Privacy Policy

Effective Date: March 15, 2026Last Updated: March 15, 2026

This Privacy Policy explains how ikiro collects, uses, discloses, and protects personal information when you use our websites, dashboard, and companion messaging experience.

1. Scope and Who We Are

This Privacy Policy applies to information processed through ikiro services, including our website, onboarding flow, authenticated dashboard, optional connected services, and companion interactions through supported messaging channels.

This Policy does not apply to third-party websites, platforms, or services we do not control, including Stripe, Twilio, Google, Apple, and other providers linked from our Service.

2. Information We Collect

Information You Provide

Account and profile details, such as phone number, name, optional email, pronouns, and settings.
Onboarding inputs, including survey responses and photos uploaded for personality/trait analysis.
Messages, prompts, attachments, and feedback you provide while using ikiro.
Support and account-management requests (including export and deletion requests).

Information From Service Use

Conversation metadata, session and authentication metadata, and usage events.
Generated profile and memory data (for example, personality traits, preference signals, and memory items).
Device, browser, network, and log information used for security and reliability.

Connected Services Data (Optional)

If you connect external accounts, we may access the categories of data authorized by you (for example Google Calendar, Gmail, or Google Drive) to provide requested features.

OAuth connection status and token metadata.
Service data needed to fulfill requested actions, reminders, summaries, or insights.

Payments and Transactions

Subscription and billing status, payment events, and transaction history.
Payment card information is processed by Stripe and is not fully stored by ikiro.

3. How We Use Information

We use information to operate and improve the Service, including to:

Create and manage user accounts, authenticate users, and maintain sessions.
Deliver companion responses, memory functionality, onboarding analysis, and MiniApp features.
Process payments, manage subscriptions, and provide billing support.
Provide optional connected-service functionality when authorized by you.
Detect abuse, enforce our Terms, prevent fraud, and secure the Service.
Analyze product usage, troubleshoot errors, and improve quality and safety.
Communicate service, security, billing, and support messages.

4. Legal Bases for Processing

Where applicable law requires a legal basis (such as under GDPR/UK GDPR), we process personal information on one or more of the following grounds:

Performance of a contract with you (providing the Service you request).
Your consent (for example, connecting optional third-party services).
Legitimate interests (security, reliability, abuse prevention, and product improvement).
Compliance with legal obligations and lawful requests.

6. AI and Automated Processing

ikiro uses automated systems, including large language and vision models, to generate responses, analyze inputs, and maintain companion context.

Outputs are generated probabilistically and may be inaccurate, incomplete, or inappropriate.
We may store prompts, outputs, and derived metadata to support continuity, debugging, and safety.
As of this policy date, we do not use your personal conversation content to train third-party foundational models provided through our commercial AI API providers.
If we introduce training/fine-tuning of ikiro models using personal conversation data in the future, we will provide notice and an in-product opt-out before that use applies.
Where available, we apply technical and policy controls to reduce unnecessary processing and improve safety.

7. Data Retention

We retain personal information for as long as needed to provide the Service and meet legal obligations.

Account and service data are generally retained while your account remains active.
If you request account deletion, we schedule deletion with a 30-day cancellation window.
Export files may be available for a limited period (for example, expiring download links).
We may retain certain records where required by law, for security, fraud prevention, dispute resolution, tax/accounting, or enforcement purposes.
Residual copies may persist in backups for a limited period before overwrite.

8. Security

We use administrative, technical, and organizational safeguards designed to protect personal information, including access controls, encryption in transit, token protections, and abuse monitoring.

No system is perfectly secure. You are responsible for safeguarding your devices and account credentials and for notifying us if you suspect unauthorized access.

9. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

Access, correct, or update your personal information.
Request export/portability of your data.
Request deletion of your account and personal information.
Object to or restrict certain processing.
Withdraw consent for optional integrations and disconnect linked services.
Opt out of eligible model-improvement/training uses, if and when those options are offered.

You can exercise many controls directly in the dashboard (for example connected services, export, and deletion) or by contacting us.

10. International Data Transfers

We and our providers may process data in the United States and other countries. Where required, we use appropriate safeguards for cross-border transfers.

11. Children

The Service is not directed to children. If you believe a child has provided personal information in violation of applicable law, contact us so we can review and take appropriate action.

12. Contact and Updates

If you have questions about this Privacy Policy or our data practices, contact:

Privacy

privacy@ikiro.ai

Legal

legal@ikiro.ai

Support

support@ikiro.ai

We may update this Privacy Policy from time to time. Material changes will be posted on this page, and the updated effective date will be revised above.