Privacy Notice

Effective Date: March 5, 2026

Last Updated: March 5, 2026

DotThink Lab LLC (“we,” “us,” or “our”) respects your privacy. This Privacy Notice explains how we collect, use, process, store, and share information in connection with our products and services.

For purposes of this Privacy Notice:

(A) “the Web Services” refers to the web-based service Audience Bridge and any related web-based features, functionality, or content made available by DotThink Lab LLC.

(B) “the App” refers to the iOS applications DotThink and Fridge2Meal, and any related iOS app features, functionality, or content made available by DotThink Lab LLC.

(C) “the Services” refers collectively to both the Web Services and the App.

By accessing or using the Services, you acknowledge the practices described in this Privacy Notice.

1. Eligibility Requirements

User eligibility criteria, including geographic, age, and service-specific requirements, are described in our Terms of Use. By accessing or using the Services, you represent that you meet the eligibility requirements applicable to the Services you use.

For the Web Services, you also represent that any account, business, or payment information you provide is accurate, complete, and current.

For the App, additional platform-specific requirements may apply, including Apple-related access and sign-in requirements as described in our Terms of Use.

If you do not meet the applicable eligibility requirements, you must not access or use the Services.

2. Information Collection, Processing and Storage

We collect, process, and store information as necessary to provide, operate, secure, maintain, support, and improve the Services.

(2.a) User Inputs and Responses

For the Services, user inputs, prompts, requests, uploaded materials, and related outputs or responses may be processed using our proprietary workflows, artificial intelligence systems, and third-party service providers, including AI model providers.

For the Web Services, this may include prompts, campaign inputs, business-provided context, uploaded materials, generated headlines, descriptions, images, and other creative outputs used to provide Audience Bridge. Such information may be processed and stored by DotThink Lab LLC and its service providers as reasonably necessary to operate, secure, support, improve, and provide the Web Services.

For the App, your inputs and the corresponding responses are processed using our proprietary algorithms, which may leverage third-party AI providers as part of the overall process. Such inputs and responses are stored either locally on your device or, if iCloud is enabled, in your private iCloud account via Apple’s CloudKit service. iCloud storage enables synchronization across your Apple devices. Except for anonymized, aggregated, or de-identified data described below, this app-stored content is not collected or retained by DotThink Lab LLC on our own servers unless otherwise specifically stated in this Privacy Notice.

(2.b) API Credentials (DotThink App Only)

For the DotThink App only, you must obtain API credentials, including API tokens, project IDs, and organization IDs, from the applicable AI provider and register them within the app where required.

These credentials are stored securely on your device using Apple’s secure storage system and are not transmitted to or stored by DotThink Lab LLC.

You may delete these credentials at any time through the DotThink App’s settings.

(2.c) Account Authentication (Fridge2Meal App Only)

For the Fridge2Meal App only, you are required to sign in using Sign in with Apple. During this process, we may receive your Apple-assigned user identifier and, if you choose, your email address, which may be a private relay address generated by Apple.

These credentials are used solely for authentication and app functionality. We do not store your Apple sign-in credentials on our servers. Authentication is securely managed by Apple.

(2.d) Account, Business, and Payment Information (Web Services Only)

For the Web Services, we may collect and process information you provide when creating or using an account, subscribing to a plan, purchasing top-offs or other paid features, contacting support, or otherwise using Audience Bridge. This may include your name, email address, company or business name, website, business profile information, login or authentication information, billing-related information, transaction information, subscription status, payment-related records, and customer support communications.

Payment transactions for the Web Services may be processed by third-party payment processors or merchant-of-record providers. We do not necessarily store full payment card details ourselves, but we may receive and store payment-related metadata, transaction records, billing status, subscription status, and similar information necessary to provide, administer, secure, and support the Web Services.

