πŸ”’ Privacy first

What you share with us is yours.
Here is what we do to protect it.

We understand that what you share with the AI is personal. Your trust is the foundation of the entire service β€” and this is how we care for it.

Transparency with the AI

What the AI sees β€” and what it never does

βœ“

What the AI (Google Gemini) receives

  • Β·The text of your messages during the session
  • Β·A summary of previous conversations to keep continuity
  • Β·Your name (if you provided it) to personalize the experience

Google Gemini, under its enterprise API, has a zero-retention policy: it does not store your conversations or use them to train its models.

βœ—

What the AI NEVER does

  • Β·Does not train models with your conversations
  • Β·Does not cross your data with that of other accounts
  • Β·Does not share what you say with advertisers or third parties
  • Β·Does not make decisions about you based on your messages

Granular control

Private messages inside shared spaces

πŸ”’

In family, partner or friend spaces, you can mark any message as "private". That means only you and the AI see it. Neither your partner, your family, nor your friends will ever know it existed. The AI uses it as context to help you better β€” but no human ever reads it.

Human access

Who can read your conversations

πŸ‘₯

No one routinely

Our team does not read user conversations as part of our work. There is no manual audit of what you write.

🀝

Only when you ask

If you contact us because something goes wrong and you explicitly give us permission to review your account, then yes we can access β€” just to help you.

Infrastructure

Where your data lives

πŸ‡ͺπŸ‡Ί

Servers in Europe

DigitalOcean, with data center in the European Union. GDPR applies from the first byte.

πŸ—‚οΈ

Isolated per account

Each account lives in its own logical space. Accessible only with your credentials.

Under the hood

What technologies we use

These are the tools that power the platform. All industry leaders, with strict data protection policies and confidentiality agreements.

🧠

Google Gemini (AI)

Processes your messages to generate AI responses.

What we send:
The text of the conversation
Retention:
Zero-retention enterprise API β€” Google does not store your conversations nor train on them.
πŸŽ™οΈ

Groq Whisper (audio β†’ text)

Transcribes what you say when using voice mode.

What we send:
The audio you record during the session
Retention:
Processed in real time, not stored on Groq.
πŸ”Š

ElevenLabs (text β†’ voice)

Gives voice to the AI when you enable voice mode.

What we send:
The text the AI responds (not yours)
Retention:
Does not retain response content.
πŸ“Ή

Daily.co (video calls)

Powers group video calls.

What we send:
Live video/audio stream
Retention:
We do not record video calls by default.
πŸ’³

Stripe (payments)

Processes subscription payments.

What we send:
Billing data (never conversations)
Retention:
We never see or store your card details.
πŸ“Š

Google Analytics 4 (web analytics)

Measures traffic and aggregate usage to improve the platform. Only loaded if you accept analytics cookies.

What we send:
Pages visited, time on page, device (never conversations)
Retention:
Anonymized data; max retention 14 months. Revocable at any time.
πŸ“ˆ

Meta Pixel (advertising)

Measures the effectiveness of our ads on Facebook and Instagram. Loaded only if you accept marketing cookies.

What we send:
Conversion events (signup, quiz start); never conversation content
Retention:
Managed by Meta under their policy. Revocable via the cookie icon.

Technical detail

Specific cookies we use

Full list of cookies that may be installed in your browser depending on the categories you accept.

Necessary (always active)

No consent required
Name Purpose Duration
PHPSESSID / MERCURE_AUTHORIZATION Maintains the user session (login) and the real-time chat connection. Session
REMEMBERME Remembers your login so you do not have to authenticate again. 1 year
__stripe_mid, __stripe_sid Payment fraud prevention by Stripe. 1 year / 30 min
cc_consent (localStorage) Stores your choice about which cookie categories you accept or reject. 180 days

Analytics β€” Google Analytics 4

Requires consent
Name Purpose Duration
_ga Identifies unique visitors for statistical purposes. 2 years
_ga_<MEASUREMENT_ID> Maintains the measurement session state in Google Analytics 4. 2 years
_gid Distinguishes unique visitors over 24 hours. 24 hours

Marketing β€” Google Ads and Meta (Facebook / Instagram)

Requires consent
Name Purpose Duration
_gcl_au, _gcl_aw Measures conversions from Google Ads campaigns (conversion linker). 90 days
IDE, test_cookie Shows and measures relevant Google ads on other sites. 13 months
NID Stores user ad preferences from Google. 6 months
_fbp Identifies the browser to measure and personalize Meta ads. 90 days
fr Meta (Facebook and Instagram) remarketing across their ad network. 90 days

You can change your choice at any time:

Your rights

You are in charge of your data

πŸ“₯

Download

Request a copy of everything that is yours in structured format. We send it in under 72 hours.

πŸ—‘οΈ

Delete everything

From My account β†’ Delete account. Immediate and irreversible: messages, sessions, questionnaires, summaries β€” it all disappears.

✏️

Edit whenever

Modify your personal data, preferences and settings from your profile.

πŸšͺ

Withdraw consent

Cancel your subscription or opt out at any moment, without explanations.

πŸͺ

Manage analytics and marketing cookies

You can change your cookie preferences at any time. Also via the floating cookie icon at the bottom left.

Manage my account

Regulatory compliance

We comply with international regulation

πŸ‡ͺπŸ‡Ί

GDPR (European Union)

General Data Protection Regulation. Informed consent, right to be forgotten, portability, breach notification.

πŸ‡ΊπŸ‡Έ

CCPA (California, USA)

California Consumer Privacy Act. California residents can exercise rights of access, deletion and opt-out.

πŸ‡§πŸ‡·

LGPD (Brazil)

Lei Geral de Proteção de Dados. GDPR-equivalent principles applicable to Brazilian users.

πŸ‡¨πŸ‡¦

PIPEDA (Canada)

Personal Information Protection and Electronic Documents Act. Protection for Canadian users.

By operating under Spanish and European jurisdiction, we apply the strictest protections (GDPR) to every user worldwide, wherever they live.

Technical measures

How we protect your data technically

Your trust commits us.

Got any question about how we treat your data? Write us and we respond in under 24 hours.

Start for free Contact us

Want the full legal text, with legal basis article by article?

See full privacy policy β†’