Who We Are and What This Policy Covers
This Privacy Policy explains how we handle personal data when you use Cai.Gril-AI Roleplay Freely (the “App” or “Service”), including roleplay chat with AI characters, character creation/sharing, AI image generation, and in‑app purchases of virtual currency (“Credits”).
Contact for privacy requests: technical.volvere@gmail.com
Data We Collect Depending on your use of the Service, we may collect:
Account and profile
Display name or handle; avatar; age selection/year of birth for age gating; language, country/region; third‑party sign‑in identifiers (e.g., Apple/Google).
Content and interactions
Prompts, chat messages, character cards/configurations, AI‑generated text and images, liked/saved items, and any media you upload (including associated metadata such as creation time).
Device and app usage
App version, device model/OS, unique identifiers (e.g., vendor or advertising identifiers), IP address, time zone, crash logs, diagnostics, performance and interaction events.
Purchases
Receipts/tokens from app stores, package purchased, Credit balance and consumption history. We do not collect or store full payment card numbers.
Communications
Support requests, feedback, surveys, reports, and emails you send us.
Optional permissions (with your consent)
Camera/photos/microphone/storage for uploads and generation features; push notifications for updates and reminders. You can revoke these in your device settings.
What we do not collect by default
We do not collect precise GPS location, contacts/address book, SMS, or call logs.
We do not request government IDs unless required for a specific legal/verification purpose, in which case we will inform you in advance.
How We Use Data
Operate and deliver core features
Enable sign‑in, roleplay chat and image generation, character creation/storage, Credits balance/usage, synchronization of settings/history.
Personalize and improve
Recommend characters, scenes, and topics; conduct product research and UX experiments (A/B tests); enhance quality, safety, and relevance.
Safety and integrity
Detect and prevent abuse, spam, fraud, malware, and policy violations; run automated and, where necessary, human review for content and behavior moderation; enforce age gates and restrictions.
Support and communications
Respond to tickets; send important service messages (e.g., policy changes, security alerts).
Analytics and reliability
Monitor performance, debug issues, and maintain availability.
Model training (only if you opt in)
We will use your content to improve models only with your explicit opt‑in consent. By default, your content is excluded. You can withdraw consent at any time in settings or by contacting us.
Legal Bases (EEA/UK)
Contract: to provide the features you request.
Legitimate interests: to maintain and improve the Service, ensure security, prevent fraud/abuse, and measure performance (balanced against your rights).
Consent: push notifications/marketing where applicable; certain analytics; model improvement; accessing device permissions.
Legal obligations: tax, accounting, law enforcement requests, and regulatory compliance.
Sharing and Disclosure We do not sell your personal data. We share data only as described:
Service providers (processors)
Cloud hosting, AI inference/generation, content moderation/safety tools, analytics and crash reporting, customer support, fraud prevention, A/B testing. Vendors are contractually bound to process data only on our instructions and to implement appropriate safeguards.
AI model and infrastructure providers
We may send prompts and content to AI vendors strictly to provide requested outputs and safety checks. Example categories: LLM providers, image generation providers, content safety APIs. Current list or link
App stores and payment platforms
Apple App Store, Google Play, and similar platforms to process purchases, verify receipts, and comply with their policies.
Legal/safety
If required by law, to respond to valid governmental or law enforcement requests; to enforce our terms; to protect users, our rights, or the public.
Business changes
In a merger, acquisition, or asset transfer, subject to appropriate safeguards and required notices.
International Transfers
Your data may be processed outside your country. Where required, we use safeguards such as Standard Contractual Clauses (SCCs), the UK IDTA/Addendum, encryption, access controls, and audits.
Data Retention
Account and profile: kept while your account is active.
Chats and generated content: retained to provide your history and features for 18 months or until you delete them. If you delete content, we aim to remove or anonymize within 30 days, subject to backups and legal requirements.
Diagnostics/logs: typically retained for [24 months].
Purchases and tax records: retained for the period required by applicable laws (often 3–7 years).
Safety records: retained as necessary to investigate and prevent harm, consistent with legal obligations.
Your Choices and Rights
Access, correction, deletion, portability: email technical.volvere@gmail.com or use in‑app tools (where available). We may verify your identity before fulfilling requests.
Opt‑out options: turn off personalized recommendations where provided; opt out of push notifications in device settings; withdraw consent for model training at any time.
Permissions: revoke camera/photos/microphone/storage permissions in device settings.
Appeals: where automated moderation affects you, you may request human review via support (subject to regional laws).
Children and Age Limits
The Service is not for children under 13. In the EEA/UK and some regions, the minimum age may be 16 (or higher if local law requires).
Adult/explicit content (if enabled) is restricted to users 18+. Sexual or sexually suggestive content involving minors is strictly prohibited.
Security
We implement technical and organizational measures including encryption in transit, restricted access, least‑privilege practices, and security monitoring. No system is 100% secure; please secure your device and use strong passwords.
If legally required, we will notify you and regulators of a data breach.
Cookies, SDKs, and Tracking
App: we use SDKs and device identifiers for essential functionality, analytics, crash reporting, and fraud prevention. We do not allow third‑party behavioral advertising within the App.
Web (if applicable): cookies/local storage for session management, security, preferences, and analytics. You can manage cookies in your browser; disabling may affect features.
Do Not Track: we currently do not respond to DNT browser signals.
Third‑Party Links and Integrations
Third‑party sites/services have their own policies and are not under our control. Review their privacy policies before using them.
Automated Decision‑Making and Moderation
Automated systems (and where necessary, human moderators) may review content for safety and policy compliance and may restrict features or content automatically. You can contact support to appeal decisions where your local law grants that right.
Region‑Specific Notices
California (CCPA/CPRA): We collect identifiers, commercial data (purchases), internet/activity data, and inferences for personalization. We use these for the purposes described in this Policy. We do not “sell” personal information. Where “sharing” for cross‑context behavioral advertising is relevant, you may opt out via in‑app settings or by email. You have rights to know, delete, correct, and opt out of selling/sharing, and not to be discriminated against for exercising these rights. Submit requests at technical.volvere@gmail.com.
EEA/UK: You may lodge a complaint with your local supervisory authority. Our EU/UK representative (if appointed) and DPO details are provided above. Where we rely on consent, you may withdraw it at any time.
Changes to This Policy
We may update this Policy. We will post the new effective date and notify you of material changes in‑app or by other reasonable means. Changes take effect on the stated date.
Contact
Email: technical.volvere@gmail.com