Privacy Policy

What stays local, what gets routed, and why the split matters.

AutoYou has two pairing modes. Local pairing (via Telegram, WhatsApp, or Signal) keeps everything on your device and server — no data is collected by AutoYou. Cloud Pair is an optional paid feature that routes through app.autoyou.me and requires an account. This page explains exactly what each surface handles.

Local pairing

Telegram, WhatsApp, or Signal — zero data collected

When you pair your phone to your AutoYou server using your own messaging partner (Telegram bot, WhatsApp, or Signal), the entire connection is peer-to-peer over WebRTC. AutoYou does not operate a server in that path. No account is needed, no data is sent to AutoYou, and nothing is stored on our infrastructure.

Cloud Pair

Optional paid feature — limited data collected

Cloud Pair lets you connect to your AutoYou computer from anywhere without switching apps. It requires a sign-in on app.autoyou.me and an active subscription. To provide this service, we collect and store the data described below. Once paired, the actual chat, voice, and browsing traffic still flows peer-to-peer over WebRTC — the cloud only brokers the initial connection.

Website

Public pages on www.autoyou.me

The public website explains the product and hosts the support form. If you submit a support message, the details you provide are delivered to support@autoyou.me. No analytics SDK or tracking pixel is loaded on these pages.

Cloud Pair — data we collect

Only what is needed to authenticate you and manage your subscription

When you use Cloud Pair, the following data is stored on app.autoyou.me:

  • Email address — used for sign-in and account recovery.
  • User ID — an internal identifier linking your account to your devices.
  • Device name and public key — registered when you pair a phone or server so they can find each other.
  • Subscription status — whether you have an active plan, which tier, and the associated Apple or Google purchase token so we can verify subscription validity.
  • OAuth provider ID — if you sign in with Apple, Google, or GitHub, we store the provider-issued subject identifier. We do not store your provider password.

We do not collect or store message content, voice audio, browsing history, files, contacts, location, or any on-device sensor data. The relay queue used during Cloud Pair connection setup is held in memory only and is never persisted to disk.

Microphone

Used only when you explicitly start voice features

AutoYou requests microphone access only for voice calls or voice notes. Audio is streamed peer-to-peer to your own server for speech-to-text processing. It is never sent to AutoYou infrastructure. You can disable voice calling in settings.

Camera

Used only for QR-based setup or pairing

QR scanning is used for zero-touch provisioning and authenticator setup. The camera is released immediately after the scan completes. AutoYou does not access the camera in the background.

Browser proxy and files

Traffic moves through your own server, not ours

Browser proxy requests, staged files, and attachments travel over the peer-to-peer WebRTC connection to your AutoYou server. Destination sites receive the request metadata they normally would from your server's IP address, not from AutoYou infrastructure.

No account required

The app works fully without signing in or creating an account

AutoYou does not require you to create an account or sign in to use the app. You can pair with your server using Telegram, WhatsApp, or Signal and use every feature — chat, voice, browser proxy, notes, file transfer — without ever providing an email address or any personal information to AutoYou.

An account is only needed if you choose to enable Cloud Pair, an optional paid convenience feature. If you never enable Cloud Pair, no data is linked to you and no data leaves your device or your own server.

Encryption in transit

All data is encrypted in transit

Cloud Pair API traffic between your device and app.autoyou.me is served over HTTPS (TLS 1.2+). All API requests, authentication tokens, and relay messages are encrypted end-to-end between your device and the server.

Peer-to-peer traffic (chat, voice, browser proxy, file transfer) between your phone and your AutoYou server uses WebRTC, which encrypts all data channels with DTLS and all audio/video streams with SRTP. This encryption is mandatory in WebRTC and cannot be disabled.

At rest, Cloud Pair account data is stored in an encrypted database on infrastructure we operate. Local pairing credentials and server configuration are stored on your own devices using platform-standard storage (Keychain on iOS, SharedPreferences on Android, filesystem on your server).

Data retention

Kept only while your account is active

Cloud Pair account data is retained for as long as your account exists. Relay queue entries and temporary pairing state are held in server memory and are automatically purged every two minutes or when the connection completes, whichever comes first.

Account deletion

Delete everything from the app or by email

You can permanently delete your Cloud Pair account and all associated data from Settings → Delete Account in the iOS or Android app. Deletion removes your user record, devices, messages, transfer logs, and subscription tokens. You can also request deletion by emailing support@autoyou.me. For full step-by-step instructions, see the account deletion page.

Stored secrets

Connection credentials stay on your device and server

Server passwords, QR-derived authenticator data, and STUN/TURN credentials are stored locally on your phone and your AutoYou server. They are never transmitted to app.autoyou.me or any AutoYou-operated infrastructure.

Contact

Questions, deletion requests, or reviewer inquiries

If you have a privacy question, a data deletion request, or an app-review inquiry, email support@autoyou.me. We aim to respond within 48 hours.

Last updated: March 28, 2026.