Privacy Policy

Last updated: February 2026

1. Information We Collect

Account Information

When you register, we collect your name, email address, and profile image through OAuth providers (Google, Discord) or direct registration.

Usage Data

We collect information about how you use the Service, including message counts, conversation metadata, and feature usage for service improvement and billing purposes.

Chat Data

Your conversations with AI characters are stored to maintain conversation history and provide continuity. Message content is used solely for generating AI responses and is not shared with third parties.

2. How We Use Your Information

• To provide and maintain the Service
• To process payments and manage subscriptions
• To enforce usage limits based on your subscription tier
• To improve and personalize the Service
• To communicate service updates and changes
• To detect and prevent fraud or abuse

3. Third-Party Services

We use the following third-party services:

• AI Language Model Provider — Third-party AI service for generating character responses. Your messages are sent to the provider's API for processing.
• SubscribeStar — Subscription payment processing.
• Coingate — Cryptocurrency payment processing for credit packs.
• Google & Discord — OAuth authentication providers.
• Railway — Hosting and infrastructure provider.

4. Data Storage and Security

Your data is stored securely on Railway-hosted PostgreSQL databases. We use encryption in transit (HTTPS/TLS) and implement industry-standard security measures. Session data is temporarily cached in Redis.

5. Data Retention

Account data is retained as long as your account is active. Conversation data is retained until you delete individual conversations or your account. Usage logs are retained for 90 days for billing and analytics purposes.

6. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate personal data
• Delete your account and associated data
• Export your data in a portable format
• Opt out of non-essential data processing

7. Cookies

We use essential cookies for authentication and session management. No third-party tracking cookies are used.

8. GDPR Compliance

For users in the European Economic Area, we process data under the legal bases of consent and legitimate interest. You may exercise your GDPR rights by contacting us at the email below.

9. CCPA Compliance

California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to deletion, and the right to opt-out of the sale of personal information. We do not sell personal information.

10. Children's Privacy

WhisperLover is not intended for anyone under 18 years of age. We do not knowingly collect information from minors. If we discover that a minor has created an account, we will terminate it immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact

For privacy-related questions, please contact us at [email protected].