Privacy Policy
This policy explains what personal data Chommie collects, why, who we share it with, and the rights you have over it. It is written to meet the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
Chommie is operated by Digital Platforms Ltd, a company registered in England and Wales (company number 17087275), registered office at 3rd Floor, 86–90 Paul Street, London, EC2A 4NE, United Kingdom.
For any privacy question or to exercise your rights, email us at [email protected].
2. The data we collect
We collect only what we need to run the service. Specifically:
- Account data — the email address you sign in with, and the one-time codes we send to verify it.
- Device data — your device's push notification token, the app version, and basic device metadata (platform, model, OS version) used to deliver notifications and diagnose crashes.
- Conversation content — what you say to Chommie and what Chommie says back. Voice is transcribed to text in real time by our speech-to-text provider; the text of the exchange is what we store. Audio is not retained beyond the live session.
- Memory (“particle”) data — short prose snapshots that Chommie writes about you after meaningful exchanges, plus a daily synthesised “dream” pass over recent days. These include a visible portion you can read and edit in the app, and a smaller private portion that Chommie uses to inform its responses but does not surface in the UI. Both are personal data and both are returned in full on a data access request.
- Tool-call metadata — when Chommie uses tools on your behalf (reminders, web searches, scheduled nudges), we keep a record of what was called and when.
- Purchase data — when you buy a minute pack, we record the product purchased, the amount of talk-time granted, and the time of purchase, so we can credit your balance. Payment-card details are handled entirely by Google Play and are never seen by us.
- Operational logs — server-side records of API calls (status, duration, truncated request/response previews) and client-side diagnostic logs uploaded from the app for debugging.
On-device access you grant. With your permission, the app can read your calendar (to see upcoming events and add new ones), read incoming notifications from messaging apps (so Chommie can send a reply you dictate), and look up a contact when you ask to call or message someone. This processing happens on your device for that action only — we do not upload your calendar, your notifications, or your contacts list to our servers.
We do not collect your location, photos, or files, and we do not collect any health, financial (beyond the purchase data above), or other special-category data unless you choose to mention it in conversation. Anything you say to Chommie ends up in conversation content as above.
3. How we use your data, and our lawful basis
- To provide the service (run conversations, store your memory, deliver notifications) — lawful basis: performance of a contract with you.
- To verify your identity at sign-in (email + one-time code) — lawful basis: performance of a contract.
- To run and debug the platform (operational logs, crash diagnostics, capacity planning) — lawful basis: legitimate interest in keeping the service working.
- To improve safety (gate notifications, block abusive content) — lawful basis: legitimate interest in user safety.
We do not train our own models on your data, we do not sell it, and we do not show you advertising. Everything Chommie generates — your conversations, and the background work that maintains its memory of you (the nightly “dream”, ongoing reflection, and the scheduled “nudge” notifications) — runs on OpenAI, which does not train its models on data sent through its API. See section 4.
4. Who we share data with (subprocessors)
Chommie is a small operation built on third-party infrastructure. The processors below receive specific data needed to do their job, under data processing agreements:
- Cloudflare Workers — hosting and routing the API. Receives all API traffic.
- Neon (Postgres) — primary database, EU region. Holds account, conversation, and memory data.
- OpenAI — the large language model behind everything Chommie generates: conversation replies, and the background memory work (the nightly “dream”, reflection, and scheduled “nudge” notifications). Receives conversation content and your memory snapshot. OpenAI does not train its models on data sent through its API.
- Deepgram — speech-to-text and text-to-speech. Receives audio you speak and returns transcripts; receives text we want spoken and returns audio.
- LiveKit Cloud — realtime voice transport. Receives the live audio stream during voice sessions.
- Tavily — web search. Receives only the search query when Chommie searches the web on your behalf.
- Firebase Cloud Messaging (Google) — push notifications. Receives your device token and the contents of notifications we send.
- Upstash QStash — scheduled-task delivery. Holds task identifiers and fire times.
- Resend — transactional email (sign-in codes). Receives your email address and the code.
- RevenueCat — in-app purchase management for the minute packs. Receives purchase events and a pseudonymous app user identifier. We do not send it conversation or memory data.
Some processors are based outside the UK and EU (the US-based OpenAI, Deepgram, Tavily, RevenueCat, and Google FCM). Transfers rely on standard contractual clauses, UK addendums, and the processor's own data protection commitments. If you would like a copy of the relevant safeguards, email [email protected].
5. How long we keep your data
- Account and memory data: for as long as your account is active.
- Conversation content: the recent window is kept indefinitely (so Chommie can pick up where you left off); older conversations are condensed into the “dream” archive and the raw text rolled off.
- Operational logs: up to 90 days, then deleted.
- One-time sign-in codes: a few minutes, then deleted.
When you delete your account (see below) we erase your personal data from our primary database. Backups containing your data are overwritten within 30 days.
6. Your rights
Under the UK GDPR you have the right to:
- Access the personal data we hold about you.
- Correct it if it is wrong.
- Erase it (the “right to be forgotten”).
- Restrict or object to how we use it.
- Receive a portable copy of it.
- Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk).
7. Deleting your data
You can request deletion of your account and all associated data in either of two ways:
- In the app — open Settings and use the delete account option (where available in your build).
- By email — write to [email protected] from the email address on your account.
We action deletion requests within 30 days as required by the UK GDPR. The deletion covers account data, conversation history, memory (visible and private), tool-call records, and device push tokens. Operational logs are anonymised on the same timeline.
8. Security
Communication between the app and our servers is encrypted in transit (TLS). Data at rest is encrypted by our database and object-storage providers. Authentication uses one-time codes rather than reusable passwords. Internal admin access requires a separate authenticated session and is logged.
No system is perfectly secure. If you become aware of a vulnerability, please email [email protected] so we can address it.
9. Children
Chommie is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
10. Cookies on this website
This public website (chommie.io) does not set cookies for tracking or advertising. A first-party session cookie is set on the internal admin area only, which is not accessible to ordinary users.
11. Changes to this policy
We may update this policy when the service changes. Material changes will be communicated in-app and by email to active users. The “Last updated” date at the top reflects the most recent revision.
12. Contact
Data controller: Digital Platforms Ltd, 3rd Floor, 86–90 Paul Street, London, EC2A 4NE, United Kingdom.
Privacy contact: [email protected].