Tugrul Erdem
Back to Project

Privacy Policy for Cicero: Academic Writing AI

Effective Date: July 16, 2026

Overview

Cicero (by Tugrul Works) is an AI proofreading and feedback app for academic writing: you upload a Word document, we analyze it on our servers with AI models, and you receive a findings report. This policy describes exactly what we collect, who processes it, and how long we keep it. By using the app, you agree to this policy.

1. Information We Collect

Cicero works without accounts — we never collect your name, email address, or any registered identity. When you use the app, we process:

  • Documents you upload (.docx files) — transmitted securely to our servers, parsed, and analyzed to produce your report; the document text is stored transiently and automatically deleted within 24 hours of processing.
  • An anonymous, device-based identifier used to link your credit balance and analysis jobs; it is random and cannot identify you personally. In the app you only ever see a short support code derived from it.
  • A one-time Apple DeviceCheck signal if you use the free trial — we store only a cryptographic hash, never a device fingerprint — used solely to grant free trial credits once per device.
  • A push notification token (only if you enable notifications) to tell you when your analysis is ready.
  • Anonymous usage analytics (screen and feature events; no document content, no personal data).

2. How We Use Your Information

We use this data exclusively to:

  • Run the analysis and produce your findings report.
  • Reserve, spend, and refund analysis credits correctly.
  • Send you a notification when a report is ready.
  • Fix bugs and understand which features are used.
  • Provide customer support when you contact us with your support code.

We do not sell data, show ads, or profile you.

3. AI Processing

Document analysis is performed with the help of third-party AI model providers (Anthropic, and Google models via OpenRouter). Your document text is sent to these providers to generate your analysis and is processed under their API terms, which do not permit using your content to train their models. An automated content-safety check runs before analysis.

Your finished reports are stored locally on your device — you can delete them at any time from the app (Archive), and deleting an analysis also removes its server record.

4. Data Storage & Security

All traffic is encrypted in transit (TLS). Servers run on Supabase infrastructure. Uploaded document text is transient (deleted within 24 hours); what remains server-side is limited to job metadata, credit records, and your anonymous identifier.

No method of transmission over the internet is 100% secure, but we follow current best practices to protect your data.

5. Third-Party Services

The following third parties process data on our behalf, each under their own privacy policy:

RevenueCat — Purchase processing — View their privacy policy
Apple App Store — Payments, DeviceCheck — View their privacy policy
Supabase — Hosting and backend infrastructure — View their privacy policy
Anthropic — AI analysis — View their privacy policy
OpenRouter — AI analysis (Google models) — View their privacy policy
PostHog — Anonymous usage analytics — View their privacy policy
Expo — Push notification delivery — View their privacy policy

6. Data Retention

  • Uploaded document text: deleted within 24 hours.
  • Analysis reports: stored on your device until you delete them.
  • Job metadata and credit ledger records: kept as long as needed to operate the service and meet legal (e.g. billing) obligations.

Your anonymous identifier and the data linked to it become permanently unreachable to you when you delete the app and its data.

7. Your Rights (GDPR & CCPA)

You have the right to access, correct, delete, or export the data associated with your anonymous identifier, and to object to or restrict its processing. Because we hold no account information, please include the support code shown in the app's Profile tab when you contact us, so we can locate your records.

8. Children's Privacy

Cicero is intended for users aged 13 and over. We do not knowingly collect data from children; if we learn we have done so, we will delete it promptly.

9. International Data Transfers

Our servers are located in Sydney, Australia, and AI providers process data in other regions (including the United States). Appropriate safeguards are maintained for all transfers.

10. Changes to This Privacy Policy

We may update this policy from time to time. Changes are posted on this page with an updated effective date; significant changes are additionally announced in the app.

11. Contact Us

Email: hello@tugrul.works

Developer: Tugrul Works