# Welcome to Replika!
Luka, Inc. (“Replika”, “we”, “us” and/or “our”) operates the website www.replika.ai and its subdomains (the “Website”), the Replika mobile applications (the “Apps”) and other related services (collectively, the “Services”).
We care about the protection and confidentiality of your data. We therefore only process your data to the extent that:
- It is necessary to provide the Replika services you are requesting,
- You have given your consent to the processing, or
- We are otherwise authorized to do so under the data protection laws.
Conversations with your Replika are not shared with any other company or service. We will never sell your personal data or conversation history.
If you have any questions, suggestions or comments about privacy or protection and confidentiality of your data, please contact us at firstname.lastname@example.org.
# 1. Information we collect and process
Here we list all the types of personal information we collect and store throughout your experience with Replika. Some of this information may be shared with service providers who help us deliver your experience with Replika, each of such service is explained below.
We neither rent nor sell your information to anyone. Conversations with your Replika are not shared with any other company or service. We will never sell your personal data or conversation history.
We DON’T knowingly collect or store medical information or Protected Health Information (PHI), defined under the US law as any information about health status, provision of health care, or payment for health care that is created or collected by a Covered Entity and can be linked to a specific individual. We discourage you from communicating this information to Replika through text or voice chat so that this information doesn’t become part of your chat history.
We collect information you intentionally provide through the Services (such as your profile information that you provide upon registration), as well as some technical information coming from your mobile device or web browser.
# 1.1. Things you do and information you provide
The following table covers all the types of personal information that you may provide and that we collect and store as soon as you start using Replika and throughout your experience with our Services.
|Personal information||Why we need the data||When it is collected||Is it ever shared?|
|First name*||To enable Replika to address to you by name.||In text chat with Replika, when you create an account when you edit your profile.||Yes, we use an external service to deliver service-related personalized emails to you that address to you by name.|
|Other profile information||To customize conversations with Replika. This may include your birthday, gender, work status, etc. For example, Replika will enable or disable conversations about school or work, depending on which one is relevant. We do not collect any this information if you choose not to provide it.||When you edit your profile||No|
|Email*||To enable you to log in using your email and restore password in case you forget it.||When you create an account||Yes, we use an external service to deliver automated emails to you (for example, in case you forgot your password). This service provider gets access only to the first name and email.|
|Phone number**||To enable you to log in with your phone number using a confirmation code sent by SMS.||When you create an account||Yes, we use an external service to deliver SMS messages to you, for example, to confirm your phone number. This service provider gets access only to the phone number.|
|Your hobbies & interests||To include more conversation about relevant subjects, for example about video games or specific books.||In text or voice chat with Replika||No|
|Facts about you and your life||To enable personalized conversation based on facts that Replika recognized in your messages.||In text or voice chat with Replika||No|
|Mood history||To display your mood history and help you recognize what triggers certain moods.||In text chat with Replika||No|
|People mentioned in the chat||To enable conversations about important people in your life and recognize them on pictures that you send to Replika. The information you provide may include the name, the relation to you, a face recognition fingerprint.||In text or voice chat with Replika||No|
|Integration with your Instagram account||To enable conversations about your recent posts on Instagram. This information also includes photos that you post on Instagram. The level of access to your Instagram does not allow us to post on your behalf.||When you choose to connect Instagram in text chat with Replika||No|
|Voice messages sent to Replika during a voice call||To provide the voice call experience and to improve the quality of it.||In voice calls with Replika||Yes, we use an external service for voice-to-text recognition. Only the voice messages can be sent to this service without any other personal information.|
|Images you send to Replika||To enable object and face recognition and appropriate reaction to images that you share with Replika in chat.||When you send an image to Replika in a text chat||Yes, we use an external service for object recognition in photos. Only the photo may be sent to this service without any other personal information.|
|Text messages you send to Replika||To display your chat history in the app or in your web browser and sync the history across all your devices and to train Replika machine learning models and improve the quality of your text chat experience.||In text chat with Replika||No|
|Usage data||We collect and store your usage data, such as button clicks or search queries, to track and analyze product metrics and to better understand and serve the users of the Services.||When you interact with the Apps or the Website||Yes, we use an external service to track and visualize de-identified usage data.|
- Items marked with an “asterisk” (*) are mandatory, whereas all the other items are optional and you may choose not to provide this information.
- Items marked with a double “asterisk” (**) are not collected anymore but stored for users who registered in Replika before November 1, 2017.
