← Back

Privacy, in plain words

icanwrite is built privacy-first. Here's what that means for you

  • Your writing stays on your device. We never store the content of your documents on our servers.
  • AI only sees what you choose to share. And LLM providers don't get any data on you.
  • We collect the bare minimum. Just your email and your prompts (so you can access them on other devices).
  • We never touch your card details. Payments are handled securely by Stripe.
  • Run AI fully offline if you like. Local models keep your text on your computer.

Privacy Policy for icanwrite.app

Last Updated: June 1, 2026

Welcome to icanwrite.app (the "App"), a co-pilot for writers, operated by Maxim Kotin from Berlin, Germany. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. We operate under German and European Union (EU) data protection laws, including the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

icanwrite is designed to be privacy-first. Your documents live in a local folder on your own device. We do not store the content of your writing on our servers. Your text leaves your device only when you actively use an AI feature, and only the portion needed for that request is sent to a cloud AI provider for processing. Please read this Privacy Policy carefully. If you do not agree with its terms, please do not use the App.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates. You will be deemed to have accepted the changes in any revised Privacy Policy by your continued use of the App after the date such revised Privacy Policy is posted.

1. Information We Collect

We deliberately collect as little information as possible. The information we may collect via the App includes:

  • Account Data: When you register, we collect your email address (used as your username) so we can create and authenticate your account. This is processed and stored using Supabase authentication services.
  • Payment Data: If you purchase a subscription or credits, payment is handled by our payment processor, Stripe. We store only the limited account and subscription information that Stripe needs to process and manage your payments. We do not collect or store your full card details — these are handled directly by Stripe.
  • Your Prompts and Shortcuts: To sync your experience across sessions and devices, we store the custom AI prompts and shortcuts you create within the App. These are settings and configurations you author, not the documents you write.
  • Document Content — Stored Locally, Not by Us: The documents you create and edit are read from and written to a folder on your own device. We do not upload, store, or retain the content of your documents on our servers. The content of a document leaves your device only when you choose to use an AI feature, as described in Section 2.

We do not collect usage analytics, advertising identifiers, or any personal data beyond what is described above.

2. How We Use Your Information

We use the limited information we collect to provide and operate the App. Specifically, we may use it to:

  • Create, authenticate, and manage your account.
  • Process your payments and manage your subscription via Stripe.
  • Save and sync the custom prompts and shortcuts you create.
  • Provide AI-powered writing assistance. When you use an AI feature, the relevant portion of your text (for example, the passage you ask us to review or improve) is sent to a third-party AI provider purely for processing. We do not attach your personal account data to these requests, and we do not retain the text on our servers afterward.
  • Respond to your comments and questions and provide customer support.
  • Comply with legal obligations, as required by German and EU law.

3. Data Storage and Security

  • Your documents stay on your device. Because document content lives in your local folder and is never stored on our servers, it is not exposed by any breach of our systems. You remain responsible for backing up and securing the local folder where your documents are kept.
  • Account, payment, prompt, and shortcut data is stored on Supabase and Stripe servers. We strive to protect this information in line with applicable legal requirements (Art. 32 GDPR).
  • The App is under active development. While we take reasonable measures to protect the limited data we hold, no system can be guaranteed to be completely secure, and you use the App acknowledging these limitations.

4. Third-Party Services

  • Supabase: We use Supabase for user authentication and for storing your account information, prompts, and shortcuts. Supabase has its own privacy policy, which we encourage you to review. Data you provide is processed by Supabase under our direction and in accordance with a data processing agreement where required.
  • Stripe: We use Stripe to process payments and manage subscriptions. Stripe handles your payment details directly under its own privacy policy. We receive only the limited information necessary to fulfil and manage your purchase.
  • AI Providers (Large Language Models): When you use an AI feature, the relevant portion of your text is sent to third-party AI providers to generate suggestions. We do not send your personal account data to these providers. We endeavor to work with providers who have strong privacy and security practices, but we are not responsible for their individual policies concerning the data they process. The App also supports local AI models that run entirely on your device, in which case your text is not sent to any third party at all.

5. Cookies and Tracking Technologies

We use only essential cookies necessary for the proper functioning of the App, particularly for Supabase authentication to work. These cookies do not track your activity across different websites and are not used for advertising purposes. You can typically remove or reject cookies via your browser settings. However, refusing cookies may affect the availability and functionality of the App.

6. Data Retention

Because your documents are stored locally on your device, their retention is entirely under your control. We retain your account information, payment records, prompts, and shortcuts for as long as your account is active or as needed to provide the App's services. We may also retain certain information as necessary to comply with our legal obligations (e.g., under German commercial or tax law), resolve disputes, and enforce our agreements. You can request deletion of your account and associated data by contacting us.

7. Your Rights (especially under GDPR)

As a data subject, particularly if you are in the EU/EEA, the General Data Protection Regulation (GDPR) grants you specific rights regarding your personal data. These include:

  • The right to access a copy of your personal information (Art. 15 GDPR).
  • The right to request correction (rectification) of inaccurate personal information (Art. 16 GDPR).
  • The right to request erasure of your personal information ('right to be forgotten') under certain conditions (Art. 17 GDPR).
  • The right to request restriction of processing of your personal information under certain conditions (Art. 18 GDPR).
  • The right to data portability, allowing you to receive your personal data in a structured, commonly used, and machine-readable format and to transmit those data to another controller under certain conditions (Art. 20 GDPR).
  • The right to object to processing of your personal information under certain conditions, particularly where processing is based on legitimate interests or for direct marketing purposes (Art. 21 GDPR).
  • The right to withdraw consent at any time where processing is based on your consent (Art. 7(3) GDPR). The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

To exercise these rights, please contact us using the contact information provide below.

8. Children's Privacy

The App is not intended for use by children under the age of 16 unless explicit consent is given or authorized by the holder of parental responsibility over the child, in line with GDPR requirements. We do not knowingly collect personal information from children under this age without such consent. If we become aware that we have collected personal information from a child in violation of applicable law, we will take steps to delete that information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions or concerns about this Privacy Policy wish to exercise your data subject rights under GDPR, or have any other inquiries regarding your personal data, please contact us at:
max@icanwrite.app