Buy Credits

DesktopTools.ai & KamuAI Privacy Policy

Last Updated: 2025-06-01

1. Introduction

This Privacy Policy explains how Iomine Oy ("Iomine," "we," "us," or "our") collects, uses, and protects your personal data when you use our services.

This single policy covers both:

  • The KamuAI desktop application and other authorised Iomine desktop applications (collectively, the "Software").
  • The DesktopTools.ai website and the associated user-account service ("Account").

This policy describes the data we process for both the standalone use of our Software and when you use the Software in conjunction with an Account. It is designed to be read alongside the KamuAI End-User License Agreement (EULA), which governs your use of the Software, and the DesktopTools.ai Terms of Service, which govern your use of the Account.

It is crucial to understand that our Software and Account service act as gateways to external, third-party large-language-model services ("External Services"). When you send data (Inputs) to an External Service, that data is processed by the third-party provider according to their own privacy policies and terms, which we do not control.

By using our Software or creating an Account, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller and Contact Information

The data controller for your personal data is:

Iomine Oy
Business ID: 1611973-5
Paavonpolku 1
39160 Julkujärvi
Finland

For any questions or requests regarding your personal data and privacy, please contact us at:

Email: support@iomine.zendesk.com

3. What Information We Collect and Why

We collect different types of information depending on how you interact with our services. The table below explains what we collect and why.

Data Category What We Collect Purpose of Processing Legal Basis (GDPR)
Software Operational Data (When using KamuAI) IP address, operating system, and current Software version. To check for essential Software updates and ensure the security and continued functionality of the application. Legitimate Interest (Article 6(1)(f)) to maintain and secure our Software.
Account Information (Collected only if you create a DesktopTools.ai Account) Your name, email address, company name (if provided). To create and manage your Account, authenticate you, communicate essential service-related information, and provide customer support. Performance of a contract (Article 6(1)(b)) – providing the service you signed up for.
Payment Information (Collected only when you purchase Credits for your Account) Transaction history (date, amount, Credits purchased), partial payment details (e.g., last 4 digits of a card, card type). We do not store your full credit card number. To process your purchases of Credits, manage your Credit balance, handle billing inquiries, and prevent fraud. Payments are handled by our merchant-of-record, Polar Software Inc. Performance of a contract (Article 6(1)(b)).
Service Usage Data (Collected only when using an Account) Inputs and Outputs: The prompts you send and the responses you receive are processed transiently to provide the service.

Metadata: API calls made, timestamps, IP addresses, which External Service was used, and the number of Credits consumed.		 Inputs/Outputs: To route your request to the correct External Service and return the generated Output to you. We do not use your Inputs or Outputs to train any models.

Metadata: To operate the service, calculate Credit usage, ensure security, monitor for abuse, and troubleshoot technical issues.		 Performance of a contract (Article 6(1)(b)).

Legitimate Interest (Article 6(1)(f)) for security monitoring and service optimisation.
Communications Any information you provide when you contact our support team. To respond to your inquiries, provide support, and improve our services. Legitimate Interest (Article 6(1)(f)) to provide effective customer service.
Website & Cookie Data IP address, browser type, and device information collected via strictly necessary cookies. To ensure the fundamental functionality, security, and proper operation of our website. These cookies are essential for the website to work and cannot be disabled. Legitimate Interest (Article 6(1)(f)) for providing a functional and secure website.

Important Note on Inputs/Outputs:

The way your Inputs (prompts) and Outputs (responses) are handled depends entirely on how you configure the Software:

  • When using a DesktopTools.ai Account: Your Inputs are sent through our service to the External Service. We process this data transiently as described in the table above.
  • When using the Software without an Account: This includes two main scenarios:
    1. Using a self-hosted AI model: This refers to running a large language model entirely on your own computer, typically managed by third-party software such as Ollama. In this configuration, all processing happens on your local device. Your Inputs and Outputs are never sent over the internet to us or any other third party.
    2. Providing your own third-party API key: In this case, your Inputs are sent directly from your computer to the external AI provider. We do not act as an intermediary.

