Privacy Policy
Last updated: April 19, 2026
Overview
ACoinSight (the "App") is a desktop application for the digital appreciation of ancient Chinese coins, running on Apple's macOS platform. We adhere to the principle of "data minimization": the App does not require you to create an account, and does not collect your email address, name, phone number, contacts, photos, location, or any information that directly identifies you.
This policy explains the limited categories of data we may access or process in the course of providing our services, and how we protect them.
Information We Do Not Collect
- Your name, email address, or phone number
- Your Apple ID in plaintext
- Your location, contacts, calendar, or photos
- Any advertising identifier (we do not use the IDFA and do not serve personalized advertising)
- Behavioral analytics such as browsing, clicks, or dwell time
Information We Process
1. Apple Receipts and Entitlement Tokens
When you unlock paid content through an Apple App Store in-app purchase, the App receives a transaction receipt issued by Apple. We transmit this receipt to our servers for authenticity verification; once verified, our server issues an entitlement token (JWT) back to the App, which is used to authorize subsequent access to resources. Both the receipt and the token are generated by Apple's StoreKit framework and do not contain your Apple ID or your real name.
2. Device-Derived Identifier
The App uses standard Apple APIs to derive an encryption key locally on your device (based on the device's userDataDir path combined with an application-embedded salt, generated through PBKDF2 iterations) in order to encrypt paid resources cached to disk. This key exists only locally on your device, never leaves the device, and is never uploaded to any server. Its sole purpose is to prevent encrypted resource files from being copied to and used on other devices.
3. Request Metadata
When you request resources from the App—such as 3D models, high-resolution images, or content manifests—our servers log standard HTTPS request metadata (timestamp, resource path, and HTTP status code) solely for troubleshooting and security auditing. This metadata is not associated with any identifying information.
Third-Party Service Disclosure
The App relies on the following third-party infrastructure to deliver its services:
- Apple StoreKit / App Store Server API: processes in-app purchase transactions and receipt verification. Governed by Apple's own privacy policy.
- Cloudflare R2 + Cloudflare Worker: used to store and distribute static resources such as 3D models and high-resolution images; the Worker verifies the entitlement token at the edge before granting access. Cloudflare does not access your transaction data.
Should the App integrate any additional third-party services in the future (for example, error tracking or analytics tools), we will disclose and update this policy before enabling them.
Local Data Storage and Encryption
The App stores the following data locally on your device (the entitlement token in the macOS Keychain; everything else within the app’s sandboxed Application Support container):
- Entitlement token: the JWT issued after Apple receipt verification, stored in the macOS Keychain and used for offline authorization.
- Resource cache: paid resources such as 3D models and high-resolution preview images. All paid resources are encrypted with AES-256-GCM before being written to disk, using a device-bound key (see above), and cannot be decrypted on another device.
- Content manifest snapshot (
manifest-cache.json): read-only metadata (indexes of reign periods, dynasties, historical figures, etc.) that the App periodically retrieves from the server (approximately every 6 hours). It contains no personal data. - Application preferences: local settings such as Incense Timer durations, volume, and theme.
You may clear all local data at any time by uninstalling the App.
Gallery Mode and the Local MCP Interface
The App includes an optional feature called "Gallery Mode," designed for AI coding assistants (such as Claude Code, Cursor, and OpenClaw). It works as follows:
- The App runs a background HTTP server that listens only on the local loopback address (
http://127.0.0.1:23456). This port accepts connections only from applications on the same computer and is not accessible from any external network. - This server implements the Model Context Protocol (MCP) specification and exposes three tools:
startGalleryMode,stopGalleryMode, andsetupAutoGallery. - When your AI coding assistant begins a longer task, it may send a "start" command to this interface, at which point the App enters a fullscreen cultural screensaver displaying classical paintings and 3D coins; when the AI task finishes, it sends a "stop" command to restore the previous state.
- The App does not read any data from the AI client (it does not receive file contents, clipboard data, screenshots, or the like), and it does not send any of your local data to the AI client or to any external service. Gallery Mode controls only the display state of the App's own window.
- Any keyboard or mouse action on your part (for example, pressing ESC, clicking the window, or opening another application in fullscreen) immediately exits Gallery Mode; your actions always take priority.
- This feature is entirely optional. If you do not wish any external program to trigger state changes in the App, you may block
127.0.0.1:23456at the system level using a firewall, or disable Gallery Mode in Settings (where such a toggle is provided).
Your Rights
For Users in the European Economic Area, the United Kingdom, and Switzerland (GDPR / UK DPA)
With respect to any data we process that relates to you, you have the following rights: the right of access, rectification, erasure, restriction of processing, data portability, and the right to object to processing. You also have the right to lodge a complaint with your local data protection authority. To exercise any of these rights, please contact us using the details provided below.
Because the App does not collect information that identifies you, most requests (such as "access my data") may return a response of "no associated data." In practice, an "erasure" request is equivalent to "unbinding the entitlement token associated with your existing Apple purchase records."
For Users in California, Virginia, Colorado, and Other U.S. States (CCPA / CPRA / VCDPA, etc.)
You have the right to: (i) know the categories of personal information we collect and the purposes for which it is used; (ii) request deletion of personal information collected about you; and (iii) opt out of the "sale" or "sharing" of your personal information (the App does not sell or share any personal information).
The App does not discriminate against users who exercise their rights.
For Users in Other Regions (Japan's APPI, Korea's PIPA, Singapore's PDPA, Taiwan's Personal Data Protection Act, etc.)
We respect the rights afforded to you under the data protection laws of your region. Please contact us using the details provided below, and we will respond in accordance with applicable law.
Children's Privacy
The App is intended as a cultural appreciation tool for a general audience and is not directed at children under the age of 13. We do not knowingly collect any information from children under 13. If you are the parent or guardian of a child in this age group and believe your child has provided us with data, please notify us using the details provided below, and we will delete it promptly.
International Data Transfers
The App's server-side infrastructure (Cloudflare R2 / Cloudflare Worker) is operated by global service providers, and data may flow between multiple jurisdictions, including the United States and the European Union. All transfers are encrypted using TLS. Our contracts with these providers incorporate Standard Contractual Clauses or equivalent safeguards.
Changes to This Policy
If we make material changes to this policy, we will indicate them by updating the "Last updated" date within the App, and we will provide a prominent in-app notice of any significant change affecting your rights. Your continued use of the App constitutes acceptance of the updated policy.
Contact Us
For privacy-related questions, requests to exercise your rights, or any inquiries about this policy:
Email: support@acoinsight.com