Privacy Policy

Last Updated: June 5, 2026

MarAiLen ("we," "our," or "us") is committed to protecting your digital privacy. This Privacy Policy outlines how our mobile application collects, processes, and protects your information under global data protection frameworks, including GDPR, CCPA, and the California Delete Act.

    Zero-Cloud Guarantee: MarAiLen operates as an offline-first mobile application. Your document scans, metadata, and biometric keys are saved exclusively on your physical device hardware and are never transmitted to our servers.
  

1. Data Collection and Usage

To provide our services, MarAiLen utilizes the following data streams:

Camera Streams: Used exclusively in real-time to capture multi-exposure bracketed images for document scanning. Images are processed ephemerally.
Biometric Data: FaceID or Fingerprint authentication is requested natively via your device's operating system to lock your local Vault. We never collect, see, or store your biometric mathematical models.
Document Data: Raw text and HTML structures generated from scans are stored in an encrypted local SQLite database on your device.

2. Third-Party Data Processing (Generative AI)

To execute document structure analysis and create "Digital Twins," MarAiLen securely transfers compressed image data to our AI processing partner, OpenAI.

Data Sharing Bound: Only the specific image files you capture are sent to the API. No account info or telemetry is attached.
Data Deletion & Retention: All data transmitted to our AI partner is processed ephemerally. Our enterprise API agreement explicitly dictates that your documents are never retained for machine learning or model training purposes.

3. Your Right to Erasure (California Delete Act & GDPR)

We strictly enforce the "Right to be Forgotten." Because all database structures reside locally on your phone:

You may permanently destroy all scans, edit histories, and application data at any moment by utilizing the "Delete Account & Data" action inside the application settings.
This action invokes an un-recoverable, military-grade cryptographic wipe of the local database file sandbox.

4. Contact & Compliance Audits

For questions regarding our privacy architecture, or to file a data verification request, contact our privacy compliance desk at: legal@marailen.com