Privacy Policy

We collect the following categories of information.

Account and profile information you provide

When you create an account or use account settings, you may provide: name (optional); email address; password (hashed); country and preferred language (if provided); time zone (if provided or inferred from settings); profile photo (optional); age confirmation (18+ confirmation); subscription plan selection and account preferences (for example, notification settings); support requests and communications you send to us.

User Content you upload or submit

You may upload or provide content to create or use a chatbot, including: text, messages, notes, biographies, and descriptions; documents and PDFs; images and scans; audio and video files; ZIP archives, backups, and exports from third-party services (for example, messaging apps, social platforms, or workplace tools); chat inputs and prompts you type into the Platform; optional onboarding information you provide to shape the chatbot's behavior, tone, and personality. Some uploaded content may include information about other individuals, which you are responsible for providing lawfully.

Social login data (if enabled)

If you choose to register or sign in using a third-party login provider (for example, Apple, Google, or other supported providers), we may receive certain information from that provider. Where required by applicable law, we collect and use social login data based on the lawful basis applicable in your jurisdiction. The exact information we receive depends on: the provider (Apple vs Google, etc.), and your privacy settings and permissions with that provider. Social login data may include: a unique user identifier provided by the provider; your name (if shared); your email address (or an email relay address, such as Apple's private relay); your profile picture (if shared); and authentication tokens needed to confirm your login. We do not receive your third-party account password. You can revoke social login permissions through the provider's settings.

Derived text and personalization artifacts

To provide the Services, we may generate or store: transcripts from audio or video (speech-to-text); OCR text extracted from images or scanned documents; captions, labels, and descriptions derived from media to support text-based output; persona summaries and structured profile representations; style packs or instruction prompts used to steer a chatbot's tone; vector embeddings and indexes for retrieval (RAG memory); adapters or other per-user/per-chatbot fine-tuning artifacts (when enabled and when thresholds are met). Personalization artifacts remain private. The Platform may generate transcripts, OCR text, captions, persona summaries, style packs, embeddings, and adapters as part of personalization. These artifacts are associated only with your account and the chatbot you created and are not used to train shared models for other users, unless you explicitly opt in through a separate consent flow.

Technical and usage data

IP address; device and browser type; operating system; approximate location derived from IP; logs and diagnostic events (crash logs, error logs, performance metrics); security and fraud signals; cookies and similar technologies (see Section 9).

Payment data (if you purchase a paid plan)

If you purchase a paid plan, we collect and store billing and subscription information necessary to process payments, manage subscriptions, provide customer support, and comply with legal obligations. This may include: Billing and subscription information: billing status, plan type, renewal dates, invoices, transaction history, amounts paid, applicable taxes, credits or adjustments, and payment status (successful, pending, failed, refunded). Billing contact information: name, email address, billing address, and other information required for tax, invoicing, fraud prevention, or payment processing. Payment method metadata (not full card data): we may store limited payment method details such as the payment method type (card), card brand, expiration month/year, and last four digits, as provided by the payment processor, for display and support purposes. Payment processors. Payments made on the website are processed by third-party payment processors. When you provide payment information (such as a credit card number), that information is collected and processed directly by the payment processor under its terms and privacy practices. We do not store your full card number or CVV. For recurring billing and auto-renewal, we store a tokenized payment method identifier provided by the payment processor, not the underlying card number. App Store payments. If you subscribe through the Apple App Store or Google Play, payment processing and storage of payment method details is handled by the applicable app store. We receive limited information such as your subscription status and transaction metadata.

Provide the Services

We use information to create and manage accounts; create, run, and display chatbots; process uploads and generate text outputs; build and retrieve from RAG memory; generate persona summaries and style packs; create and apply adapters when enabled.

Automated Processing

Personalization uses automated processing (RAG retrieval, embeddings, adapter). Outputs may be generated automatically.

Maintain, secure, and improve the Platform

Protect against abuse, fraud, and unauthorized access; monitor performance, reliability, and debugging; enforce our Terms and policies; develop and improve features and user experience.

