnostic logs and Anthropic’s abuse prevention measures

4. Recipients

Anthropic, PBC (USA): When you rephrase, analyze, or photograph for Track Changes, content is transmitted to the Anthropic API. Anthropic processes content for response generation and retains it for abuse prevention (up to 30 days by default; up to 2 years for violations of its usage policies).

Apple Inc.: Profile and usage data are stored in your private iCloud via CloudKit. The subscription is managed by Apple. Voice input may be processed on-device or on Apple servers. Apple transfers certain data to the USA under EU Standard Contractual Clauses.

5. International Transfers

Anthropic processes data in the USA under EU Standard Contractual Clauses (Implementing Decision (EU) 2021/914). Additional appropriate safeguards under Art. 46 GDPR are in place.

6. Retention

• Clause and image content are not persistently stored by DraftKai; they remain transiently in memory during API calls
• Anthropic retains API inputs/outputs up to 30 days by default; up to 2 years for policy violations
• Profile and usage data in your iCloud remain for 24 months or longer if required by law
• Local settings and optional API key remain on device until uninstallation or manual removal
• Diagnostic logs are managed by the OS and do not leave your device

7. Your Rights

You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and objection (Art. 21 GDPR). You may withdraw consent at any time (Art. 7(3) GDPR). To exercise your rights or for any enquiries, contact support@medienkommission.de. You also have the right to lodge a complaint with the competent supervisory authority (in Hesse, Germany: Hessischer Beauftragter für Datenschutz und Informationsfreiheit).

8. No Automated Decision-Making

No automated decision-making or profiling under Art. 22 GDPR takes place. AI-generated text suggestions are proposals; you decide whether to use them.

9. IONOS WebAnalytics

This website uses IONOS WebAnalytics, a server-side, cookieless analytics tool. IP addresses are anonymized before analysis. No cookies are set. No personal profiles are created. No consent banner is required because no personal data within the meaning of Art. 4(1) GDPR is processed for this purpose.

10. Amendments

We reserve the right to amend this Privacy Policy if changes to the app or applicable law require it. The current version is available at this link at all times.