Turki AI

Privacy Policy — Last updated: February 23, 2026

What We Collect

• Account info — Email address and display name (for authentication).
• Usage analytics — AI model used, tool names, token counts, and timestamps.
• Error logs — Error type and message, browser info. No conversation content is included.

What We Do NOT Collect

• Your conversations, messages, or prompts are never stored on our servers.
• Files you upload are never stored — they are processed in-memory and discarded.

Local Data Storage

Turki AI uses your browser's IndexedDB and localStorage to store chat history, settings, API keys, and files entirely on your device. We do not have access to this data. Data retention is under your full control — you can clear it at any time from your browser settings or from within the app.

Bring Your Own Key (BYOK)

All API keys are stored only in your browser (localStorage) and never saved on our servers. You are responsible for your own API key usage and any costs incurred with AI providers.

• AI providers (Anthropic, OpenAI) — Your API key and conversations are sent directly from your browser to the AI provider. Our servers never see your AI keys or messages.
• Integrations (iLovePDF, Gamma, GitHub, etc.) — Due to browser security restrictions (CORS), requests are forwarded through our proxy servers. Your integration keys pass through the proxy but are never logged or stored — forwarded in real-time and discarded.

Connected Apps (OAuth Integrations)

Pro subscribers can connect third-party apps (Gmail, GitHub, Figma, etc.) via OAuth. When you click "Connect", you authorize the app directly on the provider's website. OAuth tokens are stored by Unified.to (our integration partner) and associated with your user ID. We do not store OAuth tokens on our servers. You can disconnect any app at any time from Settings.

Slack Bot

The Turki AI Slack bot processes messages you send to it through Claude (Anthropic). Your messages are sent to Anthropic's API for processing and are not stored by Turki AI. The bot does not access your Slack workspace data, files, or channels beyond the messages directly sent to it. No conversation history is retained between sessions.

Third-Party Sub-Processors

• Anthropic / OpenAI — Direct browser-to-provider. Subject to their privacy policies.
• Supabase — Authentication and anonymous usage analytics. Data stored in Supabase's cloud infrastructure.
• Cloudflare Workers — Forward integration requests and file uploads. No data is stored.
• Unified.to — OAuth integration broker for connected apps. Stores OAuth tokens per user. Subject to Unified.to's privacy policy.
• Resend — Transactional email delivery (e.g., invite codes). Only email address and name are shared.
• Stripe — Payment processing. Subject to Stripe's privacy policy. We do not store your card details.

Your Rights

• GDPR (EU/EEA) — Right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data.
• CCPA (California) — Right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell your personal information.
• PDPL (Saudi Arabia) — Right to access, correct, and request destruction of your personal data in accordance with the Personal Data Protection Law.

Demo Mode

Turki AI offers a read-only demo mode for previewing the application. Demo sessions use simulated conversations and sample data only — no real user data is displayed. No personal data is collected, stored, or processed during a demo session beyond basic analytics (browser type and timestamp).

Contact

For questions or data subject requests: admin@turkiai.net