Communications

Send service-related emails (verification, billing, account notices, security alerts, legal/policy updates). Send marketing and promotional emails only about the Platform and its features, plans, or updates, as described in Section 10 (with opt-out), and not on behalf of any third-party agencies, advertisers, or partners.

Legal and compliance

Comply with legal obligations; respond to lawful requests and legal process; protect the rights, safety, and security of the Company, users, and others.

Data about other people

The Platform allows you to upload content that may include information about other individuals (for example, messages, photos, videos, or exported archives). You may upload such information only if you have the legal right and lawful basis to do so.

No living-person use

The Platform is intended for use only in compliance with the Terms, including the prohibition on creating chatbots that represent living persons and minors.

Enforcement

The Platform may refuse to process, remove, or delete content that violates this section or applicable law, and may suspend or terminate accounts for violations.

Prohibited sensitive third-party data

You must not upload third-party information that you do not have the right to use, including: government identification numbers or copies of IDs; passwords, authentication codes, or account credentials; financial account numbers, payment card details, or banking access credentials; private medical records or clinical documents belonging to another person; and any content involving minors.

The Platform outputs text only. The Platform does not redistribute your uploaded media to other users. If you upload photos, videos, or audio, we may process them to extract text representations such as: transcription (audio or video to text), OCR (images or scans to text), and captions or descriptive text derived from media.

Because we operate from the United States and serve multiple countries, the legal basis can vary depending on your location. Common bases include: Performance of a contract: to provide the Services you requested; Consent: when you choose to upload data, enable certain features, or opt into marketing; Legitimate interests: to secure the Platform, prevent abuse, and improve reliability; Legal obligations: when we must comply with law. Country-specific rules may apply. See Section 18.

We do not sell your personal information.

We may share information in limited circumstances:

Service providers

We may share necessary information with vendors that help us operate the Platform, such as: cloud hosting and storage providers; database and logging providers; email and customer support systems; payment processors; security and fraud-prevention services; AI infrastructure providers used for inference, processing, and personalization workflows. These providers may process information only to provide services to us under contractual obligations.

Legal requirements and protection

We may disclose information if we believe it is necessary to: comply with law, regulation, or legal process; enforce our Terms and policies; protect the rights, property, and safety of the Company, our users, or others; detect, prevent, or address fraud or security issues.

Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality protections.

With your direction

We may share information when you instruct us to do so, for example if you connect a third-party integration.

No sale of personal information and no advertising partners

We do not sell your personal information. The Platform does not run third-party advertising or behavioral advertising and does not permit advertising partners or marketing agencies to collect personal information through the Services. We do not share user data with advertising networks, data brokers, or marketing agencies.

No marketing use of chat content

We do not use the content of your chats, conversation history, uploaded content, or Generated Output for marketing or advertising purposes.

Platform-only communications

The Platform does not market or advertise third-party products or services to users. If we send promotional messages, they relate only to the Platform (for example, plan updates or Platform feature announcements), and you can opt out of marketing emails as described in this Privacy Policy.

General rule

We retain information for as long as needed to provide the Services and for legitimate business purposes such as security, compliance, and dispute resolution.

User deletion

If you delete uploaded data, chatbots, or your account using the Platform's deletion tools, we will delete the associated data and artifacts as described in the deletion flow, subject to limited retention after deletion as described below. Deleting a chatbot deletes its artifacts. Deleting the account deletes everything tied to the account (subject to limited retention).

Limited retention after deletion

Even after deletion, limited information may persist for a period of time in: security logs and audit logs; backups and disaster recovery systems; records required for legal compliance, billing, fraud prevention, or dispute resolution. We retain such data only as long as reasonably necessary for those purposes.

We use commercially reasonable administrative, technical, and organizational measures to protect information, such as access controls, encryption in transit, and operational monitoring. No system is completely secure. You are responsible for protecting your account credentials and device access. If we learn of a security incident, we will take reasonable steps to investigate and mitigate it and provide notices where required by applicable law.

When you access or use the Services, we automatically collect certain technical and usage information.

