InvokeFlow builds programmable runtimes — InvokeFlow Aria (displays), InvokeFlow Composer (desktops), and InvokeFlow Conductor (the control console) — that turn your screens and desktops into surfaces you can command over MQTT. This policy explains what data InvokeFlow products collect, how it is used, and what control you have.
InvokeFlow products are developed by InvokeFlow Inc. ("we", "us", "our"), a Delaware corporation. For privacy questions, contact us at privacy@invokeflow.ai.
InvokeFlow Aria can use your device's camera and microphone for the following features, all of which are optional and disabled by default:
All camera and microphone processing happens on your device. Images, video, and audio are not sent to our servers. If you configure integrations (such as an MQTT broker, Home Assistant, or a Feature Server), media may be transmitted to the services you choose to connect to — but only to those services and only when the relevant feature is active.
Aria's machine-learning features — face, person, and motion detection, speech-to-text, and text-to-speech — run locally: on your device, or on your own self-hosted Feature Server. They do not use a third-party AI service, and the images, video, audio, and text they process are not sent to us or to any third party.
Aria also offers an optional AI assistant that you enable and configure. You choose where it runs:
Before any cloud AI provider is enabled, the app shows an in-app notice that names the specific provider and explains that your input will be sent to that third-party service, and asks for your explicit consent. No data is sent to a cloud AI provider unless you enable the assistant, select that provider, and agree. The connection is directly between your device and the provider using your own API key — we are not involved in that exchange.
If you use the facial recognition feature, face training data (mathematical representations of facial features, not photographs) is stored locally on your device. This data is never uploaded to our servers or shared with third parties. You can delete all stored face data at any time through the app's settings.
InvokeFlow Composer is a native agent that manages real application windows on a desktop you control. It can capture screenshots and publishes window and process telemetry to the MQTT broker you configure. Composer maintains a tamper-evident audit log of the commands it handles; this log is stored locally on the device and is not transmitted to us. Composer runs non-elevated and only manages windows on the machine where you install it.
InvokeFlow products collect basic device information locally, including battery level, CPU and memory usage, platform type, brightness, and volume. This information is used for on-screen status displays and performance optimization. It is only transmitted to your own MQTT broker if you have configured one — it is never sent to us or to any third-party service.
If you enable the optional location feature, latitude and longitude may also be published to your MQTT broker. Location data is never sent to our servers.
InvokeFlow apps can send anonymous crash reports and diagnostic data to help us improve the product. This feature is off by default. If you choose to turn it on in Settings, the following data may be sent when an error occurs:
Before transmission, the app automatically strips API keys, tokens, passwords, and other sensitive values from reports. No personally identifiable information is included. You can turn this on or off at any time in Settings > General > Crash Reports & Diagnostics.
If you use the weather widget, your location (latitude and longitude) and your OpenWeatherMap API key are sent to the OpenWeatherMap service to retrieve weather data. This is a direct connection between your device and OpenWeatherMap — we are not involved in that exchange. OpenWeatherMap's own privacy policy governs their handling of that data.
All purchases are processed by Paddle.com Market Limited ("Paddle"), our Merchant of Record. When you purchase a license, Paddle collects your name, email address, and payment information directly. We do not see or store your payment details. Paddle's privacy policy governs how they handle your billing information.
All MQTT communication occurs between your devices and the broker you configure. We do not operate, intercept, or have access to your MQTT broker or the messages sent through it. If you connect to a public MQTT broker, be aware that any data you publish will be sent to that server.
InvokeFlow products may connect to the following third-party services depending on which features you enable. Each is optional and configured by you:
We are not responsible for the privacy practices of these third-party services. Their use is governed by their respective privacy policies.
All InvokeFlow product data is stored locally on your device. You can delete it at any time by:
We do not retain any data on our servers, so there is nothing for us to delete on our end. For Paddle billing records, contact Paddle directly.
Depending on your jurisdiction, you may have the right to access, correct, or delete personal data. Since InvokeFlow products store all data locally on your device, you already have full control. If you have questions or need assistance, contact us at privacy@invokeflow.ai.
InvokeFlow products are not directed to children under 13, and we do not knowingly collect personal information from children. Because all data is stored locally on devices you control, no personal information is transmitted to us.
We may update this policy from time to time. Changes will be communicated through the app or on our website. Continued use of InvokeFlow products after changes constitutes acceptance of the updated policy.
For questions about this privacy policy, contact: privacy@invokeflow.ai
© 2026 InvokeFlow Inc. All rights reserved.