← Legal · Privacy Policyv1.0.0

Last updated:

Privacy Policy

California residents — see § 8 below for your additional rights under the CCPA.

1. Who we are

Amorine is published by Ion Dobrioglo, a sole trader registered in the United Kingdom. Registered business address available on request. You can reach us about anything in this policy at [email protected].

2. What this policy covers

This policy applies to the Amorine mobile app and this website (https://amorine.app/). It explains what data we collect, how we use it, who we share it with, and the rights you have. By using Amorine you agree to the practices described here.

3. Data we collect

We collect the following categories of data, and only what we need to operate the service:

  • Account data: your email address, the authentication provider you used (Apple, Google, etc.), and the profile fields you provide during onboarding (name, age, gender, interests).
  • Conversation data: the messages you send to AI characters, characters you've matched with, gifts sent in-app.
  • Device data: device type, operating system version, app version, and IP address. Collected automatically by our error tracking (Sentry) and product analytics (PostHog) tools.
  • Subscription data: purchase records (which subscription tier, when activated/cancelled) provided by RevenueCat. We never see or store your payment card numbers — those are handled by Apple, Google, or RevenueCat.
  • Optional photos: any images you upload to your in-app gallery. Stored on Cloudflare R2 with restricted access.

4. How we use it

We use your data to:

  • Provide the service (create your account, generate AI replies, match you with characters)
  • Maintain conversation context so characters can remember what you've talked about
  • Send you push notifications (if you opt in) about new matches or messages
  • Detect and prevent abuse (harassment, account fraud, attempts to extract training data)
  • Comply with legal obligations and enforce our Terms of Service
  • Diagnose crashes and improve the product (aggregated, anonymized analytics)

We do not sell your data, use it for cross-context behavioral advertising, or share it with third parties for their own marketing.

5. AI processing disclosure

This section is critical, so we keep it explicit:

  • Your conversations are sent to AI providers (such as Anthropic and OpenAI) for response generation. Each conversation is sent on demand to produce the next AI reply.
  • We do not knowingly send your conversations to providers for training their models. Where providers offer training opt-out flags or zero-retention APIs, we set them.
  • Conversation history is stored in our database (Supabase, hosted on AWS) so AI characters can maintain context across sessions. Without this storage, characters would forget you between every chat.
  • You can delete your conversations by going to Settings → Account → Delete Account in the app. Your conversation history is permanently erased within 30 days; backup data may persist up to 90 days.

6. Third parties

We share data with the following service providers, each under a written data-processing agreement:

  • Supabase — database, authentication, file storage, edge functions
  • Cloudflare R2 — image and media CDN (your gallery photos and character art)
  • Sentry — crash and error tracking
  • PostHog — product analytics (feature usage, funnels, A/B tests)
  • RevenueCat — subscription management
  • AI providers (Anthropic, OpenAI, and others as we add them) — generate AI character replies
  • Apple — App Store distribution, in-app purchase processing
  • Google — Play Store distribution and in-app purchase processing (when Android ships)

We may add or change providers and will update this list. Material changes are also announced in-app.

7. Data retention

  • Account data is retained while your account is active.
  • Conversation data is retained while your account is active so characters can maintain context.
  • After you delete your account, all data is removed within 30 days. Backup snapshots may persist for up to 90 days before being purged from our backup rotation.
  • Aggregated, non-identifying analytics (e.g., "how many users opened the app today") may be retained indefinitely.

8. Your rights

Depending on where you live, you may have the following rights over your personal data:

Under the EU/UK GDPR:

  • Access — request a copy of the data we hold about you
  • Rectification — correct inaccurate data
  • Deletion — request your data be erased (subject to legal retention obligations)
  • Restriction — limit how we process your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing for legitimate-interest reasons
  • Withdraw consent — where processing is based on your consent

Under the California CCPA:

  • Right to know what personal information we collect, use, share, and sell
  • Right to delete personal information we hold about you
  • Right to opt-out of sale — we do not sell personal information, so this is moot, but the right exists
  • Right to non-discrimination for exercising your privacy rights

9. How to exercise rights

Email [email protected] with the subject "Privacy Request" and tell us what you want to do (access, delete, export, etc.). We respond within 30 days (GDPR) or 45 days (CCPA). We may ask for proof of identity before fulfilling the request. For account deletion, the in-app flow at Settings → Account → Delete Account is the fastest path.

10. Children

Amorine is not intended for users under 17 (Apple's age rating) and our content policy requires users to be 18 or older, verified via a birth-date check during onboarding. We do not knowingly collect data from minors. If you believe a minor has created an account, please contact [email protected] and we will delete the account.

11. International transfers

Your data may be processed in the United States, the European Union, or the United Kingdom, depending on which provider handles which workload. Where transfers happen from the EU/UK to the US, we rely on Standard Contractual Clauses approved by the European Commission and applicable adequacy decisions.

12. Cookies & local storage

The Amorine website uses minimal first-party storage:

  • The mobile app uses local secure storage (Expo SecureStore) on your device for your authentication session — never transmitted to third parties.
  • The marketing website does not set tracking cookies or fingerprint visitors.

We do not use Google Analytics, Facebook Pixel, third-party advertising cookies, or any other cross-site tracker. Because our cookie use is strictly necessary or non-existent, no consent banner is required under EU/UK rules. If we add first-party analytics in the future, we will update this section and notify users in-app.

13. Changes to this policy

If we make material changes to this policy, we will notify you in-app and via the email associated with your account. The "Last updated" date at the top of this page reflects the most recent change. Continued use of Amorine after a change constitutes acceptance of the updated policy.

14. Contact

For privacy requests, email [email protected]. For everything else, [email protected]. The publisher of record is Ion Dobrioglo, based in the United Kingdom. Registered business address available on request — provided on request to verified data subjects or competent authorities.

15. Effective date

This policy is effective as of the "Last updated" date at the top of this page.