Back

Privacy Policy

Effective: January 1, 2025 Β· Last Updated: December 21, 2025

At LUKi, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI companion application and related services (collectively, the "Services").

We are committed to protecting your personal data and being transparent about what information we collect and how we use it. Please read this policy carefully to understand our practices.

Our Privacy Commitment

  • β€’ We never sell your personal data to third parties
  • β€’ Your conversations are encrypted and private
  • β€’ You have full control over your data and can delete it anytime

1. Information We Collect

Information You Provide

  • Account Information: Email address, username, and password (securely hashed)
  • Profile Data: Display name, profile picture, and preferences you choose to share
  • Conversations: Messages and interactions with LUKi (stored encrypted)
  • Memories: Information you explicitly save to your memory bank
  • Uploaded Content: Files, images, and documents you upload to the service
  • Payment Information: Processed securely by Stripe; we do not store card numbers

Information Collected Automatically

  • Device Information: Device type, operating system, and browser type
  • Usage Data: Features used, session duration, and interaction patterns
  • Log Data: IP address, access times, and referring URLs
  • Cookies: Essential cookies for authentication and preferences (see our Cookie Policy)

AI Training Disclosure: Your personal conversations and data are not used to train our AI models. Your interactions remain private and are only used to provide you with personalized responses within your own account.

2. How We Use Your Information

We use the information we collect to:

  • β€’ Provide, maintain, and improve our Services
  • β€’ Create and manage your account
  • β€’ Process transactions and send related information
  • β€’ Personalize your LUKi companion experience
  • β€’ Maintain your conversation history and memories
  • β€’ Send you technical notices, security alerts, and support messages
  • β€’ Respond to your comments, questions, and customer service requests
  • β€’ Monitor and analyze usage trends to improve user experience
  • β€’ Detect, prevent, and address technical issues and fraudulent activity
  • β€’ Comply with legal obligations

Legal Basis (GDPR): We process your data based on: (a) your consent, (b) performance of our contract with you, (c) our legitimate business interests, and (d) compliance with legal obligations.

3. How We Share Your Information

We do NOT sell your personal information.

We may share your information only in the following limited circumstances:

  • Service Providers: Trusted third parties who assist in operating our Services:
    • - Supabase (database and authentication)
    • - Stripe (payment processing)
    • - Vercel (hosting infrastructure)
    • - Together AI (AI model inference - no personal data shared)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Safety: To protect the rights, property, or safety of LUKi, our users, or others
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share information

4. Data Security & Encryption

We implement robust security measures to protect your information:

  • β€’ Encryption in Transit: All data transmitted using TLS/HTTPS encryption
  • β€’ Encryption at Rest: Sensitive data encrypted in our databases
  • β€’ Wallet-Based Encryption: Optional end-to-end encryption using your crypto wallet
  • β€’ Secure Password Storage: Passwords hashed using industry-standard algorithms
  • β€’ Access Controls: Strict authentication and authorization protocols
  • β€’ Regular Audits: Periodic security assessments and vulnerability testing

Note: While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

5. Your Privacy Rights

Depending on your location, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data ("right to be forgotten")
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing of your data for certain purposes
  • Restriction: Request limitation of processing in certain circumstances
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at privacy@luki-ai.app. We will respond within 30 days.

GDPR (EU/UK)

Full rights under General Data Protection Regulation

CCPA (California)

Right to know, delete, and opt-out of sale

6. Data Retention

We retain your information for as long as:

  • β€’ Your account is active
  • β€’ Necessary to provide you with our Services
  • β€’ Required to comply with legal obligations
  • β€’ Needed to resolve disputes or enforce agreements

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain certain information for legal, tax, or audit purposes.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States and countries in the European Economic Area. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data in accordance with this Privacy Policy.

8. Children's Privacy

LUKi is not intended for users under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children. If we learn that we have collected personal data from a child without parental consent, we will delete that information promptly. If you believe we may have collected information from a child, please contact us.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date and, where required, provide additional notice (such as via email or a prominent notice on our Services). Your continued use of our Services after changes become effective constitutes acceptance of the revised policy.

10. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@luki-ai.app

Data Protection Officer: dpo@luki-ai.app

Terms of Service β†’Cookie Policy β†’