Effective date: March 18, 2026 · Last updated: March 18, 2026
MiVia ("we", "our", "us") is operated by Del Puerto Pty Ltd. MiVia is a privacy-first AI personal assistant for iPhone that helps you manage your calendar, reminders, contacts, projects, and email. This Privacy Policy explains how we handle your information when you use the MiVia mobile application ("the App").
We built MiVia with a fundamental principle: your personal data should stay on your device. This policy describes exactly what data we access, how it is processed, and the measures we take to protect your privacy.
MiVia does not require you to create a MiVia account. App purchases and subscriptions are handled by Apple through the App Store. Data may be transmitted only in sanitized form when needed to provide AI features.
MiVia accesses the following data only with your explicit permission, and only to provide the features you request. All data listed below is read from your device's native frameworks and is never uploaded to our servers in raw form.
We read and write calendar events and reminders to help you manage your schedule, create events, set reminders, and provide context-aware assistance. Access requires your explicit permission via the iOS permission prompt.
We read your contacts to provide context about the people in your life, link contacts to projects, and help you manage relationships. We do not modify or delete contacts without your explicit instruction. Access requires your explicit permission.
Voice input is processed entirely on-device using Apple's built-in Speech Recognition framework. Audio is never recorded, stored, or transmitted to any server. You can use MiVia without ever enabling microphone access.
For iCloud Mail and other IMAP-compatible email providers, MiVia connects using an app-specific password you create in your email provider's account settings. These credentials are stored securely in the iOS Keychain on your device and are never transmitted to our servers. IMAP email data is handled identically to Gmail: fetched and processed on your device, sanitized on-device before any AI interaction, and never stored on any server.
If you choose to connect your Gmail account, MiVia requests read-only access to your email using the gmail.readonly OAuth scope. This allows MiVia to:
How your email data is handled:
Google API Services Disclosure: MiVia's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Google user data is accessed and used only to provide or improve user-facing features requested by you within MiVia.
MiVia uses Gmail data only to provide user-facing email features you request inside the app, such as displaying relevant messages in Daily Briefing, showing summaries and sender information, and filing emails to projects when you choose. MiVia does not sell Google user data, use it for advertising, or use it to train AI models.
Revoking Gmail access: You can disconnect your Gmail account at any time from MiVia's Settings. When you disconnect, all cached email data and OAuth tokens are permanently deleted from your device. You can also revoke MiVia's access from your Google Account permissions page.
MiVia uses a unique on-device sanitization architecture to give you the benefits of AI assistance without compromising your privacy:
Step 1 — On-Device Sanitization: Before any data leaves your device, personally identifiable information (names, email addresses, phone numbers, addresses) is detected and replaced with anonymous placeholders (e.g., "John Smith" becomes "{{PERSON_1}}").
Step 2 — Secure Transmission: Only the sanitized text is sent to our privacy proxy server via encrypted HTTPS. The proxy forwards the sanitized request to Anthropic's Claude AI for response generation. Neither our server nor Anthropic ever sees your real names, contacts, or personal details.
Step 3 — On-Device Rehydration: The AI response (containing only placeholders) is returned to your device, where the placeholders are replaced with the original values locally. The complete, personalized response is displayed only on your device.
When AI features are used, requests are associated with an anonymous internal identifier rather than your real name, email address, or account identity. Our privacy proxy server does not log, store, or retain any message content beyond the duration of processing a single request. No conversation history is maintained on our servers.
The following data is stored locally on your device and is never uploaded to our servers:
You can delete all locally stored data at any time from MiVia's Settings, or by deleting the app from your device. Deleting the app removes MiVia's locally stored data from your device, including conversations, project data, cached email metadata, and locally stored tokens.
MiVia uses Anthropic's Claude AI to generate responses to your messages. Anthropic receives only sanitized text that has been stripped of personally identifiable information on your device. Anthropic does not receive your name, contacts, email addresses, or any other personal details. For more information, see Anthropic's Privacy Policy.
Any third-party processor that handles sanitized request data on MiVia's behalf may do so only to provide the requested service and must protect that data in a manner consistent with this Privacy Policy.
If you connect a Gmail account, MiVia uses Google's OAuth 2.0 authentication to obtain read-only access to your email. MiVia adheres to the Google API Services User Data Policy, including the Limited Use requirements. We access only the data necessary to provide the email features described in this policy.
Apple handles App Store subscriptions and payment processing. MiVia does not collect or store any payment information. Apple also provides the on-device Speech Recognition framework that MiVia uses.
Because your data is stored locally on your device, you have full control over its retention:
Our servers do not retain any user data, conversation content, or personal information. There is no server-side data to delete.
MiVia is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has used MiVia, please contact us at info@mi-via.com and we will assist in ensuring any data is removed from the device.
If you are located in the EEA, you have additional rights under the General Data Protection Regulation:
We implement the following security measures to protect your data:
We may update this Privacy Policy from time to time. If we make material changes, we will notify you through an in-app notification before the changes take effect. Your continued use of MiVia after changes are posted constitutes acceptance of the updated policy.
We encourage you to review this policy periodically. The "Last updated" date at the top indicates when the most recent changes were made.
If you have questions about this Privacy Policy, your data, or your rights, please contact us: