AI Terms of Use

Last updated: 29 April 2026

nahbar offers some features that use artificial intelligence to suggest things — for example conversation topics before a meeting, gift ideas around a birthday, or insights into your relationship patterns.

This page summarises in plain language how these AI features work, which data leaves your iPhone for them, and what our AI provider does with it.

AI features are optional

You don’t have to use the AI features. nahbar works perfectly fine without them. The first time you want to use an AI feature, we’ll ask for your permission. Only after your explicit consent will any data leave your device.

You can withdraw consent at any time by simply no longer using the AI features. Data that has already been transmitted is unaffected.

Who is the AI provider?

We use the API of Mistral AI, a French company based in Paris. As a European company, Mistral AI is directly subject to the GDPR.

• Mistral AI SAS, 15 rue des Halles, 75001 Paris, France
• Mistral’s privacy policy: legal.mistral.ai/terms/privacy-policy
• Data Processing Addendum (DPA): legal.mistral.ai/terms/data-processing-addendum
• Usage Policy: legal.mistral.ai/terms/usage-policy

What data is sent?

When you start an AI feature for a specific person, the following information about that person is sent to Mistral AI:

• the first name (last names are never recorded in nahbar in the first place)
• the year of birth, if recorded — not the full date
• recorded interests
• the most recent saved moments and log entries for that person

Other data — your profile, your address book, other people, your ratings — stays on your iPhone and is not transmitted.

Text is sanitised before sending

Before any data leaves your device, it goes through automatic sanitisation. The following content is replaced with placeholders:

• Email addresses
• Phone numbers
• IBANs
• Links
• Long digit sequences

This way, identifiers accidentally entered into notes never leave the device in the first place.

Where is the data processed?

Mistral AI processes API data primarily within the European Union. In certain cases, processing may take place through sub-processors outside the EU. Mistral AI safeguards such transfers using the EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR. Further information is available in Mistral’s privacy policy linked above.

What happens to the data at Mistral?

• No training: Mistral contractually commits not to use API data to train its AI models.
• Retention: API requests are kept at Mistral for 30 days for abuse prevention and are then deleted automatically.
• No profiling: Mistral does not perform automated decision-making or profiling on your data.

Legal basis and withdrawal

The transfer is based on your explicit consent given through the app’s AI dialog — Art. 6(1)(a) GDPR.

You can withdraw this consent at any time by simply no longer using the AI features. The lawfulness of any transfers made before withdrawal remains unaffected.

Data Controller

The controller responsible for processing under the GDPR is Sven Hanold, Falkenweg 27, 89129 Langenau, Germany. Full contact details are available in the Legal Notice.

For general information about data privacy in the app, see the Privacy Policy App.