Privacy Policy
1. Introduction & Scope
This Privacy Policy explains how CN Web Studios (KVK: 99906155) and Orcha AI Solutions (KVK: 99897121), sole proprietorships registered in the Netherlands, jointly trading as Spotit ("we," "us," or "our"), collect, use, and protect information when you use our macOS desktop application for voice-driven UI guidance (the "Service").
By using Spotit, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.
Beta Notice: Spotit is currently in open beta. Data handling practices may change as the product evolves. We will update this policy to reflect any material changes.
AI Disclaimer: Spotit is powered by artificial intelligence, which can and will make mistakes. Do not use Spotit in contexts where you do not trust that it will take the correct action. You are solely responsible for any actions you take based on Spotit's AI-generated guidance. Always review suggested actions before following them, especially when working with important data or unfamiliar applications.
2. Data Controller Information
- CN Web Studios (KVK: 99906155) — Ciprian Nitipir
- Orcha AI Solutions (KVK: 99897121) — David Vasilescu
- Website: getspotit.com
- Contact: contact@getspotit.com
For the purposes of the EU General Data Protection Regulation (GDPR), CN Web Studios and Orcha AI Solutions act as joint data controllers for account data and analytics. For screenshot and voice data transmitted to AI providers, you act as the data controller and we act as a data processor on your behalf.
3. How Spotit Works — Data Flow
Understanding what data flows where is essential. Spotit operates in two modes:
3.1 Local Mode (Ollama — Default)
When Ollama is running, all processing stays on your device:
- Voice transcription via WhisperKit — fully on-device, never transmitted
- Screenshots processed locally by Ollama — never leave your Mac
- Accessibility tree data processed locally — never transmitted
- No data is sent to any external server in local mode (except optional analytics; see Section 7)
3.2 Cloud Mode (OpenRouter Fallback)
When Ollama is unavailable or for higher-tier reasoning, data is sent to cloud AI providers via OpenRouter:
- Screenshots — JPEG images of your active window (not full screen)
- UI element data — labels, roles, positions, and states from the accessibility tree
- Voice transcription text — the transcribed question (voice audio itself is never transmitted; transcription happens on-device via WhisperKit)
- Session context — up to 6 recent messages for conversational continuity
Screenshots are captured from the active window only, not the full screen. This minimizes exposure of background content.
4. Data We Transmit to Third-Party AI Providers
4.1 What Is Transmitted (Cloud Mode Only)
| Data Type | Description |
|---|---|
| Active window screenshot | JPEG image (0.85 quality) of only the frontmost window |
| UI element metadata | Labels, roles, positions, enabled/focused states from the accessibility tree |
| Transcribed question | Your spoken question, converted to text on-device |
| Session history | Up to 6 recent Q&A pairs for context |
4.2 AI Provider
| Provider | Role | Privacy Policy |
|---|---|---|
| OpenRouter | API gateway for cloud reasoning | openrouter.ai/privacy |
OpenRouter routes requests to upstream model providers (Anthropic, Google, etc.) based on the selected model. Each provider's data handling policies apply to data they receive.
Purpose: To enable AI-powered UI element identification and guided workflows.
Legal Basis: Contractual necessity and your explicit consent through use of cloud mode.
4.3 Recommendations
- Use local mode (Ollama) when working with sensitive content
- Avoid activating Spotit when passwords, financial data, or private messages are visible
- Be aware that screenshots include all visible content in the active window
5. Data We Store
5.1 Local Storage (On Your Mac)
| Data Type | Storage | Purpose |
|---|---|---|
| OpenRouter API key | UserDefaults | Cloud mode authentication |
| Auth tokens | macOS Keychain (encrypted) | Supabase account session |
| User email | UserDefaults | Account identification |
| App preferences | UserDefaults | Settings (companion mode, act mode) |
| Learned mappings cache | In-memory (10-min TTL) | Speed up repeated queries |
What is NOT stored locally: Screenshots, voice recordings, and transcription text are processed transiently and discarded. They are never written to disk.
5.2 Cloud Storage (Supabase)
When you create an account, the following data is stored in our Supabase database (hosted in EU — eu-west-2):
| Data Type | Purpose |
|---|---|
| User ID & email | Account identification |
| Sign-in timestamps | Account activity tracking |
| User tier | Subscription status (free/pro/power) |
| Interaction logs | Usage analytics (see Section 7) |
| Learned mappings | Crowd-sourced UI element patterns per app |
5.3 Waitlist (Website)
If you join our waitlist, we store your email address in Supabase solely for the purpose of notifying you about product availability.
6. Token Usage Tracking
When using cloud mode, we track token usage per interaction for the following purposes:
- Usage metering: Enforcing tier limits (query counts, guided action quotas)
- Cost monitoring: Estimating API costs to maintain the service
- Service improvement: Understanding which models and tiers are most effective
Token usage data includes:
| Metric | Description |
|---|---|
| Prompt tokens | Number of input tokens sent to the AI model |
| Completion tokens | Number of output tokens received from the AI model |
| Model identifier | Which AI model was used (e.g. claude-sonnet-4.6) |
| Provider | Routing provider (openrouter, ollama) |
| Estimated cost | Approximate USD cost of the API call |
Token usage is associated with your user account (if signed in) and is used to enforce monthly quotas and generate aggregate usage reports. We do not store the actual content of prompts or responses in token tracking.
7. Interaction Analytics
When you use Spotit (signed in or not), we log interaction metadata to improve the service:
| Data Point | Example | Purpose |
|---|---|---|
| Question text | "Where is the save button?" | Improve AI accuracy |
| Caption/response | "Click 'Save' in the toolbar" | Quality measurement |
| Confidence score | 0.85 | Accuracy tracking |
| Tier used | 3 (vision) | Model routing optimization |
| App bundle ID | com.apple.Safari | Per-app accuracy tracking |
| App name & category | Safari / browser | Feature prioritization |
| Element details | Label, role, snap status | AX snapping improvement |
| Multi-step flag | true/false | Workflow analytics |
| Feedback | thumbs up/down | Quality improvement |
What We Do NOT Log
- Screenshots or images
- Voice audio recordings
- Full accessibility tree dumps
- Window content or text visible on screen (beyond the question and matched element label)
- Passwords, form field values, or financial data
Website Analytics
Our website uses Microsoft Clarity for anonymous session analytics and Vercel Insights for performance monitoring. These services may use cookies.
8. Learned Mappings
Spotit stores "learned mappings" — associations between common questions and UI elements for specific apps. For example: in Safari, "address bar" maps to the URL text field.
- Mappings are stored in Supabase, keyed by app bundle ID and query pattern
- Mappings contain only element labels and roles, not screen content
- Mappings are shared across all users to improve accuracy for everyone
- You can provide positive/negative feedback to improve mapping quality
9. International Data Transfers
- Supabase database: Hosted in EU (eu-west-2, London)
- OpenRouter API calls: May be processed in the United States or other countries
- AI model providers: Anthropic, Google, and others may process data outside the EEA
By using cloud mode, you consent to the transfer of screenshot and UI data to these providers. Use local mode (Ollama) to keep all processing within your device.
10. Data Retention
| Data Type | Retention Period |
|---|---|
| Screenshots & voice audio | Not retained (processed transiently, never saved) |
| Local preferences | Until you uninstall Spotit |
| Keychain tokens | Until you sign out or uninstall |
| Supabase account data | Until you request deletion |
| Interaction logs | Until you request deletion |
| Learned mappings | Indefinitely (shared community resource) |
| Waitlist emails | Until product launch or your request |
| Data sent to AI providers | Per each provider's retention policy |
You can delete your local data at any time by:
- Signing out within the app (clears Keychain tokens and email)
- Uninstalling the application
- Emailing us at contact@getspotit.com to request server-side data deletion
11. Your GDPR Rights
If you are located in the European Union, you have the following rights under GDPR:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Rectification | Request correction of inaccurate personal data |
| Erasure | Request deletion of your personal data ("right to be forgotten") |
| Portability | Request your data in a portable, machine-readable format |
| Objection | Object to processing of your personal data |
| Restriction | Request limitation of processing |
| Withdraw Consent | Withdraw consent at any time (without affecting prior processing) |
To exercise your rights: Email us at contact@getspotit.com with your request. We will respond within 30 days.
Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.
12. Security Measures
- Local storage: Auth tokens stored in macOS Keychain (encrypted by the OS)
- HTTPS: All network communications use encrypted connections
- Active-window only: Screenshots capture only the frontmost window, not the full display
- Transient processing: Screenshots and audio are never written to disk
- Local-first: Default mode processes everything on-device
- EU hosting: Supabase database hosted in EU region
Your responsibility:
- Keep your macOS and Spotit updated
- Protect your device with appropriate security measures
- Do not share API keys or credentials
- Avoid activating Spotit when sensitive data is visible on screen
13. Children's Privacy
Spotit is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children under 18. If you are under 18, please do not use this Service.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be indicated by updating the "Last Updated" date and version number at the top of this document.
For material changes, we will notify users through the application.
Continued use of the Service after changes constitutes acceptance of the revised Privacy Policy.
15. Contact Information
For questions, concerns, or requests regarding this Privacy Policy:
- CN Web Studios (KVK: 99906155) — Ciprian Nitipir
- Orcha AI Solutions (KVK: 99897121) — David Vasilescu
- Email: contact@getspotit.com
- Website: getspotit.com
We aim to respond to all inquiries within 30 days.
This Privacy Policy is provided for informational purposes. We recommend consulting with a legal professional for comprehensive legal advice regarding data protection compliance.