Mask
Privacy Policy
This Privacy Policy ("Policy") sets out the information-handling terms between the operator of Mask and users of the Mask website and client applications (collectively, the "Service"). By accessing, installing, or continuing to use the Service, you acknowledge that you have read, understood, and agreed to this Policy.
1. Definitions and Scope
Unless otherwise stated, "we," "us," and "our" refer to the operator of Mask; "you" and "user" refer to any individual or entity using the Service; and "Third-Party Model Providers" refer to model API providers selected and configured by you (including but not limited to OpenAI, Google Gemini, DeepSeek, Xiaomi Mimo, and Ollama remote deployments).
2. Information We Process (Local-First)
Mask is designed with a local-first architecture. By default, the following data is primarily stored on your device:
- API keys you manually configure (stored via local secure storage mechanisms);
- Conversation history, translation history, and settings;
- Runtime logs and diagnostics used for local troubleshooting.
3. Data We Do Not Retain
Under normal service workflows, Mask servers do not persistently retain your API keys, conversation history, raw screenshots, or translation text. Unless you explicitly initiate outbound requests, such content is not uploaded to Mask servers for centralized historical archiving.
4. Third-Party Model Providers and Liability Boundary
When you enable third-party model capabilities, relevant requests are transmitted to the provider you selected or configured.
- Each provider independently determines its data handling rules, retention practices, and compliance obligations;
- Privacy policies and terms for those model services are issued and updated solely by the respective providers;
- Mask cannot control how third-party providers store, analyze, or otherwise further process submitted content.
Important: You should review and accept each provider's privacy policy and terms before use. To the extent permitted by applicable law, Mask is not responsible for the data processing practices of third-party model providers.
5. Screen Capture and Processing
When you authorize screen recording permission, the Service captures only the application window or screen region that you designate, for purposes of OCR recognition, text translation, and on-screen overlay display. The Service does not perform continuous background screen recording.
In local OCR processing mode, captured images are first processed on your device locally for text recognition. Should you elect to use an online model provider, only the extracted text content is transmitted to the third-party model provider you configure; the raw screen image is not processed remotely.
In Vision Language Model (VLM) processing mode, should you explicitly elect image-based semantic understanding or image-based translation capabilities, the corresponding screen image region may be transmitted to the third-party model provider you configure for processing.
We do not route translation-related data through self-operated servers, nor do we maintain centralized cloud archives of your screen captures or recordings. Under default configuration, screen content is processed transiently on-device only. Should you explicitly enable local diagnostic logging or local network traffic logging, related data may be retained on-device for diagnostic purposes only. We do not automatically collect such local logs unless you export and share them yourself.
6. Purposes of Processing
We process data only to the extent necessary for functionality, operational reliability, and security, including:
- Running OCR, translation, and context-related processing;
- Saving your local preferences and session state;
- Diagnosing client-side issues and improving user experience.
7. Storage, Retention, and Deletion
- Local data remains under your control and may be deleted, reset, or overwritten at any time;
- If you uninstall the app or clear local storage, related data is removed from your device, subject to your system behavior;
- Mask does not maintain centralized cloud archives of user conversations or translations.
8. Data Security
We implement reasonable safeguards appropriate to the scale and risk profile of the Service, including secure local storage patterns, minimized upload strategies, and access controls. However, no technical or organizational measure can guarantee absolute security.
9. Your Rights and Choices
- You may review, modify, or delete locally stored settings and history;
- You may rotate, revoke, or disable third-party API keys at any time;
- You may stop using the Service and remove local data from your device.
10. Children
The Service is not directed to children under 13 (or a higher minimum legal age required by your jurisdiction). If you are a parent or guardian and believe information may have been processed inappropriately, please contact us.
11. Policy Updates and Effectiveness
We may update this Policy based on product adjustments, business changes, or compliance requirements. Updated versions will be posted on the website or in-app; material changes will be accompanied by prominent notice where reasonably required. Unless otherwise stated, updates take effect upon publication.
12. Contact
For questions, comments, or complaints regarding this Policy or related information handling matters, contact: hello@mask-app.com