In both of these "non-Account" cases, we do not receive, process, or log your Inputs or Outputs.

3.1 Local Chat History

For your convenience, the KamuAI application is designed to save a history of your chat conversations with LLM models (your Inputs and the model's Outputs) as one or more files directly on your local computer. This allows you to review past interactions without needing to be online.

  • These files are stored entirely on your device and are under your control.
  • This chat history is never transmitted to Iomine or any other third party.
  • You are responsible for managing and securing these local files. You can view, edit, or delete your history at any time by accessing the files on your computer.

4. Data Sharing and Third-Party Services

We do not sell your personal data. We only share it with third parties when necessary to provide our services, comply with the law, or protect our rights. The categories of third parties we share data with are described below.

For full transparency, we maintain a current list of the specific companies we use as third-party service providers and sub-processors on our website. You can view this list here: https://desktoptools.ai/third-party-services

  • External Service Providers (LLMs): This is the most important category, as it involves the data you actively process. When you make a call through the Software, your Input is sent to the AI provider you have configured. This could be a provider you connect to via our Account service or one you connect to directly with your own API key. Their processing of your Input is subject to their own terms and privacy policies.
  • Payment Processors: If you have an Account and purchase Credits, we use a dedicated merchant-of-record to securely process your payments and handle your payment data according to their own strict privacy and security standards.
  • Cloud Infrastructure Providers: Our backend services (for the Account system) are hosted on secure cloud platforms. These providers store our data but do not have access to its content.
  • Support Platforms: When you contact us for support, your query and contact information are managed through a customer service platform to help us track and resolve your issue efficiently.
  • Legal and Regulatory Authorities: We may disclose your data if required to do so by law, in connection with legal proceedings, or to protect the safety and rights of Iomine, our users, or the public.

5. International Data Transfers

Our service providers may be located outside the European Union (EU) or European Economic Area (EEA). When we transfer your personal data to countries like the United States, we ensure it is protected by appropriate legal safeguards, such as Standard Contractual Clauses (SCCs) or an adequacy decision from the European Commission.

6. Data Security

We implement robust technical and organisational measures to protect your personal data, including encryption, strict access controls, and regular security monitoring. Access to personal data is limited to personnel who have a legitimate business need and are bound by confidentiality obligations.

7. Data Retention

We retain your personal data only for as long as necessary.

  • Software Operational Data: Retained for a short period (e.g., up to 90 days) for security and analysis, then deleted or anonymised.
  • Account Information: Retained for as long as your Account is active. After you close your Account, the retention period depends on your activity:
    • For users who have purchased Credits: We are legally required to retain transactional and account information for a longer period to comply with financial and tax laws. For example, under Finnish accounting laws, these records must be kept for at least six (6) years after the end of the financial year in which the last transaction occurred.
    • For users who never purchased Credits: If your account has no payment history, your personal information will be deleted or anonymised within a shorter, commercially reasonable period (e.g., up to 180 days) after account closure, unless we need to retain it for security investigations or other overriding legal reasons.
  • Inputs and Outputs (when using an Account): We process this data transiently. Logs containing this data may be retained for a short, limited period (e.g., up to 30 days) for troubleshooting and security before being permanently deleted.
  • Usage Metadata (when using an Account): Retained as long as necessary for billing, analytics, and security, after which it will be deleted or anonymised.

8. Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): You can request that we delete your personal data, subject to certain legal limitations.
  • Right to Restrict Processing: You can ask us to limit the processing of your data in certain circumstances.
  • Right to Data Portability: You can request your data in a machine-readable format to transfer it to another service.
  • Right to Object: You can object to our processing of your data based on legitimate interests.

To exercise any of these rights, please contact us at support@iomine.zendesk.com. We may need to verify your identity before processing your request. You also have the right to lodge a complaint with a supervisory authority, such as the Finnish Data Protection Ombudsman.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will notify you by posting the new policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.

DesktopTools.ai

We use only functional cookies

This site uses strictly necessary cookies to make sure everything works as it should. No tracking or analytics cookies are used.