Privacy Policy

    Effective Date: January 1, 2025

    Last Updated: January 1, 2025

    1. Introduction

    Welcome to inRole AI ("we," "us," "our," or "Service"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our AI character interaction platform.

    By accessing or using inRole AI, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our Service.

    2. Information We Collect

    2.1 Information You Provide

    • Account Information: Email address, username, and authentication data (OAuth tokens from Google, Apple, TikTok)
    • Profile Data: Optional profile information you choose to provide
    • Communications: Messages and interactions with AI characters
    • Payment Information: Processed securely through third-party payment processors (we do not store full credit card details)

    2.2 Automatically Collected Information

    • Usage Data: IP address, device type, browser type, operating system
    • Session Data: Login times, feature usage, interaction patterns
    • Technical Data: Device identifiers, connection information
    • Cookies: Session cookies, preference cookies, analytics cookies, advertising cookies (Google AdSense)

    2.3 Third-Party Data

    • OAuth Providers: Basic profile information from Google, Apple, TikTok (name, email, profile picture) when you choose to sign in through these services

    3. How We Use Your Information

    We use collected information for:

    • Service Delivery: Providing, maintaining, and improving inRole AI features
    • Account Management: Creating and managing your account, authentication
    • Personalization: Customizing your experience and AI character interactions
    • Communication: Sending service updates, security alerts, support responses
    • Analytics: Understanding usage patterns to improve our Service
    • Security: Detecting fraud, abuse, and security threats
    • Legal Compliance: Meeting legal obligations and enforcing our terms

    4. Legal Basis for Processing (GDPR)

    For users in the European Economic Area (EEA), UK, and Switzerland, we process your data based on:

    • Consent: You have given explicit consent for specific purposes
    • Contract: Processing is necessary to provide the Service you requested
    • Legal Obligation: We must process data to comply with legal requirements
    • Legitimate Interests: Processing is necessary for our legitimate business interests (fraud prevention, security, service improvement)

    5. Data Sharing and Disclosure

    We do NOT sell your personal information. We may share data with:

    5.1 Service Providers

    • Cloud hosting providers (server infrastructure)
    • Payment processors (secure transaction handling)
    • Analytics services (usage analysis, service improvement)
    • Email service providers (transactional emails only)
    • Advertising partners (Google AdSense for ad delivery)

    All third-party providers are contractually obligated to protect your data.

    Important for AI Services: When you interact with AI characters, your messages are processed by our AI service providers. We recommend reviewing their privacy policies:

    5.2 Legal Requirements

    We may disclose information when required by law, court order, or to:

    • Comply with legal processes
    • Protect our rights and property
    • Prevent fraud or security threats
    • Protect user safety

    5.3 Business Transfers

    In case of merger, acquisition, or sale of assets, your information may be transferred (users will be notified).

    6. Data Retention

    • Active Accounts: Data retained while your account is active
    • Deleted Accounts: Data deleted within 90 days of account deletion request
    • Legal Requirements: Some data may be retained longer for legal compliance
    • Backups: Backup copies deleted within 180 days

    7. Your Privacy Rights

    7.1 All Users

    • Access: Request a copy of your personal data
    • Correction: Update or correct inaccurate information
    • Deletion: Request deletion of your account and data
    • Export: Download your data in portable format
    • Opt-Out: Unsubscribe from marketing communications

    7.2 Additional Rights (GDPR - EEA/UK/Switzerland)

    • Right to Restriction: Limit how we use your data
    • Right to Object: Object to data processing for legitimate interests
    • Right to Portability: Receive your data in machine-readable format
    • Right to Withdraw Consent: Withdraw consent at any time
    • Right to Lodge Complaint: File complaint with data protection authority

    7.3 Additional Rights (CCPA - California)

    • Right to Know: Categories and specific pieces of data collected
    • Right to Delete: Request deletion of personal information
    • Right to Opt-Out: Opt-out of data "sale" (we don't sell data)
    • Right to Non-Discrimination: Equal service regardless of privacy choices

    To exercise your rights: Contact us at privacy@inrole.ai

    8. Data Security

    We implement industry-standard security measures:

    • Encryption: Data encrypted in transit (TLS/SSL) and at rest
    • Access Controls: Limited employee access to personal data
    • Authentication: Secure OAuth 2.0 authentication
    • Monitoring: Regular security audits and monitoring
    • Incident Response: Procedures for data breach notification

    Important: No system is 100% secure. We cannot guarantee absolute security but continuously work to protect your data.

