Privacy Policy

Welcome to Keiko AI Companion (“Keiko,” “App”), developed by DyvenTech LLP (“we,” “us,” or “our”). We are committed to protecting your privacy and providing a safe, personalized experience. This Privacy Policy explains how we collect, use, store, and share information about you when you use our mobile application, services, and website (collectively, the “Services”).

Please read this Privacy Policy carefully. By using our Services, you agree to the practices described in this policy.

Information We Collect

We collect the following types of information:

1. Information You Provide

• Account Information: When you register, we collect your email address, name, and authentication credentials (including information for social login if you choose that option).
• Profile Information: Information you provide in your user profile, including preferences, location (city, country), age, gender, and settings.
• Companion Customization: Information you provide to create and customize AI companions, including names, personality traits, interests, relationship types, familiarity levels, and other attributes.
• Conversation Content: The content of conversations between you and your AI companions, including text messages and any media shared.
• Media Content: Photos, images, and other media files you upload or share within the app.
• Feedback and Support: Information you provide when you contact our support team or provide feedback.

2. Information Collected Automatically

• Usage Information: How you use our Services, including interaction patterns, features used, conversation frequency, and time spent (collected via Mixpanel analytics).
• Device Information: Information about your device, including device type, operating system, unique device identifiers, mobile network information, and IP address.
• Log Data: Diagnostic logs, crash reports, performance data, and application events (monitored through Sentry error tracking).
• Notification Data: Information about notification preferences, delivery status, and engagement with notifications.

Advertising and Analytics

Analytics Services:

We use third-party analytics services to understand app usage:

• Mixpanel: Tracks user interactions, feature usage, and engagement metrics
• Sentry: Monitors errors and performance issues

These services may use cookies, device identifiers, and similar technologies. You can opt out of analytics tracking in your device settings or app settings.

Advertising (LIGHT Plan Users):

Users on the free LIGHT plan will see advertisements. We may share limited data with advertising partners to display relevant ads:

• Device information (type, OS, identifiers)
• General location (country/region, not precise location)
• App usage patterns

We do not share your personal conversations, companion data, or identifying information with advertisers.

Ad-Free Option:

Premium subscribers do not see advertisements and do not have data shared with advertising partners.

Your Advertising Choices:

• iOS: Settings → Privacy → Tracking → Disable “Allow Apps to Request to Track”
• Android: Settings → Google → Ads → Opt out of Ads Personalization
• In-App: Upgrade to Premium for an ad-free experience

How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Services
• Create and personalize AI companions based on your preferences and relationship specifications
• Implement our advanced memory architecture to enable companions to remember important information from past interactions, including short-term and long-term memory systems
• Generate AI responses and conversations using Google Vertex AI
• Generate vector embeddings of conversation content to improve memory retrieval and companion responses
• Process and manage your account and authentication
• Send personalized notifications and updates about your companions and our Services
• Enable relationship evolution and emotional intelligence features
• Respond to your comments, questions, and customer service requests
• Analyze usage patterns to understand user behavior and improve our Services
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Protect the rights and property of DyvenTech and others

Automated Decision-Making and AI Processing

AI-Generated Content:

Our service uses artificial intelligence (Google Vertex AI) to generate companion responses. This involves automated processing of your conversations to:

• Generate contextually relevant responses
• Create and maintain companion memory
• Personalize companion behavior

No Profiling for Legal/Financial Decisions:

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you. AI is used solely for entertainment and companion interaction purposes.

Your Control:

You can influence AI behavior through companion settings, personality customization, and by providing feedback on responses.

Data Storage and Security

We use industry-standard security measures to protect your information. All data is hosted and stored within the United States using the following secure infrastructure:

• Primary Database Storage: Your personal information, account data, conversations, companion profiles, and all user-generated content are stored in CockroachDB Serverless with encryption at rest and in transit
• Vector Storage: AI memory embeddings are stored in Milvus (Zilliz Cloud) with only user IDs as identifiers - no personal information is stored in the vector database
• Cache and Security: Temporary session data and one-time passwords (OTPs) are stored in Redis (Upstash) with automatic expiration (OTPs expire within 10 minutes)
• Media Storage: All photos, images, and media files are privately stored in Google Cloud Storage buckets with restricted access
• Application Hosting: Our backend services run on Hetzner Cloud infrastructure within the United States
• AI Processing: Conversation generation and AI responses are processed using Google Vertex AI
• Analytics and Monitoring: App usage analytics are collected via Mixpanel, and error tracking is handled by Sentry for service reliability

The conversation data used to train your AI companions' memory is processed using Google Vertex AI for natural language understanding. Vector embeddings are generated and stored separately from your personal information, using only anonymized user identifiers for memory retrieval and companion responses.

