Privacy Policy

Effective Date: April 20, 2026

nzoey ("Company", "we", "us", or "our") takes your privacy very seriously and is committed to complying with relevant laws and regulations. This Privacy Policy describes the types of information we collect when you use the nzoey mobile application, website, and related services (the "Service"), how we use it, who we share it with, and your rights regarding your information.

By using the Service, you are deemed to have consented to the collection and use of information as described in this Privacy Policy.

1. Information We Collect and How We Collect It

We collect the following information to provide the Service smoothly and to build a safe AI chatting environment.

A. Information You Provide Directly

  • Account Information: Email address, nickname, profile picture, password, etc., entered during sign-up and profile setup.
  • User-Generated Content (UGC): AI persona/character information created by users within the Service (name, introduction, prompts, worldview settings, etc.).
  • Conversation and Communication Data: Text chat logs with AI characters, uploaded images, voice input data, and posts/comments created in the Feed.
  • Customer Support Information: Email and inquiry details provided when submitting inquiries or feedback.

B. Information Collected Automatically

  • Device and Technical Information: IP address, unique device identifier (Device ID), operating system (OS) version, browser type, app version, mobile network information.
  • Usage Records and Log Data: Access times, service usage records (number of chats, character views, follow history), feature usage patterns, error logs, etc.
  • Cookies and Similar Technologies: Cookies and local storage data for maintaining sessions and saving user settings in web and webview environments.

C. Information Collected from Third Parties

  • Payment Information: When you purchase "Credits" or a subscription (Pro) through app stores (Apple App Store, Google Play), we collect receipt validation data, payment status, and subscription expiration date from third-party payment processors (e.g., RevenueCat). (We do not directly collect or store your full credit card number.)
  • Social Login Information: Profile information you have consented to provide through platforms like Google or Apple when linking your account.

2. Purpose of Use of Collected Information

We use the collected information for the following purposes:

  • Service Provision and Contract Fulfillment: Account creation and management, real-time AI chatting, activation of purchased goods (Credits) and subscription features.
  • AI Model Training and Service Improvement (Important): Conversation content, prompts, and content entered by users may be used for training, fine-tuning, safety filtering, and overall performance enhancement of our Large Language Models (LLM) and AI systems. During this process, data is strictly de-identified (anonymized) so that specific individuals cannot be identified.
  • Safety and Security: Detection of spam, abuse, fraud, identity theft, and other abnormal usage, NSFW (Not Safe For Work) content filtering, and monitoring for violations of Terms of Service and community guidelines.
  • Personalization and Customized Experience: Analyzing user interests and interaction patterns to provide customized character recommendations and personalized Feed content.
  • Customer Support: Responding to inquiries, resolving technical issues, and delivering important notices.

3. Sharing and Provision of Information to Third Parties

We do not sell or rent your personal information to third parties except as described in this policy or required by law. Information may be shared in the following cases:

  • Service Providers (Data Entrustment): We share necessary data with trusted third-party service providers (e.g., Supabase, Cloudflare R2, AI API providers like xAI Grok or Google Gemini, and payment processors) to operate our infrastructure. They process data under strict security standards according to our instructions.
  • Public Characters and UGC: AI character meta-information (name, intro, prompt outputs, etc.) and Feed posts set to "Public" can be viewed and interacted with by all other users.
  • Retention of Public UGC for Service Continuity: Even if a user deletes their account, popular "Public" characters that other users are actively interacting with may be retained and owned by the Company to maintain service continuity.
  • Legal Requirements: When there is a court warrant, a legitimate request from investigative agencies, or when legally necessary to protect our rights, property, or the safety of the Service.

4. Data Retention and Destruction

  • Retention Period: In principle, personal information is retained until the account is deleted or the purpose of collection and use is achieved.
  • Destruction Procedure: Upon request for account deletion, we immediately deactivate identifying information, private chat logs, and private characters, and permanently delete them using technically irrecoverable methods (Soft Delete followed by Hard Delete).
  • Exceptions: Payment records required to be preserved by law, device identification for fraud prevention, and anonymized datasets already incorporated into AI model training may be excluded from destruction or stored separately.

5. User Rights and How to Exercise Them

  • Access and Correction: You can view and correct your profile and account information through the in-app settings.
  • Deletion and Withdrawal: You can withdraw consent and delete your data at any time by selecting "Delete Account" in the settings.
  • AI Training Opt-out: You can request to opt-out of having your future conversation data used for AI model training via our support email. (Note: It may be technically impossible to extract and delete past data from models where training is already complete.)

6. Children's Privacy

The nzoey service is not intended for children under the age of 14 (or the minimum age for digital consent in your jurisdiction, e.g., 13 under US COPPA). We do not knowingly collect personal information from children. If we become aware of such collection, we will immediately delete the data and the account.

7. Global Data Transfer

nzoey is a global service. Your information may be transferred to, stored, and processed in servers (Cloudflare, Supabase, etc.) located outside your country of residence (e.g., the United States). We comply with applicable data protection laws and follow safe data protection standards (such as Standard Contractual Clauses) for data transfers.

8. Safety Measures for Personal Information

We take the following measures to protect information:

  • Encryption of communication (SSL/TLS)
  • Database encryption and strict access control (Row Level Security)
  • Operation of security systems to prevent external intrusions

9. Changes to the Privacy Policy

We may modify this policy at any time to reflect changes in law or service. For significant changes, we will notify you at least 7 days in advance via in-app notices, pop-ups, or email.

10. Contact Us

If you have any questions or complaints regarding this policy, please contact us at: