Privacy Policy

Effective date: March 19, 2026

SHrimp ("the App") is developed by Woods LLC. This policy explains what data the App accesses, how it's handled, and what choices you have.

The short version: your data stays on your device by default. When you use AI features, you send data directly to the provider of your choice. When you optionally enable SHrimp Email, your email is temporarily stored in Cloudflare's KV. We don't collect analytics and don't sell anything to anyone.

1. Data Stored on Your Device

All task data — titles, notes, due dates, categories, and archive history — is stored locally on your device in the App's sandboxed storage. This data is not transmitted to us or any third party except as described in Section 2 below.

Your AI provider settings and preferences are stored locally using iOS UserDefaults and the iOS Keychain (for API keys and OAuth tokens). Keychain data is encrypted at rest by iOS and protected by your device passcode.

2. Data Sent to Third-Party AI Providers

When you use the App's AI features, your task data and text input are sent directly to the AI provider you have selected and configured. The App supports the following 8 providers:

• OpenAI (ChatGPT) — openai.com/privacy
• Anthropic (Claude) — anthropic.com/privacy
• Google (Gemini) — policies.google.com/privacy
• Mistral — mistral.ai/terms
• xAI (Grok) — x.ai/legal/privacy-policy
• Perplexity — perplexity.ai/privacy
• Groq — groq.com/privacy-policy
• OpenRouter — openrouter.ai/privacy

These requests go directly from your device to the provider's API. They do not pass through any server operated by us. The data sent includes:

• Your current task list (titles, notes, due dates, categories, completion status)
• The text you type in the composer or terminal
• Images you attach via the camera or photo library (sent as base64-encoded JPEG data for AI vision processing)
• The system prompt (which you can view and edit in Settings)

Each provider has its own privacy policy and data retention practices. We encourage you to review them. When you use the App in manual mode (without an AI provider), no data leaves your device at all.

3. SHrimp Email (Optional Email-to-Task Pipeline)

SHrimp Email is completely optional. If you enable it in Settings, the App generates a unique device-local email address (in the format adjective-verb-noun@hermitshell.ai) and registers it with a Cloudflare Worker.

When enabled:

• Your device's push notification token is sent to the Cloudflare Worker to receive emails
• Inbound email content is temporarily stored in Cloudflare KV storage
• Email content is automatically deleted after you fetch it, or after 24 hours, whichever comes first
• No data about your emails is sent to us (Woods LLC) — storage and notification handling is managed entirely by Cloudflare

If you prefer maximum privacy, you can instead use:

• Siri voice commands
• The inbound share extension (receive from any app)
• Direct manual input in the composer

No account is required — your email address is generated locally on your device. You can delete your email address and unregister from the worker at any time in Settings.

4. Speech Recognition (Dictation)

The App includes an optional dictation feature that uses Apple's Speech framework. When you tap the microphone button, audio is processed by iOS to convert your speech to text. Depending on your device, iOS version, and locale, Apple may process audio on-device or send it to Apple's servers for recognition. This is handled by Apple's speech recognition service and is subject to Apple's Privacy Policy. The App does not record, store, or transmit audio data itself — it only receives the transcribed text, which stays on your device until you choose to send it to an AI provider.

5. Authentication

If you sign in with ChatGPT (for OpenAI), the App uses OAuth 2.0 with PKCE — an industry-standard secure authentication flow. OAuth tokens are stored in the iOS Keychain on your device. We do not receive or store your OpenAI account credentials. The App retrieves your email address from the OAuth ID token and stores it locally in the Keychain. This email is used only to display your account identity within the App and is never transmitted to us or any third party.

All other providers use API keys. Keys are stored in the iOS Keychain on your device and sent directly to the provider's API with each request. We never see or have access to your API keys.

6. Data We Collect

The App does not include analytics, crash reporting, advertising SDKs, or any tracking mechanisms. We do not collect usage data or telemetry of any kind.

If you enable SHrimp Email, the following data is stored on our Cloudflare Worker infrastructure:

• Your APNs device token (used to deliver push notifications when an email arrives)
• Your generated SHrimp email address
• Inbound email content (temporarily, up to 24 hours)

This data is used solely to operate the email-to-task pipeline and is deleted when you remove your email address in Settings. If you don't enable SHrimp Email, no data is collected at all.

7. Data Sharing

We do not share, sell, rent, or trade any user data with third parties. The only data transmission is between your device and the AI provider you explicitly configure, as described in Section 2.

8. Data Retention

Since all data is stored locally on your device, you have full control over it. Deleting the App removes all stored data, including tasks, settings, and Keychain entries. We retain nothing because we never had it.

9. Children's Privacy

The App is not directed at children under 13. We do not knowingly collect any data from children.

10. Changes to This Policy

If this policy changes, the updated version will be posted at this URL with a new effective date. Since we don't collect contact information, we cannot notify you directly — please check back periodically.

11. Contact

Questions or concerns about this policy? Contact us at:
support@hermitsh.ai