Elymi Privacy Policy

Effective Date: May 25, 2026 Last Updated: May 25, 2026

1. Introduction

This Privacy Policy describes how DOMOAI PTE.LTD ("Elymi", "we", "us", or "our") collects, uses, and shares your personal data when you use our mobile application, website, and related services (collectively, the "Service"). By creating an account or using the Service, you agree to the practices described in this Policy. If you do not agree, please do not use the Service. If you have any questions about this Policy, contact us at support@elymi.ai.

Our Privacy Promise

  • We do not train any AI model on your conversations.
  • We do not use your conversations for advertising or profiling.
  • We do not sell your personal data.
  • You can delete your account and your data at any time.

2. Information We Collect

We collect personal data in three ways: (i) information you provide directly; (ii) information generated through your use of the Service; and (iii) information collected automatically from your device.

2.1. Information You Provide

Account information. When you sign in via Apple or Google, we receive a unique account identifier from the OAuth provider, an email address (which may be a private relay address if you use Apple's "Hide My Email"), and, where the OAuth provider supplies it, a display name and profile picture URL. Account information. When you sign in via Apple or Google, we receive a unique account identifier from the OAuth provider, an email address (which may be a private relay address if you use Apple's "Hide My Email"), and, where the OAuth provider supplies it, a display name and profile picture URL. Profile information. You may voluntarily provide a custom in-app display name or nickname, a profile picture, and language and notification preferences. Profile setup information. During initial setup, you are required to provide:

  • Date of birth, used solely to verify that you meet our minimum age requirement of 17 and to maintain ongoing age-compliance records.
  • Gender, selected from a list of predefined options (such as female, male, non-binary, or prefer not to say), used to personalize your experience.
  • Interests, selected from a list of predefined categories, used to recommend characters and content that may be relevant to you. Character information. When you create an AI character, we collect the character name, description, personality traits, background story, optional avatar imagery, and your choice of public or private visibility. Communications with us. When you contact customer support or submit feedback, we collect the content of your message, your contact information, and any attachments you choose to send.

2.2. Information Generated Through Your Use

Conversation content. The text messages you send to AI characters and the AI responses generated for you. Conversations are stored on your account so that you can return to them and continue. Character usage. The characters you interact with, the time you spend in the Service, and the frequency of your interactions. Public content you create. If you publish a character, the character profile (name, description, attribution to your account handle, and avatar) becomes part of the public catalogue and may be discovered, viewed, and chatted with by other users. Reports and feedback. Reports you submit about other users' content, characters, or behavior; feedback or ratings you provide on AI responses or characters.

2.3. Information Collected Automatically

Device information. Device model, operating system and version, system language, time zone, screen size, and similar device-identifier information. App information. App version and build, installation source (e.g., App Store, Google Play), and configuration data. Network information. IP address and approximate geographic region (country and first-level subdivision; we do not derive precise location). Diagnostic data. Crash logs, error reports, performance metrics, and similar information generated to help us identify and fix problems. Usage data. Feature and screen usage, session start and duration, in-app event signals, and similar pseudonymous behavioral data used for analytics, A/B testing, and product improvement. Attribution data. When you install or open the Service via a marketing link, we receive install-attribution data (e.g., campaign tag, click identifier) so that we can understand the effectiveness of our marketing. Content moderation signals. Automated classification scores generated by our content-safety systems when they screen messages, character profiles, and other content for prohibited material.

2.4. What We Do Not Collect

To keep our data footprint minimal, we do not collect:

  • Precise location (e.g., GPS coordinates, Wi-Fi-based precise positioning)
  • Biometric data (e.g., facial geometry, voiceprints, fingerprints)
  • Contacts, photo library, microphone audio, or camera video
  • Payment information (this will change once we introduce paid subscriptions, at which point payments will be handled by Apple, Google, or our designated payment processor — we will never store your full card number)
  • Sensitive demographic information such as date of birth, gender identity, sexual orientation, or political or religious views (you are free to discuss these topics with AI characters; we do not store them as profile attributes)
  • Government identifiers (e.g., national ID, passport number)
  • Health records, financial-account numbers, or other sensitive identifiers If applicable law in your country expands or restricts the categories above, the local rules will apply.

