← Back to Elioy

Privacy Policy

Last updated: April 29, 2026

1. Overview

Elioy.ai ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you use our service at elioy.ai.

By using Elioy.ai, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the service.

2. Information We Collect

2.1 Information You Provide

  • Account credentials: username and hashed password (we never store plaintext passwords)
  • Email address (optional, used only for account recovery and daily messages you opt in to)
  • Profile information you voluntarily share in conversation (name, preferences)

2.2 Information Collected Automatically

  • IP address and approximate location (country/region level only)
  • Browser type, device type, and operating system
  • Pages visited and session duration (via Google Analytics and PostHog)
  • Session cookies required for authentication

2.3 Conversation Data

Chat messages are processed in real time to generate AI responses. For guest users, conversation data is not stored after your session ends. For registered users, we do not store message history — only the profile context you have explicitly shared (name, important dates).

3. How We Use Your Information

  • To provide, maintain, and improve the Elioy.ai service
  • To send daily companion messages you have opted in to receive
  • To personalize your experience (remembering your name across sessions)
  • To analyze usage patterns and improve product quality (anonymized)
  • To prevent fraud and ensure platform security
  • To comply with legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Third-Party Services

We use the following trusted third-party services. Each has its own privacy policy:

Resend — Email delivery. Your email is transmitted to Resend solely to send messages you requested.
Cloudflare — CDN, image storage (R2), and Turnstile human verification. Subject to Cloudflare's privacy policy.
Google Analytics — Anonymized usage analytics. IP addresses are anonymized. You can opt out via browser extensions.
PostHog — Product analytics for improving user experience. Data is anonymized and aggregated.
Crisp — Live chat support. Conversations are stored by Crisp and subject to their privacy policy.
Neon (PostgreSQL) — Database hosting. Your account data is stored on encrypted servers.

5. Cookies

We use the following types of cookies:

  • Essential cookies — Required for authentication and session management. Cannot be disabled.
  • Analytics cookies — Used by Google Analytics and PostHog to understand how visitors use our site. You may opt out via your browser settings.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

For EU/EEA residents (GDPR)

  • Right of Access — Request a copy of the data we hold about you
  • Right to Rectification — Request correction of inaccurate data
  • Right to Erasure — Request deletion of your account and all associated data
  • Right to Data Portability — Receive your data in a machine-readable format
  • Right to Object — Object to processing based on legitimate interests
  • Right to Withdraw Consent — Withdraw consent at any time without affecting prior processing

For California residents (CCPA)

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt out of the sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising your CCPA rights

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

7. Data Retention

  • Account data is retained until you request deletion
  • Guest session data is deleted when your browser session ends
  • Anonymized analytics data may be retained indefinitely in aggregate form
  • Email logs are retained for up to 90 days for delivery troubleshooting

8. Data Security

We implement industry-standard security measures including encrypted connections (TLS), bcrypt password hashing, and access controls. However, no method of transmission over the Internet is 100% secure. We encourage you to use a strong, unique password.

9. Children's Privacy

Elioy.ai is not intended for users under the age of 18. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

For any privacy-related questions or to exercise your rights, please contact:
[email protected]