(2.e) Anonymized, Aggregated, and De-Identified Data Logging

We may collect and log limited anonymized, aggregated, or de-identified data about your use of the Services. This may include, for example, operational data such as usage volume, request size, processing time, token usage, image dimensions, feature interactions, generalized usage patterns, and service-performance metrics.

For the App, this may also include anonymized usage information such as recipe-related usage patterns for the Fridge2Meal App. We do not store the actual images you upload through the App as part of this logging.

For the Web Services, this may include generalized usage and operational metrics relating to campaign generation activity, feature usage, output generation, downloads, archive activity, and service performance.

We use this information for technical diagnostics, performance monitoring, analytics, abuse prevention, fraud prevention, service reliability, and service improvement. It is not used for third-party advertising or cross-context behavioral advertising.

(2.f) Device-Linked, Account-Linked, and Technical Information

We may collect technical identifiers, device information, browser information, app version information, operating system information, authentication-related data, session information, IP-derived regional information, or other technical data that may be associated with your account or use of the Services.

We use this information for purposes such as authentication, account access, service security, fraud prevention, abuse detection, troubleshooting, reliability, analytics, and service improvement. It is not used for third-party advertising or unrelated profiling.

We retain such information only for as long as reasonably necessary for the purposes described in this Privacy Notice and in accordance with applicable law.

(2.g) Analytics and Usage Tracking

We may use analytics tools and service providers, including Google Analytics or similar analytics providers, to collect usage and interaction data relating to the Services. This may include app launches, subscription events, feature interactions, device type, operating system version, app version, browser type, session duration, and generalized interaction patterns.

No personal user inputs or AI-generated content are shared with analytics providers unless expressly described in this Privacy Notice or otherwise required for the functionality of the Services.

We use analytics information to understand general usage trends, improve functionality, evaluate performance, and support product development. Where feasible, we use anonymization, aggregation, or similar privacy-protective measures.

(2.h) Retention

We retain information collected through the Services only for as long as reasonably necessary to fulfill the purposes described in this Privacy Notice, including providing the Services, maintaining account functionality, supporting transactions, improving the Services, detecting abuse or fraud, resolving disputes, complying with legal obligations, and enforcing our agreements.

3. AI Processing

The Services may use artificial intelligence (“AI”), machine learning systems, proprietary workflows, and third-party AI model providers to process user inputs and generate, transform, summarize, recommend, or otherwise provide outputs.

For the Web Services, this may include processing prompts, campaign context, uploaded materials, and related business inputs in order to generate advertising creatives and other campaign-related outputs for Audience Bridge.

For the App, this may include processing user inputs to generate responses, suggestions, recommendations, recipe-related outputs, idea exploration content, or other app functionality, depending on the specific App you use.

Limitations and Biases

AI-generated outputs may sometimes be incomplete, inaccurate, outdated, biased, inconsistent, misleading, or otherwise unsuitable for your intended purpose. You should independently review and evaluate AI-generated outputs before relying on, publishing, distributing, or otherwise using them.

For the Web Services, you are solely responsible for reviewing any generated ad creatives or campaign materials before using them in any live, public, client-facing, or paid advertising context.

4. Data Storage on Your Device

For the App, certain information may be processed and stored locally on your device in order to provide app functionality.

(4.a) User Inputs and Responses. User inputs and responses may be stored locally on your device unless iCloud is enabled. If iCloud is enabled, your data may also be stored in your private iCloud account through Apple’s CloudKit service to support synchronization across your Apple devices.

(4.b) API Credentials (DotThink App Only). For the DotThink App, API credentials are stored on your device using Apple’s secure storage system. These credentials are not transmitted to or stored by DotThink Lab LLC on our own servers. You may remove these API credentials at any time using the DotThink App’s settings or credential-management interface.

(4.c) Data Deletion. You may delete user inputs and responses through the applicable App’s interface on each of your devices. If iCloud is enabled, you should allow time for deletions to sync across your devices. To remove data stored in iCloud, you may also need to use your device’s iCloud settings to locate the app’s storage and delete that data. The exact steps may vary depending on your device model and operating system version.