Data Breach Notification

In the event of a data breach that affects your personal information, we will:

• Notify affected users within 72 hours of discovering the breach (as required by GDPR)
• Inform relevant data protection authorities as required by law
• Provide details about the breach, data affected, and steps we're taking
• Offer guidance on protecting your information

How We Notify:

• In-app notification
• Email to your registered address
• Notice on our website (for widespread breaches)

Contact for Security Issues:

Report security vulnerabilities to apps@dyven.tech with subject “Security Issue - Urgent”

Data Retention

We retain your information for as long as your account is active or as needed to provide you with our Services. You have full control over your data with the following options:

• Delete your entire account and all associated data
• Reset individual companion memories and conversation history
• Delete specific conversations or messages
• Remove uploaded media files
• Clear long-term memory storage for specific companions

We may retain certain aggregated, de-identified information for analytical purposes and as required by law for legitimate business purposes, such as to resolve disputes or enforce our agreements.

Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following limited circumstances:

• Service Providers: With trusted vendors and service providers (CockroachDB, Zilliz, Upstash, Google Cloud, Hetzner) who need access to provide infrastructure services on our behalf, all bound by strict confidentiality agreements
• Legal Requirements: If required by law, regulation, legal process, or governmental request
• Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets (users will be notified)
• With Your Consent: When you have given explicit consent to share information
• De-identified Information: We may share aggregated, de-identified information that cannot reasonably be used to identify you
• Safety and Security: To protect the safety and security of our users or to investigate potential violations of our terms of service

Your Rights and Choices

You have comprehensive control over your personal information:

• Access and Portability: You can access, download, and export all your data through your account settings
• Account Deletion: You can permanently delete your account and all associated data at any time
• Companion Management: You can create, modify, reset, or delete individual AI companions and their associated memories
• Conversation Control: You can delete specific conversations, messages, or reset conversation history
• Media Management: You can remove any uploaded photos or media files
• Communication Preferences: You can manage all notification settings, including per-companion muting and quiet hours
• Privacy Controls: You can adjust privacy settings for companion visibility and data sharing preferences
• Data Correction: You can update or correct any personal information in your profile

Children's Privacy

Our Services are not directed to children under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected information from a child, please contact us immediately to have it removed.

Data Location and Transfers

All your data is stored and processed within the United States using US-based infrastructure providers. By using our Services, you consent to the storage and processing of your information in the United States. We implement appropriate safeguards to protect your data in accordance with applicable data protection laws.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information we collect and how we use it
• The right to delete your personal information
• The right to opt-out of the sale of personal information (we do not sell personal information)
• The right to non-discrimination for exercising your privacy rights

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

We process your personal data under the following legal bases:

• Contract Performance: To provide our services and fulfill our Terms of Use
• Legitimate Interest: To improve our services, ensure security, and prevent fraud
• Consent: For optional features like personalized notifications and analytics
• Legal Obligation: To comply with applicable laws and regulations

Your GDPR Rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (“right to be forgotten”)
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
• Right to Lodge a Complaint: File a complaint with your local data protection authority

Data Transfers:

Your data is stored in the United States. We rely on Standard Contractual Clauses (SCCs) and implement appropriate safeguards to protect your data when transferred outside the EEA.

Data Protection Authority:

You have the right to lodge a complaint with your local supervisory authority. Find your authority at: https://edpb.europa.eu/about-edpb/board/members_en

Indian Privacy Rights (DPDP Act 2023)

If you are located in India, you have rights under the Digital Personal Data Protection Act, 2023:

Your Rights:

• Right to Access: Request information about personal data processed
• Right to Correction: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of personal data (subject to legal retention requirements)
• Right to Grievance Redressal: File complaints regarding data processing
• Right to Nominate: Nominate another person to exercise rights in case of death or incapacity

Data Fiduciary Information:

• Company: DyvenTech LLP
• Registration: India
• Contact: apps@dyven.tech

Grievance Redressal:

We will acknowledge complaints within 24 hours and resolve them within 30 days. If unsatisfied, you may approach the Data Protection Board of India.

Cookies and Tracking Technologies

Types of Technologies We Use:

• Essential Cookies: Required for authentication and security (e.g., session tokens)
• Analytics Cookies: Used by Mixpanel and Sentry to understand app usage
• Performance Cookies: Help us optimize app performance and user experience

Mobile App Tracking:

Our mobile app uses:

• Device identifiers (IDFA on iOS, Advertising ID on Android)
• Session tokens for authentication
• Local storage for app preferences

Your Choices:

• Manage cookie preferences in app settings
• Disable advertising identifiers in device settings (see “Advertising and Analytics” section)
• Use Premium subscription for ad-free experience with minimal tracking

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or for other operational, legal, or regulatory reasons. We will post the revised policy in the app and update the “Last Updated” date. For material changes, we will provide additional notice as required by law, including in-app notifications or email communication.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: