Effective date: 07 April 2025
Personal data that you provide
Personal data that we receive automatically from your use of the Services
All the information above is your personal data, and we call it this way throughout the privacy policy
We process your personal data for the following purposes:
Aggregated or de-identified information
We may aggregate or de-identify certain personal data, but only in connection with specific scientific research initiatives or product development:
From time to time, we may share or publish aggregated information like general user statistics with third parties, including research institutions. We will maintain and use de-identified information in anonymous or de-identified form and we will not attempt to re-identify the information unless required by law.
We do not sell or rent your personal data for monetary gain. We do not disclose your personal data except as described in this Privacy Policy. We may share your personal data with service providers who help us operate and support our services, as described in this Privacy Policy.We also do not use any information obtained through Apple HealthKit or Google Health Connect for advertising or similar purposes. We do not sell such information to advertising platforms, data brokers, or any other third parties.
When we process your personal data for the purposes described above, we rely on the following legal bases:
Purpose of processing
Type of personal data processed
Legal basis
To provide and maintain our Services
General details
Health and wellbeing data
Geolocation data
Conversations with in-app AI Assistant
Conversations with iMessage AI Assistant
Conversations with Telegram AI Assistant
Customer Support Communication information
Log data
Usage details
Device information
Cookies and similar technologies
Where necessary to perform a contract with you, such providing you with a personalized plan, or enabling communications with AI Assistant.
For processing of your health and wellbeing data, we rely on your consent.
To improve and develop our Services and features and conduct research
General details
Conversations with in-app / Telegram AI Assistant (de-identified)
Log data
Usage details
Device information
Cookies and similar technologies
Where necessary for our legitimate interests, including in developing and improving, such as when we train our models or improve the App for your future experience.
To check if your age allows you to use the App
General details
Where necessary to perform a contract with you, such providing you with our services only if you meet the age threshold.
To provide you with customer support and respond to your inquiries
General details
Customer Support Communication information
Log data
Usage details
Device information
Where necessary for our legitimate interests, in particular in supporting your customer journey.
To provide you with customer support and respond to your inquiries
General details
Customer Support Communication information
Log data
Usage details
Device information
Where necessary to comply with an obligation arising out of a contract between us or out of applicable laws.
To send you marketing information about our Services, promotions, insights
General details
Customer Support Communication information
Log data
Usage details
Device information
Your consent where we ask for it to process your personal data for sharing with you promotions or insights
To integrate data between the Website and the App in connection with onboarding users
General details
Log data
Usage details
Device information
It’s our legitimate interest to ensure your smooth use of the Services.
To find audiences similar to our users
General details
Log data
Usage details
Geolocation data
Device information
With your consent, we may share some of your non-health personal data with AppsFlyer or similar services to promote our Services.
To prevent misuse of our Services and to ensure the security of our IT systems, architecture, and networks
General details
Customer Support Communication information
Conversations with in-app / Telegram AI Assistant (de-identified)
Log data
Usage details
Device information
Cookies and similar technologies
Where necessary to comply with a legal obligation.
Where we are not under a specific legal obligation, where necessary for our legitimate interests and those of third parties, including in protecting our Services from abuse, fraud, or security risks, such as processing data from security partners to protect against fraud, abuse, and security threats in our Services.
To comply with legal obligations and protect the rights, privacy, safety, or property of our users, us, our affiliates, or any third party
General details
Customer Support Communication information
Conversations with in-app / Telegram AI Assistant (de-identified)
Log data
Usage details
Device information
Cookies and similar technologies
Where necessary to comply with a legal obligation.
Where we are not under a specific legal obligation, where necessary for our legitimate interests and those of third parties, including in protecting our Services from abuse, fraud, or security risks, such as processing data from security partners to protect against fraud, abuse, and security threats in our Services.
To anonymize your personal data
Health and wellbeing data
Geolocation data
Usage details
Where necessary for our legitimate interests, such as when we use it to:
conduct scientific research, or
analyze the effectiveness of the Services, or
improve and add features to our Services, or
for such other similar purposes.
We retain your personal data for as long as your account remains active or for as long as it is necessary to fulfill the purposes for which it was collected and processed. This includes, for example, resolving disputes, ensuring the security of our Services, or complying with legal obligations.If you choose to deactivate your account, we will retain your personal data for no longer than one month, in case you decide to re-activate the Services.Certain information, such as general account details, in-app purchase history, communication records, and consent logs, may be retained for longer periods where required by law or where necessary to resolve disputes or enforce our agreements.We may anonymize personal data, meaning we remove all identifiers so that the data can no longer be linked to you. This is done only when necessary for specific scientific research projects. We do not anonymize personal data for internal analytics, product development, or service improvement. Anonymized data may be retained indefinitely.
We want to make sure that you are fully aware of all your data protection rights and the ways you can exercise them. These rights may differ across countries.
We want to make sure that you are fully aware of all your data protection rights and the ways you can exercise them. These rights may differ across countries.
Withdraw your consent – where we rely on consent as the legal basis for processing at any time. Lodge a complaint with the data protection authority. You have the right to lodge a complaint with a local data protection authority in the country of your residence, where you work or where an alleged infringement of the applicable data protection law took place. Please see a list of EU member states’ supervisory authorities here, and the UK’s supervisory authority (ICO) here.
Note that these rights may be limited:
for example, if you ask us to delete information that we are required to retain by law or where we have compelling legitimate interests to keep. If you are a resident of countries other than EU, EEA or UK: How to exercise the rights:
You can exercise some of the rights above through the App settings. If you are unable to exercise your rights through the App, please submit your request through hey@pallie.ai. If you make a request, typically we would perform it within one month. If we need any more time to help you exercise any of your rights, we will let you know. If your request is vague or unclear, we may engage into a conversation with you to understand your request better. We may also refuse to act on manifestly unfounded and excessive requests.We can ask you to prove your identity while exercising your data protection rights. This is made to ensure that you are indeed entitled to receive certain information and that no rights of third parties are violated by your request. If we can’t verify your request, we will not act on your request. You may submit a request through an authorized agent. If you do so, the agent must present signed written permission to act on your behalf and you may be required to independently verify your identity.
We take the protection of your personal data very seriously and we take reasonable and appropriate measures to protect them from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction.
Among others, we utilize the following information security measures to protect your personal data:
Please understand that no security system is perfect and, as such, we cannot guarantee the absolute security of the Services, or that your information won’t be intercepted while being transmitted to us. In case your personal data got compromised due to a security breach, we will act promptly to identify the cause and take all reasonable steps to remedy the breach. We will inform you of the incident, if necessary, in connection with the applicable legislation. If you want to report a security incident related to our Services, please contact us at hey@pallie.ai.
Our Services are not directed at, or intended for, children under 18 years old. If you are aware of anyone under 18 using the Services, please contact us at hey@pallie.ai and we will take the required steps to delete such information and/or delete the account.
In some situations, we engage other companies to process your personal data on our behalf. We refer to these companies or service providers as “processors.” Processors are companies that help us run the Services, support our communication with you, or perform other App-related activities. They process certain personal data on our behalf to accomplish the goals related to the App functions and deliver the Services and associated activities. We remain responsible for any acts or omissions of our processors, and we enter into data processing contracts with them to the extent required by applicable law.
In some situations, we engage other companies to process your personal data on our behalf. We refer to these companies or service providers as “processors.” Processors are companies that help us run the Services, support our communication with you, or perform other App-related activities. They process certain personal data on our behalf to accomplish the goals related to the App functions and deliver the Services and associated activities. We remain responsible for any acts or omissions of our processors, and we enter into data processing contracts with them to the extent required by applicable law.
Transfers of personal data outside of the European Union, the European Economic Area, and the United Kingdom
Where required under the EEA GDPR, in case of transfers of personal data from the EEA to countries outside the EEA, where we cannot rely on adequacy decisions adopted by the European Commission (for more information, please see here) we ensure appropriate safeguards are in place to guarantee the continued protection of your personal data, particularly by signing the Standard Contractual Clauses of the European Commission (article 46(2)(c) GDPR). For more information on these Standard Contractual Clauses, please see here. Where required under the UK GDPR, in case of transfers of personal data to countries outside the United Kingdom, we ensure appropriate safeguards are in place to guarantee the continued protection of your personal data, particularly by signing the UK Addendum to the EU Standard Contractual Clauses or the UK International Data Transfer Agreement, whichever is more appropriate in the given situation. For more information on the UK Addendum and the UK International Data Transfer Agreement please see here. We may also guarantee the protection of your personal data by relying on adequacy decisions adopted or approved by the authorities in the United Kingdom.
In order to provide core functionality of the App, including AI-powered responses, we may share certain personal data or message content with third-party providers who supply large language models (LLMs) or other machine learning services. These providers may include, but are not limited to, OpenAI, Google, and Anthropic. All data shared with such providers is subject to strict contractual obligations and processed solely for the purpose of delivering the App’s functionality, in accordance with this Privacy Policy.
When you use our Services, we and our service providers, vendors, and partners, including third parties, may use cookies (a small text file placed on your computer or mobile device to identify your computer and web browser) and other similar technologies to collect or receive certain information about you and/or your use of our Services.
However, it’s not only cookies that can be used in this way. Functions performed by a cookie can be achieved by other means, too. This Section, therefore, also applies to any similar technology that stores or accesses information on your device. This could include, for example, HTML5 local storage, local shared objects, beacons, pixels, and plug-ins.
We also use third-party analytics tools (such as, but not limited to, AppsFlyer, Google Analytics, Google Looker Studio, HotJar, Amplitude, Firebase), to help us measure traffic and usage trends of our Services, as well as for other analytics purposes. Such analytics tools collect information via third-party SDKs incorporated into the Services App, which includes information about features of the App you visit or use, your actions in the App, and information about your subscription. Such information may be used to provide content, advertising, or functionality.
Third parties may also use such information for their own purposes. For the avoidance of doubt, we do not use health and wellbeing data for advertising purposes.
Cookies. Generally, there are many different ways to classify cookies. Most common ways are classification by duration, by provenance and by purpose.
Software Development Kits (SDKs). SDKs are third-party software development kits that may be installed in our mobile application. SDKs help us understand how you interact with our App and collect certain information about the device and network you use to access the application.
Our App is never used to present you with third-party advertising. You can browse with full confidence in the protection of your privacy. Access is requested with the purpose of enabling the use of our services and improving their functioning.
Certain SDKs, where legally required, are subject to a prior consent request and the possibility of withdrawing this consent. Our services may still be used even if you refuse or withdraw your consent for certain SDKs, unless those SDKs are essential for the App to function properly.
AppsFlyer SDK: Facilitates measurement of performance and analysis of customer acquisition campaigns.Further information about AppsFlyer SDK is available at https://www.appsflyer.com/product/security-and-privacy.
You can deactivate this data processing at any time via https://www.appsflyer.com/optout. In order to do so, you must have the Identifier for Advertisers (IDFA) of your mobile device.You can also withdraw your consent for the collection of data for targeted advertising or sharing their data with third-party advertisers through your device’s settings.
Advertising ID. You can tailor your device settings to control your advertising ID:
Interest-based Advertising. We may partner with ad networks and other ad-serving providers that serve ads on behalf of us and others on non-affiliated platforms. Some of those ads may be personalized, meaning that they are intended to be relevant to you based on information ad networks and ad serving providers collect about your use of the App over time, including information about relationships among different browsers and devices. This type of advertising is known as interest-based advertising.
Your Choices. Most browsers and devices are configured to accept cookies and similar tracking technologies automatically. You may be able to set your browser and device options so as to limit such technologies. You can visit the Digital Advertising Alliance (“DAA”) Webchoices tool at www.aboutads.info to learn more about this interest-based advertising and how to opt out of this kind of advertising by companies participating in the DAA self-regulatory program, and http://www.aboutads.info/appchoices for information on the DAA’s mobile app opt-out program. You can also opt out of receiving interest-based ads from members of the Network Advertising Initiative (“NAI”) by visiting the NAI consumer opt-out page at http://optout.networkadvertising.org/?c=1#!/.
Opting out of receiving interest-based ads does not mean that you will no longer receive ads from us, but rather that the ads will not be tailored to your perceived interests.To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.
For users in the European Economic Area, United Kingdom, and United States. You can manage the collection and processing of Personal Data via cookies, SDKs, and other tracking technologies by contacting us at hey@pallie.ai.
You may find that some parts of the App may not function properly if you have refused cookies or similar tracking technologies, and you should be aware that disabling cookies or similar tracking technologies may prevent you from accessing some of our content. Your choices are typically device and browser-specific.
If you are using our Services, you may receive electronic communications from us (e.g., by posting in-app notices, via push notifications or emails). We send some of these communications to you, such as those related to your subscriptions, technical and security notices, and updates to the Privacy Policy and Terms of Use, where necessary to perform our contract with you to provide the App or otherwise based on our legitimate interest in contacting you.If required by law, we will ask for your consent to send you promotional and marketing emails, in-app communications, and push notifications about new products, features, or offers related to our Services.
Marketing & Promotional Emails. If you wish to stop receiving our promotional and marketing emails, you can do so by following the “Unsubscribe” links in any marketing email sent to you.
Push Notifications. If you no longer wish to receive push notifications, you can disable them at any time using the notification settings of your device, browser, or messaging platform.
The date this privacy policy was last reviewed is indicated at the top of the page. We may modify or update this privacy policy from time to time. Some changes do not require your consent: for example, when we add a new purpose of processing that is compatible with the existing purposes, or the new processing activity that falls under the users’ reasonable expectation.
However, if the changes made may pose risk to your rights and freedoms (for example, by including a new purpose of the processing that is not compatible with the existing purposes of processing, a new legal basis, or a new category of personal data to be collected or a new data subject, all of which are not reasonably expected by the users), we will ask for your consent to those changes separately from this privacy policy.
If you did not receive a request for your consent to the changes or refused to give consent, those changes will not apply to you. That fact can negatively affect some of our Services provided to you if those Services inevitably include consent to the changes.
AI Companions, Inc.: hey@pallie.ai (please indicate in the email subject that you are a Pallie user).