Introduction

Dahlia Intelligence Inc. (“Company,” “we,” “us,” or “our”) is a Canadian company committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the DAHLIA mobile application (“DAHLIA app” or the “Service”). The DAHLIA app is a personal AI assistant that integrates with your Apple services and utilizes OpenAI’s API to provide AI‑driven assistance (e.g., managing emails, contacts, calendars, and reminders). This app is distributed globally through Apple’s App Store.

By using the DAHLIA app, you acknowledge that you have read and understood this Privacy Policy. We comply with applicable privacy laws, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). If you do not agree with our practices, please do not use the Service.


Personal Data We Collect and Access

We follow the principle of data minimization—collecting only what is necessary to provide and improve our Service. The types of personal data we collect or access include:

- Account Information (Sign in with Apple): When you create an account via Sign in with Apple, we receive your name, Apple ID email address (or Apple relay email), and possibly your age or date of birth.  

- Device Information: We automatically collect limited device data (IP address, OS version, model, timestamps) to measure performance, ensure security, and debug issues.  

- Personal Content from Apple Services (accessed in real time, not stored):

  - Emails – read, summarize, or draft replies.  

  - Contacts – identify senders or schedule events.  

  - Calendar Events – read/modify events, send reminders.  

  - Reminders – create or mark tasks complete.  

- Interaction & Usage Data: Content of your requests and AI responses may be processed by our servers and OpenAI’s servers to generate answers. We log minimal metadata for debugging and quality control.  

- Customer Support Communications: Information you send us when you request help.

We do not collect payment data; all transactions are handled by Apple’s App Store.


How We Use Your Data

We use collected data only to:

1. Provide the Service (authenticate you, perform tasks you request, generate AI responses).  

2. AI Processing via OpenAI (OpenAI acts as data processor; no training on your data).  

3. Account Management & Communication (name, email, age for compliance and support).  

4. Debugging & Quality Improvement (logs, crash reports, limited QA review).  

5. Security & Fraud Prevention (detect, investigate, and prevent malicious activity).  

6. Legal Compliance (comply with applicable laws).


Disclosure of Your Data

We do not sell, rent, or trade your personal information. We share data only with:

- Service Providers (e.g., OpenAI, Heroku, Apple frameworks) under strict agreements.  

- Authorized Personnel within Dahlia Intelligence Inc., bound by confidentiality.  

- Legal Authorities when required by law.  

- Successor Entities in the event of a merger or acquisition (with notice to you).


Data Retention

- Account Info: kept while your account is active (or as required by law).  

- Emails/Contacts/Calendar/Reminders: processed on‑the‑fly, not stored; any temporary caches are short‑lived and encrypted.  

- Interaction Logs: retained only as long as needed for debugging (e.g., 30 days).  

- Device Info: kept briefly for security/analytics unless needed for investigation.  

All retained data is securely deleted or anonymized when no longer necessary.


Data Security

We protect your information through:

- End‑to‑end TLS encryption in transit and encryption at rest.  

- Strict access controls and staff confidentiality.  

- Secure cloud hosting (Heroku/Salesforce, Apple infrastructure).  

- Ongoing security testing, monitoring, and incident response procedures.


International Data Transfers

Your data may be processed in Canada, the United States, and other jurisdictions. We use Standard Contractual Clauses and other safeguards to ensure adequate protection, particularly for EU/UK users.


Your Rights

Depending on your location, you may have rights including (but not limited to):

- GDPR (EU/EEA/UK): access, rectification, erasure, restriction, portability, objection, withdraw consent, lodge complaints.  

- CCPA (California): know, delete, correct, non‑discrimination (we do not “sell” or “share”).  

- PIPEDA (Canada): access, correction, withdraw consent, lodge complaints.

To exercise any right, contact us at the emails below. We will verify your identity and respond within the legally required timeframe (usually ≤ 30 days).


Your Choices (Opt‑Out Options)

- Manage or revoke device permissions (Contacts, Calendar, etc.) in iOS Settings.  

- Uninstall the app or request account deletion to stop all data processing.  

- We do not send marketing emails; essential service emails cannot be opted‑out of without ending service.


Children’s Privacy

DAHLIA is not intended for children under 13 (or the applicable age of consent). We do not knowingly collect data from minors. Parents may contact us for prompt deletion of any inadvertent collection.


Data Breach Notification & Incident Response

We maintain detection, containment, and notification procedures. If a breach poses risk to you, we will notify affected users and authorities within 72 hours (or as required by law), describing the incident and recommended protective steps.


Changes to This Privacy Policy

We may update this Policy periodically. Significant changes will be communicated via in‑app notice or email. Continued use of DAHLIA after updates constitutes acceptance of the revised Policy.


Contact Us

- Support – support@dahliaintel.com

- General Inquiries – info@dahliaintel.com

Please include your name and the email linked to your DAHLIA account when contacting us. We will respond promptly to any privacy‑related questions or requests.