Privacy Policy

Scrykey — BYOK intelligent search · Last updated 9 April 2026

Scrykey is a bring-your-own-key search application for iOS and macOS. It runs entirely on your device. This policy explains — in plain language — what Scrykey does and does not do with your data.

The short version

• Scrykey has no backend server of its own.
• Your search queries are sent directly from your device to the providers whose API keys you configure (currently Brave Search and Mistral AI).
• Your API keys are stored in the Apple Keychain on your device and — if you enable iCloud Keychain — synchronised across your own Apple devices by Apple.
• Scrykey collects no analytics, no telemetry, no crash reports, and has no third-party trackers.
• There is no account to create. There is nothing to log in to.

What Scrykey sends, and where

When you run a search, Scrykey's code on your device makes HTTPS requests to the API providers whose keys you have entered. As of this writing:

• Brave Search — receives your search query and returns web results.
• Mistral AI — receives the search results together with your query, in order to synthesise an answer.

These requests go directly from your device to those providers. Scrykey does not route them through any intermediary. Whatever those providers log or store is governed by their privacy policies, not this one. You should review them if you care about the details:

• Brave Search API privacy notice
• Mistral AI privacy policy

What Scrykey stores on your device

• Your API keys, in the system Keychain. If iCloud Keychain is enabled on your device, Apple synchronises Keychain items across your Apple devices. Scrykey does not send your keys anywhere else.
• Your search history (queries, answers, citations), in a SwiftData store on your device. If iCloud is enabled for Scrykey, Apple may synchronise this history to your other Apple devices via CloudKit. Scrykey itself has no access to this iCloud data.
• Usage statistics (token and call counts, for your own cost tracking), in Apple's NSUbiquitousKeyValueStore. Same story: on your device and optionally Apple-synced between your own devices.

Scrykey does not copy any of this to any server operated by Scrykey or its author, because no such server exists.

What Scrykey does not do

• Scrykey does not operate its own backend.
• Scrykey does not collect analytics, page views, session data, device identifiers, or any usage telemetry.
• Scrykey does not include any third-party SDKs for advertising, attribution, crash reporting, or tracking.
• Scrykey does not sell, share, or monetise your data in any way. There is no “data” in any form Scrykey could sell — there is nothing to sell.
• Scrykey does not require an account.

Children

Scrykey is not directed at children under 13 and Scrykey's author does not knowingly collect any data from anyone. See above: Scrykey's author does not collect any data from anyone, period.

Changes to this policy

If this policy changes in a material way, the “Last updated” date at the top will change and the old version will remain in the repository's git history.

Contact

Scrykey is an independent project by originalblez. Questions about this policy can be raised as an issue at github.com/originalblez/scrykey-public/issues.