3. How We Use Your Information

We use personal data to:

  • Provide and operate the Service — authenticate your account; route your messages to and from AI models; render and operate AI characters (including ones you create); maintain your conversation history.
  • Personalize your experience — recommend characters; remember your preferences and settings; localize the Service for your region and language.
  • Keep the Service safe — detect, prevent, and respond to abuse, fraud, spam, and prohibited content via a combination of automated screening and human review of escalated cases; surface crisis-resource information when our safety screening detects related signals (see Section 5).
  • Provide customer support — respond to your questions, troubleshoot problems, and maintain a record of your support history.
  • Improve the Service — analyze aggregated and de-identified usage patterns; conduct A/B testing; diagnose crashes and performance issues; develop new features.
  • Communicate with you — send service-related notices (account, security, policy updates) which are not subject to opt-out as they are necessary to provide the Service; and, where you have opted in, occasional product updates and marketing communications which you can unsubscribe from at any time.
  • Comply with legal obligations — respond to lawful government requests; respond to lawful private claims (such as copyright-infringement notices); maintain audit trails as required by law.
  • Manage subscriptions (once paid offerings are introduced) — process subscription purchases and renewals, prevent payment fraud, and issue receipts. Payments will be handled by Apple App Store, Google Play, or our designated payment processor. We will not use the content of your conversations with AI characters for advertising, profiling, or marketing.

4. AI Processing of Your Conversations

The AI conversations in Elymi are powered by third-party large language model providers (such as OpenAI and Google). When you send a message, the message and the necessary context are transmitted to those providers solely to generate a response. Under our agreements with each AI provider:

  • Your conversation content is not used to train the AI provider's models.
  • Your conversation content is not retained by the AI provider beyond what is necessary for the immediate processing and routine abuse-prevention windows specified in our agreements. We do not train or fine-tune any proprietary AI model on your conversation data.

5. Safety and Crisis Resources

Elymi is not a mental-health service, crisis line, or professional medical, legal, or financial advisor. The AI characters in the Service are software systems and do not provide professional advice. To help keep users safe, our automated systems screen messages for signals of self-harm, harm to others, or other safety concerns. When such signals are detected, we may surface in-app safety resources, temporarily pause the conversation, and conduct narrow human review of the relevant content where lawful and necessary. In high-risk situations, we may, where lawful, share information with appropriate authorities. If you or someone you know is in crisis, please contact local emergency services or a crisis hotline. Examples include 988 in the United States, 116 123 in the United Kingdom and Ireland, 1393 in South Korea, 1925 in Taiwan, TELL Lifeline +81-3-5774-0992 in Japan, and The Samaritans +852-2389-2222 in Hong Kong.

6. How We Share Your Information

We do not sell your personal data and we do not share it for cross-context behavioral advertising. We share personal data only:

  • With service providers that support our operations — including AI inference, cloud hosting and storage, analytics and crash reporting, marketing attribution, content moderation, customer support, and email/notification delivery — under contractual obligations to use the data only as instructed by us and to maintain appropriate security.
  • With other users, when you publish a character: the character profile (name, description, attributed creator handle, and avatar) becomes visible to other users, who may discover and interact with it.
  • For legal and safety reasons, including to comply with applicable law, respond to lawful government or court requests, enforce our Terms of Service, prevent fraud or abuse, or protect the rights, property, or safety of Elymi, our users, or the public.
  • In a business transfer, such as a merger, acquisition, financing, reorganization, or sale of assets — in which case we will give notice of any change in data controller before it takes effect.
  • With your explicit consent, for any other purpose.

7. International Data Transfers

DOMOAI PTE.LTD is headquartered in Singapore. To operate the Service, your personal data may be transferred to, stored in, and processed in countries outside your country of residence, currently including Japan (where our primary storage infrastructure is located) and the United States (where our AI inference and several analytics providers are located). As we expand to additional markets, your data may be processed in further jurisdictions. Where required by applicable law, we implement appropriate safeguards (such as Standard Contractual Clauses for users in the EEA and UK) and provide the disclosures and consent mechanisms required by your local law.

