Privacy Policy
Last updated: September 27, 2025
Our Commitment to Privacy
At Acolyte AI, we are committed to protecting your privacy and ensuring the security of your personal
information. This Privacy Policy explains how we collect, use, disclose, and safeguard your
information when you use our AI storytelling platform.
1. Information We Collect
Personal Information
- Account Information: Email address, username, and password when you create an
account
- Profile Data: User ID and any profile information you provide
- Payment Information: Processed securely through Coinbase Commerce (we don't store
payment details)
- Communication Data: Messages you send to our support team
Usage Data
- Usage Statistics: Credit consumption, feature usage, and session data
- Technical Data: IP address, browser type, device information, and access times
- Cookies and Tracking: Essential cookies for session management only
Note: We do not store user conversations. All conversations are processed ephemerally
and are not retained.
2. How We Use Your Information
We use the information we collect for the following purposes:
Service Provision
- Providing and maintaining our AI storytelling services
- Processing payments and managing subscriptions
- Delivering customer support and technical assistance
- Personalizing your experience and improving service quality
AI Training and Improvement
- We use only anonymized aggregate data (such as average session length) for service improvements.
This data cannot be used to re-identify individual users.
- Analyzing usage patterns to enhance platform performance
- Developing new features and capabilities
Legal and Security
- Ensuring platform security and preventing abuse
- Complying with legal obligations and regulations
- Investigating suspicious activities or violations
- Protecting the rights and safety of our users and platform
3. Data Storage and Security
Data Storage
We use Supabase for secure data storage with the following measures:
- End-to-end encryption for data in transit and at rest
- Regular security audits and penetration testing
- Automated backups with secure recovery procedures
- Geographic data distribution for redundancy
Data Retention
| Data Type |
Retention Period |
Purpose |
| Account Information |
Account active + 2 years |
Service provision and legal compliance |
| Usage Logs |
90 days |
Analytics and optimization |
| Payment Records |
7 years |
Tax compliance and dispute resolution |
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share information only
in the following circumstances:
Service Providers
- Supabase for database and authentication services
- Coinbase Commerce for payment processing
- Resend for email delivery services
- Cloudflare for CDN and security services
Legal Requirements
- When required by law or legal process
- To protect our rights, property, or safety
- To prevent fraud or security threats
- With your explicit consent
5. Your Rights and Choices
Data Access and Control
You have the following rights regarding your data:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and data
- Portability: Export your data in a structured format
- Restriction: Limit how we process your data
- Objection: Object to certain data processing activities
California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act
(CCPA):
- The right to know what personal information we collect
- The right to request deletion of your data
- The right to opt-out of the sale of your data (note: we do not sell your data)
- The right to non-discrimination for exercising your rights
Cookies and Tracking
You can control cookie preferences through your browser settings. We only use essential cookies for basic
functionality and session management.
6. Children's Privacy
Our service is not intended for children under 18 years of age. We do not knowingly collect personal
information from children under 18. If you are a parent or guardian and believe your child has provided
us with personal information, please contact us immediately.
7. International Data Transfers
Your data may be transferred to and processed in countries other than your own. We ensure that such
transfers comply with applicable data protection laws and implement appropriate safeguards to protect
your information.
8. Third-Party Services
Our platform integrates with third-party services like SillyTavern and RisuAI. Data exchanged with these
services is governed by their respective privacy policies. We do not access or store data that flows
through these integrations.
When you use these integrations, additional terms and privacy policies may apply. We encourage you to
review the privacy policies of these third-party services.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Email notification to your registered email address
- Prominent notice on our platform
- Update of the "Last updated" date at the top of this policy
Your continued use of our services after such changes constitutes your acceptance of the updated policy.
GDPR and Data Protection Rights
If you are located in the European Union, you have additional rights under the General Data
Protection Regulation (GDPR). These include the right to lodge a complaint with your local data
protection authority and the right to data portability. We are committed to complying with GDPR
requirements and protecting your data protection rights.