## Privacy Policy
### 1. Introduction
AllureAI ("we," "us," "our") respects your privacy. This Privacy Policy explains what data we collect, how we use it, who we share it with, and your rights regarding your data. This policy applies to your use of the AllureAI Discord bot, the AllureAI web portal, and all related services.
We comply with the Discord Developer Terms of Service, the Discord Developer Policy, and applicable privacy laws including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection legislation.
### 2. Information We Collect
#### 2.1 Information Collected Automatically
When you interact with AllureAI (via Discord or the web portal), we automatically collect:
- Discord identifiers: User ID, username, display name, avatar hash, server (guild) ID, channel IDs, thread IDs
- Usage data: Commands used, features accessed, timestamps, session durations, credit transactions
- Voice session metadata: Session duration, active speaking time, number of messages processed, Voice Bot session logs, and auto-cinematic trigger events (we do not permanently store audio recordings — see Section 5)
- Technical data: Browser user-agent and IP address (when accessing the web portal), connection metadata provided by Discord
#### 2.2 Information You Provide
- Profile information: Name, pronouns, bio, timezone (if provided via `/profile_set`)
- Content you create: Characters, prompts, and other creative content. When text-based features are enabled: chat messages, campaigns, novels, D&D player sheets, and related content.
- Configuration data: Voice preferences, call settings, companion settings, Voice Bot configurations (personality, voice selection, channel assignments, scheduling)
- Companion data: Relationship preferences, memory vault entries (about_me, about_us, pinned moments), auto-cinematic preferences, and companion progression data
- Support and feedback: Messages submitted via `/feedback`, `/support`, `/suggest`, or reports
- Ko-fi email linkage: If you choose to link your Ko-fi email to your Discord account for credit delivery, we store the normalized email address associated with your Discord User ID
#### 2.3 Information Obtained via OAuth
When you log in to the AllureAI web portal, we use Discord OAuth2 with the following scopes:
- `identify`: Your Discord User ID, username, display name, and avatar
- `guilds` (when managing Voice Bots): A list of servers you belong to, including your permissions in each server. This is used solely to show you servers where you have administrator access so you can pair a Voice Bot subscription.
We do not request scopes to join servers on your behalf, or modify your Discord account.
#### 2.4 Information from Third Parties
- Discord: User profile data, server membership, and permissions (via bot gateway and OAuth2)
- Ko-fi: Transaction data, email addresses, and subscription status for users who voluntarily support AllureAI through Ko-fi
### 3. How We Use Your Information
We use collected information for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide the service: Generate AI responses, manage chat and voice sessions, apply credits, deliver support tier benefits, maintain conversation context | Performance of contract / Legitimate interest |
| Voice processing: Convert your speech to text (STT) and generate AI voice responses (TTS) during voice calls and Voice Bot sessions | Performance of contract / Consent |
| Personalization: Remember conversation context, maintain character rapport, apply your preferences | Legitimate interest |
| Prevent fraud and abuse: Detect fraudulent transactions, enforce rate limits, maintain account security | Legitimate interest |
| Improve the service: Analyze aggregated and anonymized usage patterns, debug issues, optimize performance | Legitimate interest |
| Credit delivery: Process Ko-fi webhook events and grant credits to linked accounts | Performance of contract |
| Communications: Send in-app notifications about your account, re-engagement reminders (with your consent), and service updates | Consent / Legitimate interest |
| Comply with legal obligations: Respond to legal requests, enforce our Terms of Service | Legal obligation |
### 4. Data Sharing and Third-Party Services
#### 4.2 What We Do NOT Do with Your Data
- We do not sell your personal information to any third party.
- We do not use message content obtained through Discord's APIs to train machine learning or AI models, in compliance with the Discord Developer Policy.
- We do not share your data with advertising networks, data brokers, or monetization-related services.
- We do not commercialize or license Discord API Data.
- We do not use your data to profile, discriminate, or make eligibility determinations for employment, housing, insurance, or similar purposes.
#### 4.3 Limited Sharing
We may share information only in these circumstances:
- With third-party service providers listed above, solely to provide the service
- When required by applicable law, regulation, or court order
- When a user expressly directs us to share their data with a third party
- In aggregated, anonymized form for business analytics (not linked to any individual)
### 5. Voice Data Handling
Given the sensitive nature of voice data, we want to be especially transparent:
#### 5.1 How Voice Works
- Speech-to-Text (STT): When you speak during a voice call or Voice Bot session, your audio is processed in real-time by our STT provider. The audio is streamed, transcribed, and the transcription is used as input to the AI.
- Text-to-Speech (TTS): The AI's text response is converted to audio and played back in Discord. Temporary audio files are created for playback and deleted immediately after use.
#### 5.2 What We Store
- We do NOT permanently record or store your voice audio. Audio is processed in real-time memory buffers only.
- We do NOT retain raw transcriptions as standalone data. Transcriptions are used as ephemeral input during the conversation session.
- We DO store: Voice session metadata (duration, speaker count, usage metrics), compact conversation summaries (not full transcripts), Voice Bot configuration settings, Voice Bot session histories (for continuity and memory), companion call memory (names, preferences, topics discussed), and auto-cinematic event metadata.
#### 5.3 Third-Party Voice Processing
- Audio data sent to STT/TTS providers is subject to their respective privacy policies and data retention practices.
