Privacy Policy

1. Information we collect

• Account information — your email address and authentication credentials when you create an account.
• Payment information — when you subscribe or buy credits, payments are processed by our payment provider (Stripe). We receive billing metadata (plan, amount, status) but never store your full card number.
• Conversations and content you create — messages you send to AI characters. By default, chat history is stored locally on your device; cloud sync is opt-in.
• Usage and technical data — device and app version, feature usage, token/credit consumption for metering, and diagnostic logs.

2. How we use your information

• Provide, operate, and maintain the Service, including generating AI responses, voice, and animations.
• Process payments, manage subscriptions and credits, and prevent fraud.
• Enforce usage limits and meter consumption against your plan.
• Improve the product, debug issues, and keep the Service safe and secure.
• Communicate with you about your account, purchases, and important changes.

3. AI processing and subprocessors

To generate responses and other features, we send the content you provide to trusted third-party processors. These currently include large language model providers. We send only what is needed to fulfill your request. We do not sell your data, and we do not use your private conversations to train third-party models beyond what is required to return your result.

4. Local-first storage

Pipal is designed to keep your conversations on your device. Chat history is not uploaded to our servers unless you enable an optional sync feature. Uninstalling the app or clearing local data removes that on-device history.

5. How we share information

We share information only in these situations:

• Service providers / subprocessors — payment, AI, hosting, and analytics vendors who process data on our behalf under contract.
• Legal reasons — to comply with applicable law, enforce our terms, or protect the rights and safety of users and the public.
• Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We do not sell your personal information.

6. Data retention

We keep account and billing records for as long as your account is active and as required for legal, tax, and accounting purposes. Diagnostic logs are retained for a limited period. Locally stored chat history persists on your device until you delete it.

7. Your rights

Depending on where you live (including under GDPR and CCPA/CPRA), you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To make a request, contact us at the address below. We will not discriminate against you for exercising these rights.

8. International transfers

We may process and store information in countries other than where you live. Where required, we use appropriate safeguards for international transfers. EU/UK data residency and a current subprocessor list are available on request.

9. Security

We use technical and organizational measures to protect your information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

10. Children

The Service is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

11. Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you.