Skip to main content

Data & Privacy

This page is a documentation summary. For full legal terms, refer to the official privacy policy on the website.

1. Why These Permissions Are Needed

Some Mask features rely on macOS system permissions. The app uses them only for the related feature paths and does not gain unrelated access just because permission is granted.

Screen Recording

Used for:

  • capturing the target window or a transient snip region
  • running OCR
  • producing the image input used before translation

Without this permission, Mask cannot perform screenshot translation, live window preview, or OCR correctly.

Accessibility

Used for:

  • auto page-turn
  • sending simulated clicks to the target window

If you do not use auto page-turn, this permission is usually not required for normal manual translation.

One important limitation: the Mac App Store build does not support auto page-turn at this time, so the store build usually does not depend on this capability for the core translation flow.

Input Monitoring

Used for:

  • detecting global cancel input
  • responding to certain global shortcut actions when needed

This permission is not used to read the actual content of what you type. It is used so the app can react to global cancel or related input events during the current session.

2. Local-First Principle

Mask follows a local-first data strategy. By default, these items are stored on your local device:

  • API keys (local secure storage)
  • Conversation and translation history
  • Local settings and preferences

3. What Mask Servers Do Not Retain

Mask servers do not retain:

  • Your API keys
  • Your conversation history
  • Your screenshot source text or translated text

4. Third-Party Model Services

When you enable third-party models (such as OpenAI, Anthropic Claude, Google Gemini, DeepSeek, Xiaomi Mimo, or remote Ollama), requests are sent to the selected provider.

Please note:

  • Each provider has its own privacy policy and retention rules.
  • Data processing by those providers is governed by their own terms.
  • Mask is not responsible for third-party provider data handling behavior.

5. Your Control

You can:

  • Delete local records anytime
  • Rotate or revoke API keys
  • Stop using any third-party model service
  • Do not expose full API keys in public environments.
  • Rotate high-privilege keys regularly.
  • Follow least-privilege principles when enabling API access.