- Providers may temporarily process audio on their servers. We do not control their retention practices but select providers with strong privacy commitments.
### 6. Data Storage and Security
#### 6.2 Security Measures
- Data is encrypted in transit (TLS/HTTPS) and at rest where supported by our infrastructure providers
- Access to production databases and API keys is restricted to authorized operators
- OAuth tokens are stored server-side and scoped to the minimum necessary permissions
- Developer credentials (API keys, tokens) are stored securely and never exposed in client-side code
#### 6.3 Data Breaches
- In the event of a data breach that may affect your personal information, we will notify affected users and relevant authorities as required by applicable law within a reasonable timeframe.
- We will promptly remediate any breach and cooperate with Discord as required by the Developer Terms.
- We assume no liability for breaches caused by third-party providers or factors beyond our reasonable control.
### 7. Data Retention
#### 7.1 Retention Periods
- Chat and conversation data: Retained while your account is active, when text-based features are enabled. Conversation summaries, companion memory, and call memory may be retained for up to 90 days after your last interaction. We may retain limited records longer where reasonably necessary for security, fraud prevention, or legal compliance.
- Voice session metadata: Retained for up to 90 days for usage tracking and billing reconciliation. Voice Bot session data (conversation history, memory) may be retained while the bot configuration is active.
- Voice audio: Not retained. Processed in real-time only; temporary files (including auto-cinematic SFX) are deleted immediately after playback.
- Auto-cinematic media: Generated images sent during calls are retained in the Discord channel where they were posted. Generated SFX audio files are deleted immediately after playback.
- Ko-fi and transaction records: Retained for up to 7 years or as required by law for tax and accounting purposes.
- Account data: Retained while your account is active and for 30 days after account termination.
- Voice Bot configurations: Retained while the associated subscription is active and for 30 days after cancellation.
#### 7.2 Deletion
- Upon account termination or a valid deletion request, we will delete or anonymize your personal data within 30 days, except where retention is required by law, necessary for fraud prevention, billing records, or other legitimate operational purposes.
- Data already shared with third-party processors is subject to their own retention and deletion policies.
### 8. Your Rights and Controls
#### 8.1 Access and Correction
- View your profile data via `/profile_show`
- Update your profile data via `/profile_set`
- Request a copy of your data by contacting support via `/support`
#### 8.2 Deletion Requests
- Request deletion of your data via `/support`. We will process requests within 30 days, subject to legal and operational requirements.
- Note: Deletion may result in loss of credits, support benefits, and conversation history. Deleted data cannot be recovered.
#### 8.3 Opt-Out Controls
- Re-engagement messages: Opt out via `/opt_out_pings` (opt back in via `/opt_in_pings`)
- Upsell hints: Opt out via `/opt_out_upsells`
- Mature content: Disable via the web portal's mature content toggle
- Note: Opting out of communications does not affect core service functionality or data collection necessary for service operation.
#### 8.4 GDPR Rights (EEA/UK Users)
If you are located in the European Economic Area or the United Kingdom, you have the right to:
- Access your personal data
- Rectify inaccurate personal data
- Erase your personal data ("right to be forgotten")
- Restrict processing of your personal data
- Data portability — receive your data in a structured, machine-readable format
- Object to processing based on legitimate interest
- Withdraw consent at any time where processing is based on consent
To exercise these rights, contact us via `/support` in Discord. We will respond within 30 days.
#### 8.5 CCPA Rights (California Users)
If you are a California resident, you have the right to:
- Know what personal information we collect, use, and disclose
- Delete your personal information
- Opt out of the sale of personal information (we do not sell personal information)
- Non-discrimination for exercising your privacy rights
To exercise these rights, contact us via `/support` in Discord.
#### 8.6 Limitations
- Some data may be retained if required by law, for fraud prevention, or to fulfill contractual obligations (e.g., transaction records).
- Deletion requests do not affect data already shared with third-party processors, which is subject to their own retention policies.
### 9. Cookies and Web Portal
- The AllureAI web portal uses session cookies for authentication and preference cookies (e.g., mature content toggle, language selection).
- We do not use third-party tracking cookies, advertising cookies, or analytics cookies that track you across other websites.
### 10. Children's Privacy
- The general features of AllureAI are available to users aged 13 and older, consistent with Discord's Terms of Service.
- Age-restricted and mature content features require users to be 18 years of age or older.
- We do not knowingly collect personal information from children under 13 (or the minimum age required by applicable law).
- If we become aware that we have collected information from a child under the applicable minimum age, we will delete it promptly.
### 11. International Data Transfers
- Your data may be transferred to and processed in countries other than your country of residence, including the United States and other jurisdictions where our service providers operate.
- By using the service, you consent to such transfers and acknowledge that data protection laws in these jurisdictions may differ from those in your country.
- Where required by GDPR, we rely on appropriate safeguards (such as Standard Contractual Clauses) for transfers outside the EEA/UK.
### 12. Changes to This Privacy Policy
- We may update this Privacy Policy from time to time. Material changes will be communicated via Discord or our official channels.
- Continued use of the service after changes constitutes acceptance of the updated Privacy Policy.
### 13. Contact
- For privacy-related questions, data requests, or concerns, contact us via `/support` in Discord or by email at the address listed on our web portal.
---