Privacy Policy · v1.0 · last updated 2026-05-17

Privacy Policy

Short version: Cairn runs entirely on your Mac. We never receive, see, or store your screenshots, voice recordings, transcripts, or searches. There is no account, no login, no server. The application contains no networking code.

1. Who we are

Cairn (the "app") is published by Anton Platonov, operating as a sole trader at Bologna, Italy (P.IVA 04308291204), under the brand Sonavia. Contact: help@cairn.software. Full imprint: imprint.html.

In the language of the EU General Data Protection Regulation (GDPR) Article 4, we would be the "controller" of any personal data we processed. Because we do not in fact process any personal data on systems we control, this designation is largely theoretical for the Cairn product. Where personal data is processed entirely on your own device by software you choose to run, GDPR's "household exemption" (Recital 18) applies to you as the user, not to us.

2. What Cairn captures (on your device)

When you press the global capture hotkey, Cairn records:

• A still image of your screen or a chosen window (a PNG file).
• A short voice note that you speak into the microphone immediately after (a WAV file, up to 10 seconds).

Cairn then processes both locally on your Mac, using on-device machine-learning models, to produce:

• A text transcript of the voice note (the "voice tag").
• OCR text extracted from the image (the "OCR text"), via Apple's Vision framework.
• Short descriptive tags generated from the image (the "AI tags"), via a vision-language model.
• Numerical embeddings used for semantic search.

All of this is stored in a local SQLite database inside Cairn's macOS application sandbox container at ~/Library/Containers/com.sonavia.cairn/Data/Library/Application Support/cairn/. The contents of this folder never leave your Mac through Cairn.

3. What leaves your device

Nothing.

The Cairn macOS application binary contains no network code: no HTTP requests, no websockets, no third-party SDKs that would transmit data, no analytics, no crash reporting, no remote logging, no usage telemetry. This is a verified architectural property of the build, enforced both by code review and by the macOS App Sandbox.

The only network activity associated with Cairn outside the running app is:

• App Store updates: Apple's App Store on macOS may check for new versions of Cairn. This is handled by macOS, not by Cairn, and the data Apple receives is governed by Apple's Privacy Policy, not ours.
• One-time model download: on first launch, Cairn downloads a small vision-language model (about 1.2 GB) from Hugging Face. The download contains the model weights only; we do not send any information about you or your device. After the download, all inference runs locally.

4. On-device AI — transparency notice (EU AI Act Art. 50)

Cairn uses two on-device AI models to generate parts of the searchable index for your captures:

• Whisper (OpenAI) — transcribes your voice note to text.
• Qwen2-VL-2B-Instruct (Alibaba Cloud, 4-bit MLX conversion) — generates short descriptive tags from your screenshot.

These models run entirely on your Mac. No data is sent to OpenAI, Alibaba, or any other AI provider. The outputs (transcripts and tags) are model-generated and may be inaccurate — you should not rely on them where accuracy matters.

5. Voice recordings — not biometric processing

Voice recordings are transcribed locally by the Whisper model into ordinary text used to make your captures searchable. Cairn does not perform speaker identification, voice-printing, or any biometric processing within the meaning of GDPR Article 9(1) ("processing of biometric data for the purpose of uniquely identifying a natural person").

Specifically, Cairn does not collect, store, or use biometric identifiers or biometric information as defined by the Illinois Biometric Information Privacy Act (740 ILCS 14) or similar US state laws.

6. Sensitive data on your screen

Screenshots may incidentally contain information you, or others visible on your screen, would consider sensitive — including passwords, financial information, health information, the personal data of others, or content protected by third-party intellectual-property rights. Cairn never transmits this information off your Mac.

You can delete any individual capture from the in-app viewer. To remove all Cairn data from your Mac, uninstall the app and delete the folder at ~/Library/Containers/com.sonavia.cairn/.

7. Children

Cairn is not directed at children under 16. We do not knowingly collect data from anyone, including children.

8. We do not sell or share personal information

Cairn does not sell or share personal information within the meaning of the California Consumer Privacy Act (CCPA / CPRA), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Utah Consumer Privacy Act, the Texas Data Privacy and Security Act, the Oregon Consumer Privacy Act, or any analogous state law. There is no personal information to sell or share, because Cairn does not receive any personal information from your device.

9. Your rights

Because Cairn does not transmit, receive, or store your data on any system we operate, we cannot retrieve, export, or delete your data on your behalf. To exercise rights of access, portability, or erasure under GDPR, UK GDPR, CCPA/CPRA, or comparable laws:

• Access / portability: open the Cairn viewer to see your captures, or read the SQLite database directly at the path in §2.
• Erasure: delete individual captures in the viewer, or remove the entire container folder.

If you believe we have violated your rights despite this on-device design, you may contact us at help@cairn.software or lodge a complaint with your national data protection authority. The Italian supervisory authority is the Garante per la protezione dei dati personali.

10. Children, students, and workplace contexts

If you use Cairn at work or on a device shared with others, you are responsible for ensuring your captures do not include the personal data of others in a manner that would violate applicable law or your employer's policies. Cairn is designed for individual, voluntary, on-device use.

11. Changes to this policy

If we change Cairn's behavior in a way that affects this policy, we will update the version and date at the top of this page and archive the previous version at a versioned URL (e.g. /privacy/v1.0). Material changes will be announced in-app before the new behavior takes effect.

For changes that affect promises in the Privacy Pledge — for example, adding any feature that would send data off your device — we will bump the Pledge version, surface a one-time notice in-app before the new behavior takes effect, and link the change for review here.

12. Contact

Anton Platonov
Via Francesco Orioli 15/2
Bologna, Italy
P.IVA 04308291204
help@cairn.software

This document is the formal Privacy Policy for the Cairn macOS application and the cairn.software website. The plain-language Privacy Pledge restates the same commitments without legal terminology.