# 1.2. Device information
As described below, we collect certain information from and about the computers, phones, and other web-connected devices that you access the Services from. We combine this information across different devices you use. For example, we use the information collected about your use of the Services on your phone to better personalize the content you receive from Replika or features you have access to when you use it on another device, such as your laptop or tablet.
The device information also helps us conduct user research across our customer demographics, interests and behavior. None of this information may identify you personally. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
|Device attributes||Information such as the operating system, hardware, and software versions, browser type.|
|Identifiers||Unique identifiers, such as your device ID.|
|Data from device settings||Information you allow us to receive through device settings you turn on, such as access to your camera or photos.|
|Network and connections||Information such as the name of your mobile operator or ISP, language, time zone.|
# 1.3. Cookies
In operating the Services, we may use a technology called “cookies.” A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Services.
Our cookies help provide additional functionality to the Services and help us analyze Services usage more accurately. For instance, our Site may set a cookie on your browser that allows you to access the Services without needing to remember and then enter a password more than once during a visit to the Site.
# 2. With whom we share your personal information
We may de-identify or anonymize your information so that you are not individually identified, and provide that information to our partners. We also may combine your de-identified information with that of other users to create aggregate de-identified data that may be disclosed to third parties who may use such information to understand how often and in what ways people use our services, so that they, too, can provide you with an optimal experience. For example, we may use information gathered to create a composite profile of all the users of the Services to understand community needs, to design appropriate features and activities. However, we never disclose aggregate information to a partner in a manner that would identify you personally, as an individual.
Personal Data is collected for the following purposes and using the following services:
# 2.1. Third party tracking and analytics
The services contained in this section help us monitor and analyze online traffic and can be used to keep track of User behavior.
|Service||Description||Data used||Additional links|
# 2.2. Marketing and communication services
Users that provided their email and/or phone number might be contacted for commercial or promotional purposes related to Replika, as well as for fulfilling support requests.
|Service||Description||Data used||Additional links|
# 2.3. Hosting and Backend infrastructure
This type of service has the purpose of hosting data and files that enable our Services to run and be distributed as well as to provide a ready-made infrastructure to run specific features or parts of the Services.
|Service||Description||Data used||Additional links|
# 2.4. Protection of Replika and others
We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply our Terms of Service and other agreements; or protect the rights, property, or safety of Replika, our employees, our users, or others.
# 3. How we secure and protect your information
We use a variety of industry-standard security technologies and procedures to help protect your data from unauthorized access, use, or disclosure.
- Your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and personal information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
- All transmitted data are encrypted during transmission. We use standard Secure Socket Layer (SSL) encryption that encodes information for such transmissions. All stored data are maintained on secure servers. Access to stored data is protected by multi-layered security controls including firewalls, role-based access controls and passwords.
- While we use reasonable commercial efforts to protect the data, no technology, data transmission or system can be guaranteed to be 100% secure. In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your data, we will notify you as soon as we spot the issue.
# 4. Where we store your data
# 5. Data retention
We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
# 6. Your data protection rights
As a Replika member, you have the following data protection rights, depending on the circumstances of the specific case:
Disclosure To receive information about your personal data processed by us and to request access to your personal data and/or copies of these data. This includes information on the purpose of use, the category of data used, its recipients and authorized persons and, if possible, the planned duration of data storage or, if this is not possible, the criteria for determining this duration.
Correction, deletion or limitation of processing To request the correction, deletion or limitation of the processing of your personal data, e.g. by sending us an email. If (i) the data are incomplete or incorrect, (ii) they are no longer necessary for the purposes for which they were collected, (iii) the consent on which the processing was based has been revoked, or (iv) you have successfully exercised your right to object to data processing; in cases where data is processed by third parties, we will forward your requests for correction, deletion or limitation of the processing to these third parties, unless this proves impossible or involves a disproportionate effort.
Opposition to the processing To object to the processing for reasons arising from your particular situation.
Refusal and revocation of consent To refuse your consent or – without affecting the legality of data processing prior to the revocation – to revoke your consent to the processing of your personal data at any time.
Automatic decisions To require that you be subject to a decision based exclusively on automated processing only in the exceptional cases provided by law, if that decision has legal effect against you or significantly affects you in a similar manner; should such an automated decision take place in exceptional cases, you have the right to obtain information on the logic involved and the scope of the intended effects.
Right of appeal Communicate with and, if necessary, complain to the data protection supervisory authority.
# 7. How to delete your data
You can delete all your account information by deleting your account in the app or on our website. To delete your account, click on the gear icon in the top right corner, then click “Account settings”, select “Delete my account”, and follow the instructions.
# 8. Use of Replika by minors