For the Web Services, information you submit or generate through Audience Bridge may be stored in your account, in our systems, or through our service providers as reasonably necessary to provide, secure, maintain, support, archive, and improve the Web Services. This may include account information, billing-related records, inputs, generated outputs, and downloaded or archived creative-related materials, subject to our data retention practices and applicable law.

Please note: Data stored locally on your device or in accounts you control (such as your personal iCloud account) is managed by you through your device and account settings.

5. Third-Party Data

We may use third-party service providers to help us provide, operate, secure, maintain, support, and improve the Services. These providers may process information on our behalf or, in some cases, receive information directly from you when you use their services in connection with the Services.

For the Web Services, we may use third parties for services such as artificial intelligence processing, image generation, hosting, infrastructure, authentication, analytics, communications, storage, payments, subscription management, fraud prevention, customer support, and related operational functions.

For the App, we may use third parties for services such as artificial intelligence processing, Apple platform functionality, iCloud and CloudKit synchronization, authentication, analytics, diagnostics, crash reporting, and related app operations.

Without limiting the foregoing, the Services may interact with or rely on the following categories of third parties:

(5.a) AI Providers. User inputs, prompts, contextual materials, and related data may be shared with third-party AI providers, such as OpenAI or other model providers, to process requests and generate outputs in connection with the Services. These providers process data in accordance with their own terms and privacy policies.

(5.b) Apple. For the App, we use anonymized and aggregated diagnostic and crash data provided by Apple to improve app performance and stability. Apple processes and shares this data in compliance with its Privacy Policy, which provides equivalent or higher protection for user data.

(5.c) Payment Providers. For the Web Services, payment transactions, subscriptions, top-offs, billing operations, and related financial events may be processed by third-party payment processors or merchant-of-record providers. We may receive transaction records, billing status, subscription status, and related metadata from those providers, but we do not necessarily receive or store full payment card details ourselves.

(5.d) Hosting, Infrastructure, and Storage Providers. We may use third-party cloud, hosting, infrastructure, storage, or content-delivery providers to support the Services and store or transmit information as reasonably necessary to operate the Services.

(5.e) Analytics and Support Providers. We may use third-party analytics, diagnostics, communications, customer support, or similar service providers to understand usage trends, improve performance, provide support, and maintain the Services.

We do not sell your personal information for money. We do not share your personal information with third parties for their own independent marketing purposes.

Any information shared with third-party providers in connection with the Services is shared only as reasonably necessary for the purposes described in this Privacy Notice, subject to applicable law and the contractual or policy protections applicable to those providers.

6. Training Data Transparency

Our Services may use AI systems and models trained on a variety of datasets to generate outputs and provide functionality.

(6.a) Sources of Training Data. The underlying AI models used by the Services may be trained using a combination of publicly available data, licensed data, and data created or curated by the model provider and/or DotThink Lab LLC, depending on the model and provider.

(6.b) No Intentional Use of Personal or Sensitive Data for Our Model Training. We do not intentionally use your personal information or sensitive personal data from your use of the Services to train our own AI models.

(6.c) Service Improvement. We may use anonymized, aggregated, or de-identified usage data (such as operational metrics and generalized usage patterns) to improve the reliability, safety, and performance of the Services, including improving our workflows, monitoring quality, and preventing abuse.

(6.d) Third-Party AI Providers. Some AI functionality in the Services may be provided by third-party AI providers (for example, OpenAI or other providers). Those providers may process data in accordance with their own terms and privacy policies. Please review the applicable provider policies for information about how they handle data, including whether they use data to improve their services.

(6.e) Commitment to Transparency. We aim to be transparent about how the Services use AI and data. If our practices change in a way that materially affects how we use information in connection with AI training or service improvement, we will update this Privacy Notice accordingly.

7. Your Privacy Rights

As a user of the Services, you have certain rights to understand, access, manage, and request deletion of information as described in this Privacy Notice and as provided by applicable law.

