← OneChaterUpdated: June 2026

Privacy policy

Your privacy matters. Here's what data we collect and how we use it.

1. What data we collect

Account data: name, email address and profile picture (when you sign in with Google, GitHub, or Apple). We also store the authentication sessions needed to keep you signed in.

Conversations: your chat history is saved in our database so you can access it from any device.

Persistent memory: the memory profile the system builds from your conversations is stored, tied to your account, to personalize future answers.

API keys: your third-party API keys (OpenAI, Anthropic, Google, etc.) are stored only in your browser (localStorage). We never send or store them on our servers.

2. How we use your data

  • Provide and improve the Service.
  • Keep your conversation history and memory in sync across devices.
  • Send you transactional emails (login OTP, important notifications). We use Resend to deliver email.
  • Detect and prevent abuse.

We don't sell your data. We don't use it for advertising.

3. Third parties with access to your data

  • Neon (Postgres database) — stores your conversations and account data.
  • Vercel — application hosting and infrastructure.
  • Resend — transactional email delivery.
  • NextAuth / Auth.js — session and OAuth management.
  • AI providers (OpenAI, Anthropic, Google, etc.) — your messages are sent directly to these services using your own API key. They are subject to their own privacy policies.

4. Cookies and local storage

We use session cookies required for authentication (HttpOnly, Secure). We don't use tracking or advertising cookies.

We use localStorage to save your API keys and app preferences (theme, selected models). This data never leaves your device.

5. Data retention

We keep your data while your account is active. You can request deletion of your account and all associated data by writing to our contact email.

6. Your rights

You have the right to access, correct, export or delete your personal data. To exercise these rights, write to fabriciouala1@gmail.com.

7. Security

We use HTTPS on all communications, session tokens with rotation, and role-restricted database access. No system is 100% secure; in the event of a security incident, we will inform the affected users.

8. Changes to this policy

We may update this policy. If the changes are significant, we'll notify you by email or via a notice within the Service.

9. Contact

For privacy questions: fabriciouala1@gmail.com.