Privacy Policy
Last updated: September 27, 2025
Our Commitment to Privacy
At Acolyte AI, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI storytelling platform.
1. Information We Collect
Personal Information
- Account Information: Email address, username, and password when you create an account
- Profile Data: User ID and any profile information you provide
- Payment Information: Processed securely through Coinbase Commerce (we don't store payment details)
- Communication Data: Messages you send to our support team
Usage Data
- Usage Statistics: Credit consumption, feature usage, and session data
- Technical Data: IP address, browser type, device information, and access times
- Cookies and Tracking: Essential cookies for session management only
Note: No user conversations stored—processed ephemerally.
2. How We Use Your Information
We use the information we collect for the following purposes:
Service Provision
- Providing and maintaining our AI storytelling services
- Processing payments and managing subscriptions
- Delivering customer support and technical assistance
- Personalizing your experience and improving service quality
AI Training and Improvement
- Anonymized aggregates (e.g., avg session length) for improvements only; no re-identification
- Analyzing usage patterns to enhance platform performance
- Developing new features and capabilities
Legal and Security
- Ensuring platform security and preventing abuse
- Complying with legal obligations and regulations
- Investigating suspicious activities or violations
- Protecting the rights and safety of our users and platform
3. Data Storage and Security
Data Storage
We use Supabase for secure data storage with the following measures:
- End-to-end encryption for data in transit and at rest
- Regular security audits and penetration testing
- Automated backups with secure recovery procedures
- Geographic data distribution for redundancy
Data Retention
| Data Type | Retention Period | Purpose |
|---|---|---|
| Account Information | Account active + 2 years | Service provision and legal compliance |
| Usage Logs | 90 days | Analytics and optimization |
| Payment Records | 7 years | Tax compliance and dispute resolution |
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:
Service Providers
- Supabase for database and authentication services
- Coinbase Commerce for payment processing
- Resend for email delivery services
- Cloudflare for CDN and security services
Legal Requirements
- When required by law or legal process
- To protect our rights, property, or safety
- To prevent fraud or security threats
- With your explicit consent
5. Your Rights and Choices
Data Access and Control
You have the following rights regarding your data:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and data
- Portability: Export your data in a structured format
- Restriction: Limit how we process your data
- Objection: Object to certain data processing activities
For California residents under CCPA: You have the right to know what personal information we collect, request deletion, opt-out of sale (we don't sell data), and non-discrimination for exercising rights. Contact us at [email protected] for CCPA requests.
Cookies and Tracking
You can control cookie preferences through your browser settings. We only use essential cookies for basic functionality and session management.
6. Children's Privacy
Our service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
7. International Data Transfers
Your data may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards to protect your information.
8. Third-Party Services
Our platform integrates with third-party services like SillyTavern and RisuAI. SillyTavern/RisuAI data flows per their policies—we don't access it. When you use these integrations, additional terms and privacy policies may apply. We encourage you to review the privacy policies of these third-party services.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Email notification to your registered email address
- Prominent notice on our platform
- Update of the "Last updated" date at the top of this policy
Your continued use of our services after such changes constitutes your acceptance of the updated policy.
GDPR and Data Protection Rights
If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR). These include the right to lodge a complaint with your local data protection authority and the right to data portability. We are committed to complying with GDPR requirements and protecting your data protection rights.