(7.a) Transparency. You have the right to know how information is collected, used, processed, stored, and shared in connection with the Services. This Privacy Notice explains the categories of information we collect, how we use it, and the categories of third parties with whom it may be shared.

(7.b) Control Over API Credentials (DotThink App Only). In the DotThink App, you can change or delete your registered API credentials at any time through the app’s settings or credential-management interface.

(7.c) Deleting Your Data for the App.

    (7.c.i) User Inputs and Responses. Data generated through the App is stored locally on your device or, if iCloud is enabled, in your private iCloud account to support cross-device syncing. You can delete this data by using the App’s settings or interface to remove saved content or individual entries on each of your devices. If iCloud is enabled, you should allow time for deletions to sync across devices.

    (7.c.ii) App Removal. Uninstalling the App will generally remove data stored locally on that device but may not remove data stored in your iCloud account.

    (7.c.iii) iCloud Data. Data stored in your private iCloud account is managed through your Apple account and device settings. You may need to use your iCloud settings to remove such data.

(7.d) Deleting or Managing Your Data for the Web Services. For the Web Services, you may request deletion of your account information or other personal information that we maintain, subject to applicable law, our legitimate business needs, fraud prevention, security requirements, transaction records, dispute resolution needs, and other lawful retention requirements. Certain information may be retained as required to complete transactions, comply with legal obligations, enforce our agreements, detect fraud or abuse, or maintain appropriate business and financial records.

(7.e) Device-Linked, Account-Linked, and Technical Data. We may retain certain technical, device-linked, account-linked, billing-related, security-related, or fraud-prevention information for as long as reasonably necessary for the purposes described in this Privacy Notice and as required by applicable law.

(7.f) Opt-Out of Use. If you do not agree with this Privacy Notice or applicable third-party provider practices that are necessary for the functionality of the Services, you should discontinue use of the affected Services.

(7.g) Analytics. We may use anonymized, aggregated, or de-identified analytics information to understand usage trends and improve the Services. Where required by applicable law, you may have rights to limit certain analytics-related processing or request additional information.

We encourage you to exercise your rights in a manner that aligns with your preferences and applicable law. If you wish to make a privacy-related request, you may contact us at privacy@dotthinklab.com.

8. Security of Your Information

We implement reasonable administrative, technical, and organizational measures designed to protect information processed in connection with the Services from unauthorized access, use, disclosure, alteration, or destruction.

However, no system can guarantee absolute security.

You are responsible for helping protect your own information, including by maintaining the security of your devices, accounts, credentials, email access, and authentication methods, and by using the Services in a secure manner.

If you believe your account or information may have been compromised, please contact us at privacy@dotthinklab.com.

9. Children’s and Age-Restricted Privacy

The Services are not intended for use by individuals under 21 years of age. If you are under 21, you are not authorized to access or use the Services.

We do not knowingly collect personal information from individuals under 21. If we become aware that we have collected or processed personal information from a person under 21, we will take reasonable steps to delete such information as required by applicable law.

If you believe that we may have collected or processed information from someone under 21, please contact us at privacy@dotthinklab.com.

10. Acceptance of Third-Party Provider Policies

Some features of the Services may rely on third-party providers, including artificial intelligence providers, payment providers, hosting providers, authentication providers, analytics providers, and other service providers.

By using the Services, you acknowledge that certain information may be processed by such third-party providers as described in this Privacy Notice and, where applicable, subject to their own terms, privacy policies, and related practices.

If you do not agree with the practices of third-party providers that are necessary for the functionality of the Services you use, you must discontinue use of those Services.

11. Changes to This Privacy Notice

We may update this Privacy Notice to reflect changes in our practices or legal requirements. Please review this notice regularly.

12. Contact Us

If you have questions or concerns about this Privacy Notice, please contact us via email at 

Email: privacy@dotthinklab.com.