Privacy Policy
Last updated: April 5, 2026
1. What We Collect
Account Data
When you create an account, we store your email address and display name. If you sign in with Google, we receive your email and name from Google — we do not access your contacts, files, or other Google data.
Subscription Data
Your plan type (free or pro) is stored in our database. Payment processing is handled by third-party providers — we do not store credit card numbers or billing details.
Error Logs
When errors occur in the desktop app or website, we may log: your user ID, error message, stack trace, app version, operating system, and related context. This data is used solely for debugging and improving the Software.
Desktop App
The Yoki desktop application stores all data locally on your device (clipboard history, notes, settings, timers). This data is not transmitted to our servers. Pro users may sync app settings to the cloud for cross-device access. No clipboard data is stored on our servers.
AI Chat
The AI Chat feature sends your prompts and attachments to the provider you choose. When you use the bundled Yoki Pro provider, your request is proxied through yoki.run to Google Gemini; we do not persist chat content or attachments on our servers and only keep short-lived counters to enforce rate limits and abuse protection. When you bring your own key (Gemini, OpenAI, Anthropic, Groq, OpenRouter), traffic goes directly from your machine to that provider — we never see your key or your conversation. When you use Ollama, everything stays on your device and nothing leaves it.
API keys you enter into Yoki are encrypted at rest on your machine with Windows DPAPI (CurrentUser scope) — only your Windows account can decrypt them. Chat history, pinned chats, and attachments live in your local Yoki data directory and never sync to our servers. AI prompts are filtered with prompt-injection protection, and tool-calling actions (creating timers, macros, notes) always require an explicit Apply click before anything runs.
2. Cookies
We use essential cookies only — Supabase authentication session cookies required to keep you signed in. We do not use tracking cookies, advertising cookies, or analytics services.
3. Third-Party Services
- Supabase — authentication and database hosting
- Google OAuth — optional sign-in method
- Tenor — GIF search (queries are sent to Tenor API)
- Vercel — website hosting
Each service has its own privacy policy. We recommend reviewing them.
4. Data Storage
Account and error data is stored in Supabase (hosted on AWS). Error logs are subject to row-level security — users can only access their own logs.
5. Data Retention
Account data is retained while your account is active. Error logs are retained for debugging purposes and may be periodically purged. You may request account deletion at any time.
6. Your Rights
You may:
- Request a copy of your stored data
- Request correction of inaccurate data
- Request deletion of your account and associated data
Contact yokirun@yoki.run for any of these requests.
7. Children
Yoki is not directed at children under 13. We do not knowingly collect data from children.
8. Changes
We may update this policy. Changes will be posted on this page with an updated date. Continued use constitutes acceptance.
9. Contact
Questions? yokirun@yoki.run