Privacy Policy
Your privacy matters. Here's exactly how we handle your data.
Last updated: December 19, 2025
Privacy Overview
At Charmup, your privacy isn't just a feature—it's the foundation of everything we build. We believe that emotional wellness conversations should be completely private, and we've designed our platform from the ground up to ensure that.
What We Collect
We collect only the minimum data necessary to provide our service:
- •Email address: For account creation and authentication
- •Chat messages: Stored encrypted to maintain conversation context
- •Usage data: Anonymous analytics to improve the service
- •Device information: For security and fraud prevention
Note: We do NOT collect: real names, phone numbers, physical addresses, payment information (free service), or any data you don't explicitly provide.
Data Encryption
All your conversations are encrypted using AES-256 encryption—the same standard used by governments and financial institutions. Here's how we protect your data:
- •Encryption at Rest: All chat messages are encrypted before being stored in our database
- •Encryption in Transit: All data transmitted uses TLS 1.3 encryption
- •Zero-Knowledge Architecture: Our encryption design means even we cannot read your messages
- •Secure Key Management: Encryption keys are stored separately from encrypted data
How We Use Your Data
Your data is used solely to provide and improve our service:
- •Conversation Context: To maintain meaningful, contextual conversations with AI personas
- •Service Improvement: Anonymous, aggregated data helps us improve AI responses
- •Security: To detect and prevent fraud, abuse, or security threats
- •Communications: To send important service updates (you can opt out of non-essential emails)
Note: We NEVER sell your data to third parties. We NEVER use your personal conversations for advertising.
Data Retention
We retain your data only as long as necessary:
- •Active Account: Your data is retained while your account is active
- •Account Deletion: When you delete your account, we schedule permanent deletion within 30 days
- •Grace Period: You have 30 days to cancel deletion and restore your data
- •Permanent Deletion: After 30 days, all your data is permanently and irreversibly deleted
- •Audit Logs: Minimal audit logs may be retained for security compliance (SOC 2 requirement)
Your Rights (GDPR/CCPA)
You have full control over your data:
- •Right to Access: Request a copy of all data we have about you
- •Right to Correction: Update or correct your personal information
- •Right to Deletion: Delete your account and all associated data
- •Right to Portability: Export your data in a standard format
- •Right to Opt-Out: Opt out of non-essential data collection
Note: To exercise any of these rights, contact us at connect@charmup.website or use the Settings page in the app.
Third-Party Services
We use minimal third-party services to operate Charmup:
- •Supabase: Database and authentication (SOC 2 Type II certified)
- •OpenRouter/AI Providers: AI model inference (no personal data shared, only conversation context)
- •Netlify: Hosting and deployment (SOC 2 compliant)
Note: All third-party providers are contractually bound to protect your data and comply with privacy regulations.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- •Email: connect@charmup.website
- •Response Time: We respond to all privacy inquiries within 48 hours
TL;DR - Privacy Summary
- Your conversations are encrypted with AES-256 encryption
- We can't read your messages - only you have access
- We collect minimal data - just what's needed to provide the service
- You can delete all your data anytime from Settings
- We never sell your data - ever