Local Chat icon

Local Chat

Privacy policy

Last updated: 12 June 2026

This Privacy Policy describes how Anthony DePasquale (“we”, “us”, “our”) collects, uses, and protects your information when you download and use Local Chat (“the App”).

Data Controller: Anthony DePasquale – Calle del Dr. Castelo, 44 – 28009 Madrid, Spain – [email protected]

Connecting to Third-Party Providers

The local models used in the App and related data are downloaded directly from Hugging Face. You can review Hugging Face’s privacy policy here.

If you use Apple’s iCloud service, your chat history and app settings can be stored in your private iCloud storage and synced to your other devices. This feature can be disabled in the App’s settings.

The App allows you to connect to online model providers (e.g., Anthropic, Google Gemini, OpenAI, xAI) using your own API keys. When you use this feature, your queries (including chat messages and attached media from the current session) are sent directly from your device to the respective service provider. Our servers are not involved in this communication, and we do not see, log, store, or process the content of your chats or the responses from these providers.

When connecting to online model providers, your data is subject to their privacy policy, terms of service, and data processing practices. By using your API key, you are establishing a direct relationship with that provider, and your data is processed according to your agreement with them. We encourage you to review the privacy policy of any provider before using them with the App. Anthony DePasquale merely facilitates this direct communication and is not a processor or controller of the personal data you send to these providers.

Information We Collect

To provide the App’s functionality, we collect a minimal amount of data. Under the GDPR, we must have a valid legal basis for processing your data.

  • Connection Data

    • Data Collected: Our servers provide metadata on the latest available models to the App. To protect our service from abuse, we may process a pseudonymous hash of your IP address. We may also generate aggregated, anonymous statistics in order to monitor server load.

    • Purpose

      • To provide up-to-date metadata on local and online models
        • Legal Basis (GDPR): Performance of a Contract
      • To prevent abuse
        • Legal Basis (GDPR): Legitimate Interest

  • Purchase Information

    • Data Collected: When you make a purchase or start a trial, Apple provides us with a pseudonymous purchase identifier and basic transaction information (e.g., subscription start date, product purchased). We do not receive your name, email address, Apple ID, or payment details.
    • Purpose
      • To validate purchases that unlock premium features
        • Legal Basis (GDPR): Performance of a Contract
      • For internal, anonymized financial reporting
        • Legal Basis (GDPR): Legitimate Interest

  • Anonymized Crash and Performance Data

    • Data Collected: If you opt in to share diagnostics with app developers on your device, we may receive anonymized reports from Apple containing information about app crashes or performance issues. This data is fully anonymized and cannot be tied to an individual user.
    • Purpose: To identify errors and improve the stability and performance of the App.
    • Legal Basis (GDPR): Consent (you provide your consent for this processing by opting to share this data through your device’s system settings, and you can withdraw it at any time).

  • Public Reviews from the App Store

    • Data Collected: When you post a review on the Apple App Store, we may collect a copy of that review using Apple’s public APIs. This includes your username as it appears on the App Store and the content of your review.
    • Purpose: To better understand our users’ feedback, identify bugs or potential improvements, and respond to customer service issues.
    • Legal Basis (GDPR): Legitimate Interest. Our legitimate interest is in improving our App and services based on the public feedback provided by users.

Data Storage and Security

  • On-Device and iCloud Storage: Your chat history and app settings are stored on your device and, if you use iCloud, in your private iCloud storage.
  • Server Security: We implement appropriate technical and organizational measures to protect the minimal personal data we process. This includes encrypting data in transit and at rest and restricting access to our systems.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected.

  • Service and Connection Data (IP Address): A pseudonymous hash of your IP address, used for abuse prevention, may be retained for up to 24 hours.
  • Purchase Information: We retain pseudonymous purchase identifiers for as long as you have an active subscription or purchase and for a reasonable period thereafter to comply with legal and financial reporting obligations.
  • Public Feedback and Reviews: We may retain a copy of App Store reviews for as long as they are relevant to our product development and improvement cycles.

Third-Party Services

We rely on the following third-party services to provide the App:

  • Apple (App Store & iCloud): For processing in-app purchases and, if you choose to use iCloud, for cloud storage of your chat history and app settings. You can review Apple’s privacy policy here.
  • DigitalOcean: For hosting the server infrastructure that supports the App’s connectivity. You can review DigitalOcean’s privacy policy here.
  • Hugging Face: For downloading AI models and related data. You can review Hugging Face’s privacy policy here.

International Data Transfers

We use service providers in the United States to operate the App. To ensure all data transfers from the EEA, UK, and Switzerland are lawful, we rely on appropriate data transfer mechanisms.

For transfers to U.S. providers certified under the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the DPF, and the Swiss-U.S. DPF, we rely on their certification. This applies to our use of DigitalOcean.

In addition, and as a fallback mechanism, our agreements with all third-party providers include the European Commission’s Standard Contractual Clauses (SCCs) to ensure your data is protected to a standard equivalent to that of the EU.

Your Data Rights

You have certain rights regarding the personal data we hold about you.

For Residents of the EEA, UK, and Switzerland:

You have the following rights under the GDPR:

  • Right of Access: To ask for a copy of the data we hold about you.
  • Right to Rectification: To ask us to correct any inaccurate information.
  • Right to Erasure (Right to be Forgotten): To request the deletion of your data.
  • Right to Restrict Processing: To ask us to temporarily halt the processing of your data.
  • Right to Data Portability: To ask for your data in a structured, machine-readable format.
  • Right to Object: To object to our processing of your data where we rely on legitimate interest as our legal basis.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority. For users in Spain, this is the Agencia Española de Protección de Datos (AEPD).

For Residents of California:

You have the following rights under the CCPA/CPRA:

  • Right to Know: To know what personal information we have collected about you, including the categories of information, the sources, the purposes for collecting it, and the categories of third parties to whom we disclose it.
  • Right to Delete: To request the deletion of your personal information.
  • Right to Correct: To request the correction of inaccurate personal information.
  • Right to Opt Out of Sale/Sharing: You have the right to opt out of the “sale” or “sharing” of your personal information. We do not “sell” or “share” your personal information as those terms are defined under the CCPA.
  • Right to Limit Use of Sensitive Personal Information: The CCPA allows you to limit the use of your sensitive personal information. We do not collect any sensitive personal information.
  • Right to Non-Discrimination: You will not be discriminated against for exercising your privacy rights.

How to Exercise Your Rights: To exercise any of these rights, please email us at [email protected]. As we collect very little personal data, we need to verify your request. To delete your purchase history, please include a copy of the purchase receipt from Apple so we can locate the corresponding pseudonymous identifier.

Children’s Privacy

The App is not intended for or directed at individuals under the age of 16 in the EEA/UK, 14 in Quebec (Canada), or 13 in the United States. We do not knowingly collect personal data from children. If we become aware that we have, we will take steps to delete such information immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be published on this page with the “last updated” date at the top. If we make a material change, we will notify you through a prominent notice in the App.

Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at [email protected].