Privacy Policy

Cueply is developed and operated by Bybeit, Inc., a corporation registered in Japan.

This Policy applies to information processed through your use of the Cueply iOS application, including its keyboard extension functionality. It does not apply to:

• Third-party websites, services, or applications that you may access through or alongside the App;
• The privacy practices of Apple, Inc. in connection with the App Store or iOS operating system;
• The privacy practices of third-party AI providers used by the App, which are governed by their own separate privacy policies.

3.1 Information You Voluntarily Provide

Cueply is designed as a privacy-first application. The only data processed through the App is screenshots or images you explicitly and voluntarily import into the App for analysis ("User Content").

We do not require you to create an account. We do not ask for, collect, or store your name, email address, phone number, location, or any other personal identifiers.

3.2 Information We Do Not Collect

To be clear about what we do not do:

• We do not collect, store, or retain any screenshots or images you import into the App on our servers;
• We do not build user profiles or maintain any persistent records about you;
• We do not collect device identifiers, advertising identifiers (IDFA), or persistent unique IDs;
• We do not access your contacts, camera, microphone, location, or other device resources beyond what is minimally necessary to operate the keyboard extension;
• We do not use cookies, web beacons, or similar tracking technologies;
• We do not collect behavioral analytics or usage data on our own infrastructure.

3.3 Automatically Collected Technical Information

Standard iOS operating system crash reports and diagnostic data may be made available to us through Apple's App Store Connect platform, subject to your iOS device settings and Apple's own privacy policy. Such data is governed by Apple's terms and does not include the content of your screenshots.

4.1 Transmission to AI Providers

The core functionality of Cueply requires transmitting the screenshot you import to a third-party artificial intelligence service for analysis and reply generation. You may select which AI provider processes your content:

• OpenAI, L.L.C. ("OpenAI") — using OpenAI's API services;
• Anthropic, PBC ("Anthropic") — using Anthropic's API services.

Your screenshot is transmitted directly from your device to the selected provider's API endpoint over an encrypted HTTPS connection. Bybeit does not receive, intercept, or store a copy of your screenshot at any point during this transmission.

4.2 Third-Party Provider Data Practices

• OpenAI Privacy Policy
• Anthropic Privacy Policy

As of the date of this Policy, we understand that both OpenAI and Anthropic represent that API inputs may be used for safety and policy compliance purposes. However, their policies are subject to change, and Bybeit makes no warranties or representations regarding those policies.

4.3 Your Responsibility Regarding Content

Because your screenshot is transmitted to a third-party AI provider, you should:

• Avoid importing screenshots that contain sensitive personal information (such as financial data, government-issued ID numbers, health information, passwords, or private communications you do not intend to share with a third-party AI service);
• Ensure you have the right to share the content of any screenshot you import, including with respect to the privacy rights of any third parties depicted or referenced in that screenshot.

Where applicable law requires a legal basis for processing personal information, we rely on the following:

• Performance of a Contract / Service: Processing User Content is necessary to provide the App's core functionality at your request.
• Legitimate Interests: Processing aggregate crash reports to maintain and improve the stability of the App.
• Consent: Where required, we will seek your consent before processing any information not described in this Policy.

For users in the European Economic Area (EEA), United Kingdom, or other jurisdictions that recognize GDPR-equivalent frameworks, the transmission of your screenshot to a third-party AI provider is initiated by you at your direction and constitutes processing under your explicit instruction.

To the limited extent we receive any information (e.g., crash diagnostic data from Apple), we use it solely for the following purposes:

• To operate, maintain, and improve the technical performance and stability of the App;
• To investigate and resolve technical issues or bugs;
• To comply with applicable legal obligations;
• To enforce our Terms of Service and protect the rights of Bybeit and our users.

We do not use your information for advertising, marketing, profiling, or any purpose beyond those listed above.

7.1 Third-Party AI Providers

As described in Section 4, your screenshot is transmitted to your selected AI provider (OpenAI or Anthropic). This is the only sharing of User Content that occurs, and it is initiated by you at your express direction.

7.2 Service Providers

We may engage third-party vendors that provide infrastructure, security, or analytics services to support the operation of the App. Any such vendors are bound by confidentiality obligations and are prohibited from using information for their own purposes.

7.3 Legal Requirements and Safety

We may disclose information if we believe in good faith that such disclosure is reasonably necessary to:

• Comply with a legal obligation, court order, regulatory demand, or enforceable governmental request;
• Enforce our Terms of Service or other agreements;
• Protect the safety, rights, or property of Bybeit, our users, or the public;
• Detect, prevent, or address fraud, security, or technical issues.

