cheat-it-docs

This Privacy Policy explains how CheatIt (we, us, our) handles information when you use the CheatIt app on iPhone and Apple Watch (the Service).

CheatIt is a notes app with optional AI features. Most of your content stays on your devices. When you choose to use AI features, the content you select is sent to our backend and to third-party AI providers to generate a response.

1) The information we handle

A) Notes, documents, photos, and chat content (your Content)
CheatIt lets you create notes and attach PDFs and photos. This content is stored on your device and synced between your iPhone and Apple Watch.

If you have iCloud enabled, Apple may also store and sync your content using iCloud services. Apple’s iCloud data handling is governed by Apple’s policies.

B) AI requests (only when you use AI) AI features are optional. When you ask AI a question, we send the following to our backend service so it can generate an answer:
• the prompt you type
• relevant context you choose to include (for example, note text, PDF text, and images you attach)

Your request is routed through OpenRouter to the model provider you selected, so the provider can generate a response.

C) Subscription and entitlement information
AI features may require a paid subscription. Purchases are handled by Apple through In-App Purchases.

We use RevenueCat to manage subscription entitlements. RevenueCat provides us with an entitlement status (for example, whether AI features are active). The app also uses an app-specific identifier (often called an “App User ID”) for entitlement checks.

When you use AI features, our backend receives this identifier so we can verify entitlements, enforce usage limits, and prevent abuse.

We do not receive your payment card information. Apple handles payment details.

D) Usage, diagnostics, and security data
To operate the Service, we may process limited technical data such as:
• request metadata (for example, timestamps, platform like iOS or watchOS, and a request identifier)
• token counts and similar usage metrics needed to enforce quotas and manage costs
• basic logs for reliability and security (for example, error messages and rate-limiting events)
• network information like IP address, which is typically processed by servers when you connect

We do not require you to create an account with your name or email address.

2) How we use information

We use the information above to:
• provide core app functionality, including syncing between iPhone and Apple Watch
• provide optional AI features when you request them
• manage subscriptions and enforce entitlements and usage limits
• maintain, secure, and improve the Service
• comply with legal obligations and enforce our Terms of Service

3) How we share information

We do not sell your personal information.

We share information only as needed to provide the Service, including with:
• Apple, for iCloud syncing (if enabled) and In-App Purchases
• RevenueCat, for subscription entitlement management
• OpenRouter and the AI model provider you selected, to generate AI responses
• service providers that help us run our backend infrastructure (for example, hosting and database providers)

4) OpenRouter and AI provider data handling

OpenRouter and model providers are third parties. Their data practices can differ by provider and model.

Based on OpenRouter documentation, OpenRouter does not store prompts or responses unless prompt logging is explicitly enabled. OpenRouter does store request metadata such as token counts and latency, and it may perform limited anonymous prompt categorization for reporting and rankings.

We configure our OpenRouter account privacy settings to:
• disable free endpoints that may train on inputs
• disable free endpoints that may publish prompts
• disable paid endpoints that may train on inputs
• keep OpenRouter input/output logging for all requests disabled

We do not enable “ZDR Endpoints Only” because many models do not support it. As a result, even with the settings above, the underlying model provider may retain or process data for limited periods for safety, abuse prevention, debugging, or operational purposes, depending on the provider and model.

If you are sending sensitive information, consider not using AI features, or limit what you include in prompts and attachments.

5) Data storage and retention

On your devices
Your notes, documents, photos, and chat history are stored locally on your device and synced to your Apple Watch.

If iCloud is enabled
If you use iCloud, your content may be stored in iCloud. Apple controls iCloud retention and deletion behavior.

On our backend We store limited records needed to operate AI features, such as subscription entitlement snapshots and usage metrics (for example, request counts and token usage). We keep these records as long as reasonably necessary for operating the Service, handling support requests, and complying with legal obligations.

Third-party retention OpenRouter and model providers may retain or process data according to their own policies. See their documentation for details.

6) Your choices

• AI is optional. You can use CheatIt without AI features.
• You can delete notes and attachments at any time in the app. If iCloud syncing is enabled, deletions will also sync through iCloud.
• You can manage or cancel subscriptions in your Apple ID settings.
• If you want to request deletion of backend records associated with your usage, contact us at contact@dunitapps.com.

7) International users

We are based in the Republic of Serbia, and we may process information in other countries depending on where our service providers (such as OpenRouter, model providers, RevenueCat, Apple, and hosting providers) operate.

9) Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide notice where required.

10) Contact
If you have questions about this Privacy Policy, contact us at contact@dunitapps.com

11) Third-party policies

For more information about third-party services, you can review: • OpenRouter privacy policy: https://openrouter.ai/privacy
• OpenRouter privacy and logging overview: https://openrouter.ai/docs/features/privacy-and-logging/
• OpenRouter zero data retention (ZDR): https://openrouter.ai/docs/features/zdr
• RevenueCat privacy policy: https://www.revenuecat.com/privacy/
• Apple privacy policy: https://www.apple.com/legal/privacy/