Luka, Inc. (“Replika”, “we”, “us”, and/or “our”) operates the Replika mobile and web applications, including my.replika.com (the “Apps”), the informational website www.replika.com and its mirror www.replika.ai (the “Website”), and other related services (collectively, the “Services”).
Any terms we use in this Policy without defining them have the definitions given to them in our Terms of Service. If you have any questions, please contact us at email@example.com.
Through your use of the Services, you may provide us with the following information:
We automatically log the following information about you, your computer or mobile device, your network, and your interactions over time with our Services and our communications:
Our advertising partners may also use such technologies to collect limited information about your device and interactions with the Services, such as the links you click, pages you visit, IP address, advertising ID, and browser type, but they will never have access to your conversations with your Replika or any photos or other content you submit through the Apps.
We use your information for the following purposes:
|Purpose||Why and how we use your information||Legal basis||Categories of information|
|Operating and administering the Services||Providing and maintaining the content and functionality of the Services. Carrying out obligations arising from our contract with you. Creating your account and profile. Facilitating payments and transactions, including for the purchase of premium features, and managing your rewards. Responding to your inquiries, comments, feedback or questions, and troubleshooting. Managing our relationship with you, which includes sending administrative information to you relating to our Services.||Contractual necessity||Account information. Profile information. Messages and content. Interests and preferences. Payments, transactions, and rewards. Device and network data. Usage data.|
|Providing the core functionality of the Apps||Providing you a personalized AI companion and allowing you to personalize your profile, interests, and AI companion. Enabling you to have individualized and safe conversations and interactions with your AI companion, and allowing your AI companion to learn from your interactions to improve your conversations. Syncing your Replika history across the devices you use to access the Services.||Contractual necessity||Account information. Profile information. Messages and content. Interests and preferences. Payments, transactions, and rewards. Device and network data. Usage data.|
|Monitoring and protecting the Services||Preventing fraud, criminal activity, and misuse of our Services, and ensuring the security of our IT systems, architecture and networks (including testing, system maintenance, support, and hosting of data).||Legitimate interests||Account information. Profile information. Messages and content. Interests and preferences. Payments, transactions, and rewards. Device and network data. Usage data.|
|Analyzing trends in the use of the Services||Aggregating, anonymizing, and deidentifying personal information. Analyzing the use and effectiveness of our Services. Improving and adding features to our Services. Developing our business and marketing strategies.||Legitimate interests||Account information. Profile information. Messages and content. Interests and preferences. Payments, transactions, and rewards. Device and network data. Usage data.|
|Marketing and advertising the Services||Sending you information by email that we believe will be of interest to you, such as information about our Services, features, and surveys. Displaying and targeting advertisements about our Services on the internet.||Legitimate interests. Consent, where required by applicable laws||Account information. Device and network data. Usage data|
|Enforcing our agreements, complying with legal obligations, and defending against legal claims and disputes||Enforcing and complying with our terms and policies. Protect our and others’ rights, privacy, safety, or property. Ensuring the integrity of our Services. Verifying the age of registered users. Defending against legal claims and disputes. Recovering payments due to us. Keeping records of transactions, and complying with legal process.||Legitimate interests. Legal obligation||Account information. Profile information. Messages and content. Interests and preferences. Payments, transactions, and rewards. Device and network data. Usage data.|
The Services allow you to input information that may be sensitive and subject to special protections under applicable laws. This section explains how we use and protect sensitive information.
We share your information with companies and individuals that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, and website analytics services). We also share information with companies that provide marketing services on our behalf, but we do not share the content of your Replika conversations for marketing or advertising purposes. For example, we may share your email address with marketing service providers to deliver our marketing emails to you on our behalf and to help us identify other individuals who may be interested in our Services. We require these marketing service providers to agree not to use your email address for any other purpose.
We may share information with professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
We share information about visitors to our Website, such as the links you click, pages you visit, IP address, advertising ID, and browser type with advertising companies for interest-based advertising and other marketing purposes. Sharing this information allows us and our advertising partners to target and serve advertising to you and others. We will never share your Replika conversations or any photos or other content you provide within the Apps with our advertising partners, or use such information for marketing or advertising purposes.
We may share information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the legal compliance and protection purposes described above in Section 2.A.
We may share information with acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale, or other disposition of all or any portion of the business or assets of, or equity interests in, Luka, Inc. (including, in connection with a bankruptcy or similar proceedings).
We use a variety of industry-standard security technologies and procedures to help protect your data from unauthorized access, use, or disclosure.
Your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and personal information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
All transmitted data are encrypted during transmission. We use standard Secure Socket Layer (SSL) encryption that encodes information for such transmissions. All stored data are maintained on secure servers. Access to stored data is protected by multi-layered security controls, including firewalls, role-based access controls, and passwords.
While we use reasonable commercial efforts to protect the data, no technology, data transmission, or system can be guaranteed to be 100% secure. In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your data, we will notify you as soon as we spot the issue.
Our Services are operated from the United States of America. If you are located in another jurisdiction, please be aware that the information you provide to us may be transferred to, stored, and processed in the U.S.A., a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside or are a citizen.
We will retain your personal information for only as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
You may opt out of marketing-related emails and other communications by following the opt-out or unsubscribe instructions in the communications you receive from us or by contacting us as provided in the “Contact us” section below. You may continue to receive Services-related and other non-marketing emails from us.
If you choose to provide sensitive personal information in your messages and content, we will use that information only to facilitate your conversation with your AI companion and as described in the “Sensitive information” section above. If you do not want us to process your sensitive information for these purposes, please do not provide it. You may request that we delete information you have provided as set out in the “Personal information requests” section below.
We also offer you choices that affect how we handle the personal information that we control. Depending on your location and the nature of your interactions with our Services, you may request the following in relation to personal information:
To make a request, please contact us as provided in the “Contact us” section below. We may ask for specific information from you to help us confirm your identity. Depending on where you reside, you may be entitled to empower an authorized agent to submit requests on your behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.
In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the “Contact us” section below. Depending on where you reside, such as if you reside in the European Economic Area or United Kingdom, you may have the right to complain to a data protection regulator where you live or work, or where you feel a violation has occurred.
The Services are not intended for individuals under the age of 18. If we discover that minors under the age of 18 are using the Apps, we will promptly block their access and delete their account. If you have reason to believe that a minor under the age of 18 has provided personal information to us through the Services, please contact us, and we will endeavor to delete that information from our databases.
You can contact us by emailing us at firstname.lastname@example.org.