7.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, any information held by us may be transferred as part of that transaction. We will provide notice if such a transfer results in a material change to this Policy.

7.5 No Sale of Personal Information

We do not sell, rent, or trade personal information to third parties for their own commercial purposes.

Bybeit retains no copies of the screenshots or images you import into the App on our systems. User Content is transmitted ephemerally to the selected AI provider and is not stored by Bybeit.

Any incidental technical data (such as crash logs accessible through Apple's App Store Connect) is retained only for as long as necessary to resolve the relevant issue, and in any event for no longer than twelve (12) months.

Retention of your data by OpenAI or Anthropic is governed by their respective privacy policies and retention schedules.

We implement reasonable technical and organizational measures to protect information in our possession against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encrypted transmission of User Content via HTTPS/TLS to third-party AI provider endpoints;
• No server-side storage of User Content by Bybeit;
• Limiting access to technical systems to authorized personnel only.

However, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security and encourage you to exercise caution regarding the content of screenshots you choose to import.

10.1 General Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

• AccessThe right to request information about what personal data we hold about you.
• CorrectionThe right to request correction of inaccurate personal data.
• DeletionThe right to request deletion of your personal data.
• PortabilityThe right to receive your personal data in a portable format.
• Objection / RestrictionThe right to object to or request restriction of certain processing activities.
• Withdrawal of ConsentWhere processing is based on consent, the right to withdraw consent at any time.

Because Bybeit does not collect or retain personal data from users in the ordinary course of operating the App, many of these rights may have limited practical application to us specifically. However, you may exercise rights with respect to data held by OpenAI or Anthropic directly by contacting those providers.

10.2 California Residents — CCPA / CPRA

If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These include the right to know, delete, and opt out of the sale or sharing of personal information. As noted above, Bybeit does not sell or share personal information. To submit a privacy request, contact us at privacy@bybeit.app.

10.3 EEA / UK Residents — GDPR

If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR, including rights of access, rectification, erasure, restriction, portability, and the right to lodge a complaint with a supervisory authority. To exercise your GDPR rights, contact us at privacy@bybeit.app.

10.4 Japan Residents — APPI

If you are located in Japan, your personal information is protected under the Act on the Protection of Personal Information (APPI) and applicable guidelines issued by the Personal Information Protection Commission (PPC). You have the right to request disclosure, correction, addition, deletion, cessation of use, and cessation of provision to third parties with respect to personal information held by us. To submit a request under APPI, contact us at privacy@bybeit.app.

10.5 How to Submit a Request

To exercise any privacy rights described above, please contact us at privacy@bybeit.app. We will respond to verifiable requests within the timeframe required by applicable law (generally thirty (30) days or as otherwise required). We may need to verify your identity before processing your request.

The App is not directed to, and we do not knowingly collect personal information from, children under the age of 13 (or such higher age as may be required by applicable law, including 16 in certain EEA member states). If you believe a child has provided personal information through the App, please contact us at privacy@bybeit.app and we will take steps to delete such information.

The App is intended for users who are 17 years of age or older, consistent with its App Store age rating. Use of the App by minors is subject to parental or guardian consent where required by law.

Bybeit is based in Japan. By using the App, you acknowledge that your User Content will be transmitted to the AI provider's servers, which may be located outside your country of residence, including in the United States.

Where such transfers involve personal data originating from the EEA or UK, OpenAI and Anthropic have represented that they maintain appropriate safeguards (such as Standard Contractual Clauses) for such transfers. Please review their respective privacy policies for details.

The App may contain links to third-party websites or services (including the privacy policy links of our AI providers). These third-party sites have their own privacy policies, and we have no responsibility or liability for their content or practices. We encourage you to review the privacy policies of any third-party services you access.

The App does not track users across third-party apps or websites for advertising purposes. Because we do not engage in behavioral tracking, we do not alter the App's data practices in response to "Do Not Track" signals from browsers or devices.

The App is distributed through the Apple App Store. Apple's collection and use of information related to your use of the App Store is governed by Apple's Privacy Policy, available at https://www.apple.com/legal/privacy. Bybeit is not responsible for Apple's data practices.

We may update this Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this document. For material changes, we will provide notice through the App or through other reasonable means, as required by applicable law.

Your continued use of the App after the effective date of a revised Policy constitutes your acceptance of the updated Policy. We encourage you to review this Policy periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We will make reasonable efforts to respond to all inquiries within thirty (30) days, or within the timeframe required by applicable law.