We use cookies and similar technologies to: keep you logged in; remember preferences; support essential site functionality; measure performance and improve reliability; prevent fraud and abuse.

You can control cookies through your browser settings. Some cookies are required for the Services to function properly.

Device and network data

This may include: IP address; device identifiers (where available), device type, and device model; operating system and version; browser type and version; language settings; mobile carrier (if applicable); approximate location derived from IP address (for example, country or city-level); app version (if using mobile app); referral source and pages or screens viewed.

Usage and interaction data

This may include: timestamps and duration of sessions; features used and actions taken (for example, creating a chatbot, uploading files, running deletion tools); chat usage metrics (for example, message counts and token usage); upload metadata (for example, file type, size, and processing status); logs related to errors, crashes, and performance.

We do not use third-party advertising cookies because we do not run third-party advertising. You can control cookies through your browser settings, but disabling certain cookies may impact functionality.

If you opt in to marketing communications (or enable them in settings), we may send promotional emails, product updates, and surveys.

You can opt out at any time using the "unsubscribe" link in emails or by changing settings if available.

We may still send service-related emails that are necessary for security, billing, or legal notices.

Depending on your location and applicable law, you may have certain rights regarding your personal information. These may include the right to: Access. Request access to the personal information we hold about you. Correction. Request correction of inaccurate or incomplete personal information. Deletion. Request deletion of your personal information and/or delete content using in-platform deletion tools where available. Restriction. Request restriction of certain processing in limited circumstances. Objection. Object to certain processing where required by law.

Verification of identity

To protect users and prevent unauthorized access, we may need to verify your identity before fulfilling a request. Verification may include confirming access to your account email or requesting additional information. We will not ask for your password.

Limits and exceptions

We may deny or limit requests where permitted by law, including where: we cannot verify your identity; fulfilling the request would disclose another person's information; we must retain information for legal compliance, security, fraud prevention, billing, or dispute resolution; or the request is excessive or repetitive.

Deletion mechanics and platform-specific limits

When you delete content or your account, deletion is intended to be permanent and irreversible. However, limited information may persist for a limited time in security logs and backups as described in this Privacy Policy.

Authorized agents

Where required by applicable law, you may use an authorized agent to submit a request on your behalf. We may require proof of authorization and may still need to verify your identity.

Complaints

Where required by applicable law, you may have the right to lodge a complaint with a data protection authority in your jurisdiction. We encourage you to contact us first so we can try to resolve your concern.

How to submit a request for objection or complaints

You may submit a request by contacting: privacy@everwith.ai. Please include: the email address associated with your account, the country you are contacting us from, and the specific right you want to exercise.

EVERWITH is hosted and operated from the United States. If you use the Services from another country, your information may be transferred to and processed in the United States and other countries where we or our service providers operate. Those countries may have different data protection laws than your country. Vendors are bound by confidentiality/security obligations.

Where required by applicable law, we implement appropriate safeguards for cross-border transfers.

See country-specific addendums in Section 18.

The Services are intended only for users who are at least 18 years old. We do not knowingly collect personal information from anyone under 18.

If we learn a user is under 18

If we become aware or reasonably believe that a user is under 18, we may: suspend or terminate the account; block access to the Services; and delete the account and associated data, subject to limited retention for legal and security purposes.

Report concerns

If you believe a minor has provided personal information to the Platform or is using the Services, please contact us immediately at privacy@everwith.ai.

Device-based authentication only

If the mobile app supports device-based biometric login (for example, Face ID or similar face recognition features), the following applies: Biometric login is provided by your device operating system (for example, Apple Face ID or Android biometric authentication). The Platform does not collect, store, or process your face image or biometric template.

What we receive

If you enable biometric login, the Platform receives only a confirmation from your device that authentication succeeded or failed. We do not receive your biometric data.

You control this feature

You can enable or disable biometric login in the app settings and also in your device settings.

We may update this Privacy Policy from time to time. If changes are material, we will provide notice as required by law. Continued use of the Services after the effective date of an updated policy means you accept the updated policy.