    9. International Data Transfers

    inRole AI operates globally. Your data may be transferred to and processed in countries outside your residence. We ensure adequate protection through:

    • Standard Contractual Clauses (SCCs) for EEA transfers
    • Privacy Shield frameworks where applicable
    • Data processing agreements with all processors

    10. Children's Privacy

    inRole AI is NOT intended for users under 18 years old. We do not knowingly collect data from children. If we discover data from a minor, we will delete it immediately.

    Parents who believe we collected their child's data should contact us at privacy@inrole.ai.

    11. Cookies and Tracking

    11.1 Types of Cookies

    • Essential Cookies: Required for service functionality (authentication, session)
    • Preference Cookies: Remember your settings and preferences
    • Analytics Cookies: Help us understand usage and improve Service

    11.2 Cookie Management

    You can control cookies through browser settings. Disabling essential cookies may limit functionality.

    11.3 Third-Party Advertising

    Google AdSense: We use Google AdSense to display advertisements. Google may use cookies and web beacons to serve ads based on your prior visits to our website or other websites.

    • Google's use of advertising cookies enables it and its partners to serve ads based on your visit to our site and/or other sites on the Internet
    • You may opt out of personalized advertising by visiting Google Ads Settings
    • You can also opt out of third-party vendor cookies by visiting aboutads.info

    For more information about Google's privacy practices, visit Google's Privacy & Terms.

    12. AI Character Interactions

    Important Disclaimer: AI-generated content may contain inaccuracies or offensive material. We provide the AI service "as is" and are not responsible for any user or AI-generated content. Users should verify important information from reliable sources.

    12.1 Conversation Data

    • AI character conversations are processed to provide the Service
    • Conversations may be analyzed for quality improvement and safety
    • We do not share individual conversations with third parties (except as required by law)

    12.2 Content Moderation

    • Automated systems monitor for prohibited content (illegal activity, abuse, harmful content)
    • Flagged content may be reviewed by human moderators
    • Violations may result in account suspension or termination

    13. Third-Party Links

    Our Service may contain links to third-party websites. We are not responsible for their privacy practices. Review their privacy policies before providing information.

    14. Changes to This Policy

    We may update this Privacy Policy periodically. Changes will be posted with a new "Last Updated" date. Material changes will be communicated via:

    • Email notification to registered users
    • Prominent notice on our website

    Continued use after changes constitutes acceptance.

    15. Contact Us

    For questions, concerns, or to exercise your privacy rights:

    For questions about this policy or your data: privacy@inrole.ai

    Response Time: We respond to requests within 30 days (GDPR) or 45 days (CCPA).

    16. Jurisdiction-Specific Information

    16.1 European Users (GDPR)

    • Data Controller: inRole AI
    • Supervisory Authority: Contact your local data protection authority

    16.2 California Users (CCPA)

    • Categories of Data Collected: See Section 2
    • Business Purpose: See Section 3
    • Data Sharing: See Section 5
    • Sale of Data: We do NOT sell personal information

    16.3 Other Regions

    We comply with applicable privacy laws in all jurisdictions where we operate.

    17. Data Processing Agreement

    For enterprise customers or partners requiring a Data Processing Agreement (DPA), contact privacy@inrole.ai.

    By using inRole AI, you acknowledge that you have read and understood this Privacy Policy.

    This Privacy Policy is provided in English. Translations may be available but the English version governs in case of conflicts.