Your data stays yours. Encrypted in transit and at rest. Names and numbers redacted before any AI sees them. Voice transcribed on your phone and immediately discarded.
Four ideas Leo is built around. Each one is wired into the product, not promised in a document.
Just-in-time permissions. Leo asks for Notifications, Contacts, and Location only when you tap a feature that needs them — never upfront. Revoke any time from Settings.
Memory you can audit. Settings → “What Leo remembers” shows every fact Leo has saved, when it was saved, when it was last used. Tap any row to forget.
Names, emails, phone numbers, card numbers, and contact identifiers are tokenized before any LLM call. The model never sees your raw identifiers.
The Anthropic API key never ships to your device. Every AI call is server-side, behind authentication and rate limiting. Production access is restricted.
The mechanics, in plain language.
HTTPS / TLS on every endpoint — between the app and our backend, and between our backend and every third-party service we use. Backend storage is encrypted at rest.
Postgres on Railway with pgvector for memory facts. Production database access is gated to authorized operators. No third party is given access to user records.
Your session token is stored in EncryptedSharedPreferences — Android Keystore-backed AES256-GCM. Token TTL is 7 days. Rate limits on sign-in, support chat, and account deletion.
Before any message reaches the Anthropic API, our backend runs a two-layer redaction.
Layer 1 — regex tokenization. Email addresses, phone numbers, payment-card numbers, and government-ID-format strings are replaced with abstract placeholders.
Layer 2 — contact-name tokenization. Names from your contact list are matched and replaced with tokens like [CONTACT_3] and [CONTACT_3_EMAIL]. A hint legend is prepended to the prompt so the model can reason without the raw identities.
When the reply comes back, the original values are reconstructed in your view, before you see Leo’s response. The model never saw them — and Anthropic, per their API terms, does not train on the data we send.
Tap the microphone, dictate, watch the words appear — that’s on-device only.
When you tap the mic, Android’s SpeechRecognizer transcribes the audio on your phone and discards it as soon as the text is returned. Only the transcript reaches our backend — and only after the same PII redaction described above.
No raw audio is uploaded, retained, or sent to any third party. Ever.
A short list of things you don’t have to wonder about.
A clean exit if you want one.
Delete your account from Settings → Delete account in the app, or from valdrium.com/delete-account on the web.
Either path schedules deletion. You’re signed out immediately, push notifications stop, and your Google access token is revoked. Your account row and all associated data — messages, contacts, follow-ups, OAuth tokens — are permanently erased no later than 90 days from the request.
The 90-day window is there in case you change your mind. After it passes, the deletion is irreversible.
Two things you should know about us.
Privacy or security questions — or architecture deep-dives for a vendor review — reach support@valdrium.com.
Full data-handling policy: Privacy Policy.