This policy explains how OurDreams AI ("we", "us", or "the Company") handles information when you use our mobile application ("the App"). We have written it in plain language because we genuinely want you to read it. If something here feels unclear, write to us at matevosyan.t@gmail.com and a person will reply.
This policy applies to the iOS and Android app published under bundle identifier com.ourdreamsai.chatrp.
01. Who we are
The App is operated by an independent studio of AI engineers and designers. The legal contact point for any privacy matter is matevosyan.t@gmail.com. All references to "we" in this document mean OurDreams AI.
02. The data we actually hold on you
The App does not require you to sign up. The first time you open it, our backend (Supabase) generates an anonymous identifier so we can keep your conversations and preferences in one place. Beyond that, we hold only what the App needs to function:
- Anonymous user ID — a random UUID with no link to your real identity, generated by Supabase Auth on first launch.
- Conversation history — the messages you exchange with AI characters, stored so chats can resume across sessions.
- Preferences — your selected language, the gender / style filters chosen during onboarding, your age confirmation flag, and your notification opt-in.
- Memories the AI extracts — short facts the App distils from your chats (e.g. "likes coffee", "works in design") so the conversation feels continuous. You can delete them by deleting your account.
- Push token — if you allow notifications, Firebase Cloud Messaging issues a token tied to your install of the App. We store it only to send you the notifications you opted into.
- Subscription status — whether you have an active Premium subscription, supplied by RevenueCat / Apple / Google. We never see your card details.
- Crash and diagnostic data — anonymised stack traces from Firebase Crashlytics so we can fix what breaks.
- Optional Google or Apple ID — only if you explicitly link an account from Profile, in which case we store the platform-issued user ID and the email Apple / Google passes us. Linking is opt-in and exists only to let you restore your chats on a new device.
What we never collect: your real name, your contacts, your photos, your location, your browsing history, your health data, your financial data, or anything tied to children under 17.
03. The companies we share data with, and why
The App is small and we lean on infrastructure providers for the parts we do not run ourselves. Each of them processes your data on our instructions and for the limited purpose listed below.
- Supabase — hosts our database, file storage, and authentication. All conversation history and your anonymous identifier live here. EU region. Their policy.
- DeepSeek — generates the AI characters' replies. When you send a message, we pass it (and a window of recent messages) to DeepSeek so a response can be produced. DeepSeek processes the text but does not receive your user identifier.
- RevenueCat — manages our subscription receipts and tells us if your Premium is active. Their policy.
- Firebase (Google) — sends push notifications, records crashes, and counts anonymous usage events so we can see which features people use.
- Apple App Store / Google Play — handle the actual subscription payment. We never see your card; we only learn from the receipt whether the purchase succeeded.
- Google AdMob — shows ads to non-Premium users. AdMob may collect a device identifier subject to your operating system's tracking permission. You can turn personalised ads off in your OS settings.
We do not sell your data. We do not share it with advertisers beyond the AdMob integration above, and never for any purpose outside delivering the App.
04. About your conversations with the AI
The characters you chat with are artificial. They are not real people, and the App states this clearly during onboarding and in Profile settings. The text you type is sent to DeepSeek so a reply can be generated, and it is stored on our Supabase instance so the conversation can resume later. We do not human-review your chats in normal operation. If you submit a report via the chat menu, the reported message becomes visible to a small moderation queue.
05. How long we keep things
Your anonymous identifier and your data live with us until you delete your account, at which point both vanish from Supabase within a few seconds (cascading deletion across messages, conversations, memories, favourites, push tokens, and your profile row). Crash logs and aggregate usage events from Firebase are retained for up to 14 months on Google's defaults. Subscription receipts at Apple and Google are kept under their respective policies.
06. Children
The App is rated 17+. It enforces an age gate on first launch, and we will not knowingly hold data about anyone under 17. If you believe a minor has used the App, write to matevosyan.t@gmail.com and we will remove the relevant account.
07. Your rights — wherever you are
The App is built so that the most important privacy actions are available to everyone, not just to people in jurisdictions with strong privacy laws. You can:
- See your data — most of it is already visible to you inside the App.
- Correct your data — change preferences from Profile, or rewrite memories by deleting and re-establishing chats.
- Delete your account — Profile → Delete Account. Everything goes.
- Export your data — write to us at the email above; we will reply with a JSON dump within 30 days.
- Object to processing — disable notifications in Profile, decline ad personalisation in your OS, or stop using the App.
If you are in the European Union, the United Kingdom, or Switzerland, the GDPR applies. Our legal basis is contract (delivering the App you opened), legitimate interest (running and improving it safely), and consent (push notifications and ad personalisation, which you can withdraw). You can lodge a complaint with your local supervisory authority if we have not resolved your concern.
If you are a California resident, the CCPA / CPRA applies. We do not sell your personal information and have not done so in the past 12 months. You have the right to know, delete, correct, and limit. Use the contact email to exercise any of these rights.
08. International data transfers
The App uses providers in the EU and the United States. Where data leaves your region, our providers cover the transfer under the European Commission's Standard Contractual Clauses or an equivalent mechanism.
09. Security
All traffic between the App and our servers is encrypted with TLS. Data at rest in Supabase is encrypted using their managed Postgres infrastructure. Row-Level Security policies make sure your data is unreadable to anyone other than you and our backend. We cannot promise the impossible — no online service is perfectly safe — but we treat your chats as we would treat our own.
10. Changes to this policy
If we change anything material, we will update the "Last updated" date at the top of this section and, where the change is significant, push a notice inside the App.
11. Contact
Anything privacy-related, write to matevosyan.t@gmail.com. A real person reads that inbox.