ΣΟΦΙΣΤΗΣ Last updated: 31 May 2026

Privacy Policy

What we collect, why, and what we don't.

Sophist is an iOS application for reading classical Greek texts with an AI tutor. This policy describes what data the app processes and how. It is written plainly, without lawyer hedging — if anything here is unclear, write to hello@sophistapp.com.

---

The short version

• We do not ask for your name, email, phone number, or any personal account.
• We assign your device an anonymous UUID stored in iOS Keychain so we can track usage and enforce daily limits.
• When you chat with the Sophist tutor, your messages are sent to our backend and then to OpenRouter (which routes to Google Gemini). They are stored on our backend for service operation and aggregate analytics. They are not sold or shared for advertising.
• Reading activity, vocabulary, bookmarks, etc. are stored on your device only. They are not uploaded.
• If you enable "Bring Your Own Key" in Settings, chat traffic goes directly from your device to OpenRouter and never touches our backend.
• We use no third-party advertising, tracking, or analytics SDKs.

What we collect

Anonymous device identifier

On first launch, the app generates a random UUID (e.g. F47AC10B-58CC-4372-A567-0E02B2C3D479) and stores it in iOS Keychain. This UUID is sent to our backend with every chat and analytics request so we can: enforce the daily message limit, attribute purchases to the right device, and aggregate usage statistics. The UUID cannot be linked to your identity.

Sophist tutor conversations

When you send a message to Sophist:

• Your message + recent conversation context is sent to our backend at api.sophistapp.com.
• The backend forwards it to OpenRouter (openrouter.ai), which routes the request to Google's Gemini model.
• The model's reply is streamed back to your device.
• The backend logs token counts, latency, cost, persona used, and the text of any error — for service reliability and cost monitoring. The text content of your messages is not stored on our servers.
• OpenRouter and Google may temporarily process the message content per their own policies. See their privacy documents linked below.

If Bring Your Own Key is enabled, the request goes directly from your device to OpenRouter using your own API key. Our backend never sees the request.

Analytics events

The app sends small event records to our backend describing what features you used — for example, reading_session_started with the work you opened, quiz_completed with your score, or screen_view with the tab name. Events include the anonymous device UUID and a timestamp. They do not include the content of what you read, wrote, or saved. We use these to understand which features work, fix bugs, and prioritize improvements.

Subscription receipts

If you subscribe, your App Store receipt is sent to our backend for verification with Apple. Apple's response (subscription product, expiration date, original transaction ID) is stored to recognize your paid status on subsequent app launches.

What stays on your device

The following are stored locally in SwiftData / UserDefaults / Keychain and never uploaded:

• Your vocabulary list and spaced-repetition progress
• Bookmarks and reading progress
• Quiz and review history with scores
• Chat conversation history (the local copy used to render the chat UI)
• Notes, conversation metadata, and learning insights
• Theme preference, reading settings, daily goal
• If enabled: your OpenRouter API key (stored only in iOS Keychain)

What we do not collect

• Name, email, phone, address
• Photos, contacts, calendar, location
• Advertising identifiers (IDFA)
• Third-party tracking data

We use no advertising SDKs, no Crashlytics, no Firebase, no Sentry, no PostHog, no Mixpanel — just our own backend.

Third parties

• OpenRouter — proxies AI requests to model providers. Privacy policy.
• Google — provides the Gemini language model used by Sophist. Cloud privacy notice.
• Apple — App Store, in-app purchase, push notification infrastructure. Privacy policy.
• DigitalOcean — hosts our backend (server location: San Francisco, USA).
• Let's Encrypt — issues the TLS certificate for our backend.

Data retention

• Device + subscription records: retained while your subscription is active and for 12 months after the last activity.
• Analytics events: retained 24 months in aggregated form.
• Message logs (token counts, costs, latency): retained 90 days.
• Local on-device data: retained until you delete the app or clear it in Settings.

Your rights

You can:

• Delete all local data at any time via Settings → Clear Reading Progress / Clear Vocabulary, or by deleting the app.
• Request deletion of all server-side data tied to your device UUID by emailing hello@sophistapp.com. Include the UUID (visible in Settings → About, or we can guide you). We will delete within 30 days.
• Export your local vocabulary list as CSV from Settings.
• Disable analytics by deleting the app or — if you want to keep using it — by enabling BYOK in Settings, which stops chat data from going through our backend (note: usage events from non-chat features still go to our backend; we'll add an analytics toggle in a future release).

Children

Sophist is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has used the app, contact us and we will delete any associated records.

Changes to this policy

If we materially change what we collect or how it is used, we will update this page and post a notice in the app on next launch. The "Last updated" date at the top reflects the most recent revision.

Contact

Sophist is operated by Daniel Zautner, based in Helsinki, Finland. Reach us at hello@sophistapp.com.