Privacy Policy

Last updated: 8 February 2026

This Privacy Policy applies to the Foldy iOS app. It does not cover the foldy.ai website.

This Privacy Policy explains how we process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Controller

Foldy UG (Haftungsbeschränkt)

Hünefeldzeile 12a, 12247 Berlin, Germany

Email: [email protected]

Represented by: Mariia Tarbaieva

2. Data Processing

All data entered by users is stored locally on the device. Foldy does not store your documents on its own servers, and the app does not include analytics or tracking SDKs as of today. If you enable and use AI features, relevant content may be transmitted to our external AI service provider (Amazon Web Services (AWS) via Amazon Bedrock, using the Claude Sonnet model) for the purpose of generating the AI output you requested.

What We Process

No Tracking / Analytics

The app does not use tracking technologies or third-party analytics SDKs as of today. We do not collect advertising identifiers (such as IDFA) or build profiles of your app usage.

Use of AI Features (Claude Sonnet via Amazon Bedrock)

We use Amazon Bedrock (AWS) with the Claude Sonnet model to process and summarize the documents you upload when AI features are enabled and used.

Data Minimization and Redaction

Where possible, we minimize the amount of data sent for AI processing and may attempt to redact sensitive information before transmission.

Redaction helps reduce exposure of sensitive data, but it may not catch everything. As a result, the transmitted content may still contain personal data.

No Disclosure

We do not share personal data with third parties, except when required to provide app functionality (e.g., AWS (Amazon Bedrock) for AI processing) or by law.

Legal Basis

AI features: your consent (Art. 6(1)(a) GDPR). You may withdraw consent at any time (Art. 7 GDPR) by disabling AI features in the app and by not using AI features.

Support/feedback communications: depending on the context, processing may be based on your consent (Art. 6(1)(a) GDPR) and/or our legitimate interest in responding to your requests (Art. 6(1)(f) GDPR).

Rights of Users

You have the right to access, rectify, delete, restrict, and port your data, and to withdraw consent at any time (Arts. 15–20 GDPR).

If processing is based on our legitimate interests, you also have the right to object (Art. 21 GDPR).

3. International Transfers

If you use AI features, content may be processed by AWS (Amazon Bedrock) in countries outside the European Economic Area (EEA), depending on the service configuration and infrastructure. Where required, we rely on appropriate safeguards (for example, Standard Contractual Clauses) and additional technical and organizational measures to protect data transfers.

4. App Store Data

Apple automatically collects device information, OS version, crash reports, and app version details. Apple acts as an independent controller for this data. For details, see Apple's Privacy Policy:

https://www.apple.com/legal/privacy/

5. Data Recipients

Data is shared only with service providers necessary to operate the app (e.g., Apple for App Store distribution and crash reporting, and AWS (Amazon Bedrock) for AI processing when you use AI features) and under GDPR-compliant agreements where applicable.

6. Data Retention

On-device content: retained on your device until you delete it in the app or uninstall the app.

AI processing content: Foldy does not store the content you submit to AI features on its own servers as part of providing the AI output. We configure our AWS setup to avoid storing prompts and model outputs (for example, optional model invocation logging is disabled).

Support/feedback communications: retained only as long as needed to respond to you and to document feedback, and then deleted or anonymized where feasible.

App Store crash reports: handled by Apple as an independent controller; retention is governed by Apple’s policies.

7. Your Rights Under GDPR and BDSG

You have the right to access, correct, delete, restrict, and port your data, and to lodge a complaint with a supervisory authority.

Supervisory authority:

The Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Graurheindorfer Str. 153, 53117 Bonn
https://www.bfdi.bund.de

8. Data Security

We protect your data using encryption in transit where applicable, restricted access, and appropriate technical and organizational security measures.

For AI processing, we aim to minimize the data sent and avoid direct identifiers where possible. We may also attempt to redact sensitive content before transmission; however, redaction may not catch everything and the transmitted content may still contain personal data.

9. Changes to This Policy

We may update this Privacy Policy to reflect changes in the app or legal requirements.

The current version is always available at https://foldy.ai/app-info/ios/1.0/en/privacy.html.

10. Contact

For questions, please contact:

[email protected]

Hünefeldzeile 12a, 12247 Berlin, Germany