Yomi
Get started

Legal

Privacy Policy

Last updated: May 2025

Overview

Yomi is designed to be private by default. Screenshots are sent to our LLM proxy only when you trigger a query — never stored, never used for training. Audio is transcribed via cloud STT and discarded immediately after.

Data we collect

We collect the minimum data needed to operate the service:

  • Account data — email address, OAuth provider identifier (Google or GitHub). No passwords stored.
  • Usage events — query count, agent runs, token usage, and cost. Used for metering and billing. No prompt content stored.
  • Device metadata — OS, app version, last-seen timestamp. Used for support and compatibility.
  • Memory blobs — if cloud sync is enabled, your Yomi notepad is encrypted and synced. You can delete it at any time.

Data we never collect

  • Raw screenshots or screen recordings
  • Raw audio recordings
  • Prompt content or conversation history (unless you explicitly enable cloud memory)
  • Content from blocklisted apps (password managers, banking apps)

Data handling during queries

When you trigger a query, your screenshot and transcribed voice text are sent to our LLM proxy to generate a response. Neither is stored after the request completes. Yomi never captures your screen or microphone in the background.

Third-party services

We use the following third-party services:

  • AI Credits / OpenAI-compatible API — LLM inference via our proxy. Prompts sent to these providers are subject to their respective privacy policies. We do not enable training data use.
  • ElevenLabs — cloud STT and TTS for voice features.
  • Razorpay — payment processing. We never store card details.
  • Neon (Postgres) — encrypted database hosting.

Data retention

Usage events are retained for 12 months for billing purposes then deleted. Account data is retained while your account is active. You can delete your account and all associated data at any time from Settings → Account → Delete account.

Your rights

You have the right to:

  • Access a copy of all data we hold about you
  • Delete your account and all associated data
  • Export your memory/notepad data
  • Opt out of cloud sync (use local-only mode)

To exercise these rights, contact us at privacy@yomi.app.

Security

Memory blobs are encrypted at rest using AES-256. OAuth tokens for MCP connectors are encrypted. We use HTTPS for all data in transit. We conduct regular security reviews.

Changes to this policy

We will notify users of material changes via email at least 14 days before they take effect. The latest version is always at yomi.app/privacy.

Contact

Questions? Email privacy@yomi.app or open an issue on GitHub.