Last Updated: 12 May 2026 Effective Date: 12 May 2026 Version: 2.0.0
What This Document Is
This document explains, in plain language, how ProTilo uses — and does not use — artificial intelligence ("AI"). It is a companion to our Privacy Policy §4.4 and satisfies our transparency obligations under:
EU AI Act (Regulation (EU) 2024/1689), in particular the transparency provisions of Article 50 for AI systems that interact with natural persons and generate or manipulate text content
GDPR Articles 13–14 (information to be provided when personal data is processed)
Apple App Store Review Guideline 5.1.1 (privacy disclosure)
If anything here is unclear, email privacy@protilo.com — we respond within 30 days.
What "AI" Means Inside ProTilo
ProTilo surfaces information at three levels of insight. Only L3 involves AI providers, and only with your explicit, manual action.
L1 — Deterministic Rules (on-device)
Simple comparisons against your own history: "You slept less than your 30-day average." These are produced by fixed, auditable rules that run entirely on your device. No AI is involved. No data leaves your device.
L2 — Pattern Matching (on-device)
Correlation-style patterns computed locally: "Low wellbeing in the last 3 days, mood score dropping." Still deterministic rules, still local, still zero external transmission.
L3 — AI Analysis (user-initiated manual export)
An opt-in feature in which ProTilo generates a text prompt summarising selected journal entries, copies it to your device clipboard, and offers a deep-link to open a third-party AI app of your choice:
Every L1 and L2 insight is labelled "Rules-based" inside the app. Every L3 output is labelled "AI-generated" with a "For personal reflection only — not medical advice" banner, in line with EU AI Act Art. 50 transparency for AI-generated content.
What ProTilo Does NOT Do
❌ We do not send your data to AI services automatically. ProTilo's code contains no outbound API calls to Gemini, Claude, ChatGPT, or any other LLM provider.
❌ We do not use AI to make decisions about you. No automated profiling for eligibility, pricing, access, or treatment under the meaning of GDPR Art. 22.
❌ We do not train AI models on your data. ProTilo's own insights (L1/L2) are rule-based, not learned. We do not ship your data to any third party for model training.
❌ We do not produce medical diagnoses. All outputs — rules-based and AI-generated alike — are for personal reflection only.
Who Is the Data Controller?
For L1 / L2 rules-based insights: ProTilo (Oleksandr Zayats, ENI) is the sole data controller.
For L3 AI Analysis exports: Until you paste the prompt, ProTilo is the controller. The moment you paste the prompt into Gemini, Claude, or ChatGPT, the receiving service becomes the controller for that interaction. Each provider's privacy policy applies:
You control when, what, and whether to share anything. ProTilo never initiates transmission.
Your Rights
Right to decline. Decline the AI Analysis consent modal — all non-AI features continue to work.
Right to withdraw consent. Turn off AI Analysis at any time in Settings → Privacy & Data.
Right to an explanation. Request a plain-language explanation of any specific insight via privacy@protilo.com (see Privacy Policy §7.7).
Right to erasure. Delete your ProTilo account at any time (Settings → Safety → Delete Account). ProTilo data is removed within 7 days; data you previously pasted into Gemini, Claude, or ChatGPT is managed under those providers' own policies.
Age Restriction
ProTilo, including the L3 AI Analysis Export feature, is available only to users aged 18 or older. See Privacy Policy §9 for the age-verification measures we apply.
Looking Ahead — Future Server-Side AI
The following describes a feature that is NOT active in the current version.
In a future release, ProTilo may introduce server-side AI processing — where the ProTilo backend itself sends a prompt to a third-party AI provider, receives a response, and stores the resulting insight in your account. If and when we introduce this:
We will request your separate, explicit, granular consent before any of your data is sent.
We will engage AI providers under written DPAs with Zero Data Retention enrolment.
We will update this document and the Privacy Policy with full detail and notify you at least 30 days in advance.
Declining consent will not affect access to any non-AI feature.
Until that release ships, all AI interaction remains L3 manual paste — you decide whether to share anything, and you do it yourself.
Changes to This Document
If we change how AI is used inside ProTilo, we will:
Update the "Last Updated" date and version number at the top of this document
Bump the version number (SemVer — MAJOR bumps require your re-acceptance)
Notify you in-app and via email at least 30 days in advance