Privacy Policy

Last updated: April 11, 2026

1. Information We Collect

Account Information

• Email address
• Display name
• Profile picture (if provided via OAuth)
• Authentication provider data (Google)

Usage Data

• Messages sent to AI characters (encrypted)
• Character preferences and interactions
• Subscription and payment history
• Device type, browser, and IP address

Payment Data

Payment information is processed by Stripe. We do not store credit card numbers, CVVs, or full card details on our servers.

2. How We Use Your Information

• Provide and improve the Service
• Process payments and manage subscriptions
• Maintain conversation memory for AI companions
• Send service-related communications
• Prevent fraud and abuse
• Comply with legal obligations

3. Data Storage and Security

Conversations are encrypted in transit and at rest. We use industry-standard security measures including TLS encryption, secure database access, and regular security audits.

4. Data Sharing

We do not sell your personal data. We share data only with:

• Stripe — Payment processing
• AI Service Providers — To generate responses (messages are processed but not stored by providers)
• Hosting Providers — Infrastructure (Vercel, Supabase)
• Law Enforcement — When required by law

5. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request deletion of your data
• Export your data (portability)
• Object to processing
• Withdraw consent

To exercise these rights, email privacy@getbby.com

6. Cookies

We use cookies for:

• Essential — Authentication, session management
• Functional — Preferences (age verification, theme)
• Analytics — Usage patterns (only with consent)

You can manage cookie preferences through your browser settings.

7. Data Retention

• Account data: retained while account is active
• Conversations: retained while account is active
• Payment records: retained for 7 years (legal requirement)
• After account deletion: data removed within 30 days

8. Children

This Service is strictly for users aged 18 and over. We do not knowingly collect data from anyone under 18. If we discover an underage user, we will immediately terminate the account and delete all associated data.

9. Changes to This Policy

We may update this policy. We will notify you of material changes via email or in-app notification.

10. Contact

Data Protection Officer: privacy@getbby.com