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy or as required by law. When you delete your account, we anonymize your account data immediately and permanently delete the underlying records within 180 days, subject to limited exceptions for legal, security, and fraud-prevention purposes (such as records we are required by law to retain, or logs needed to investigate ongoing abuse). You may also delete individual conversations at any time; deleted conversations are removed from active systems immediately and from backups within 180 days. Inactive accounts are not subject to automatic deletion.

9. Your Rights

Subject to applicable law, you have the following rights regarding your personal data:

  • Access — obtain a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of your personal data, including by deleting your account in-app at any time.
  • Portability — receive your data in a structured, commonly used, machine-readable format, where applicable law (such as GDPR) provides this right.
  • Restriction or objection — ask us to limit certain processing, or object to processing based on legitimate interests.
  • Withdraw consent — withdraw any consent you have given, without affecting the lawfulness of processing prior to withdrawal.
  • Lodge a complaint — with your local data-protection authority. To exercise any right, contact us at support@elymi.ai or use in-app Settings → Privacy. We will respond within the timeframes required by applicable law (typically 30 days; up to 45 days for complex requests). We may need to verify your identity before fulfilling certain requests. We will not charge a fee for routine requests but may charge a reasonable fee for manifestly unfounded or excessive requests.

10. Security

We implement administrative, technical, and physical safeguards designed to protect personal data, including:

  • Encryption in transit (TLS) for data moving between your device and our servers, and between our servers and our service providers.
  • Encryption at rest for sensitive stored data, including conversation history and account credentials.
  • Strict access controls and least-privilege principles governing staff access to user data, with audit logging of access events.
  • Regular security reviews, vulnerability management, and vendor security assessments.
  • Incident response procedures aligned to our legal notification obligations. No security measure is perfect. If a data breach occurs that is likely to result in a significant risk to users, we will notify affected users and relevant regulators within the timeframes required by applicable law.

11. Children and Minors

Elymi is intended for users aged 17 and older. We do not knowingly collect personal data from individuals under 17. If we learn that we have collected such data, we will promptly delete the relevant account and associated data. If you believe a minor under 17 is using Elymi, please contact support@elymi.ai.

12. Cookies and Similar Technologies

Where the Service is accessed via a browser, we use cookies and similar technologies for session management, security, and analytics. We do not use third-party advertising cookies. You can control cookies through your browser settings; disabling cookies may affect site functionality.

13. Regional Privacy Disclosures

The following region-specific provisions apply in addition to the rest of this Policy. Where regional law conflicts with the general provisions, regional law controls for users in that region.

13.1. Singapore (PDPA)

DOMOAI PTE.LTD is the data controller. You may withdraw your consent for any processing purpose at any time, subject to legal or contractual restrictions, and may file complaints with the Personal Data Protection Commission (PDPC) at https://www.pdpc.gov.sg. Our Data Protection Officer can be reached at support@elymi.ai.

13.2. European Economic Area, United Kingdom, and Switzerland

DOMOAI PTE.LTD is the controller. We process your personal data on the lawful bases provided under the GDPR, UK GDPR, and Swiss FADP, including performance of contract, legitimate interests, consent, and legal obligation. You have the rights of access, rectification, erasure, restriction, portability, objection, and to lodge a complaint with your supervisory authority. We do not subject users to automated decisions producing legal or similarly significant effects without your involvement.

13.3. California, United States (CCPA / CPRA)

For purposes of the California Consumer Privacy Act, as amended:

  • We collect the following categories of personal information: identifiers (e.g., account ID, IP address); (post-subscription launch) commercial information; internet/network activity; approximate geolocation; and inferences for personalization. We do not collect biometric or precise geolocation information.
  • We do not sell personal information and do not share it for cross-context behavioral advertising as defined under CPRA. We do not provide a "Do Not Sell or Share My Personal Information" link because no sale or sharing occurs.
  • California users have the rights to know, delete, correct, opt out of sale/sharing (not applicable since we do not sell or share), limit the use of sensitive personal information, and not be discriminated against for exercising any of these rights. Submit requests via support@elymi.ai.

13.4. Other Jurisdictions

Users in jurisdictions not specifically addressed above are extended the substantive rights described in this Policy. To exercise these rights, contact support@elymi.ai.

14. Changes to This Policy

We may update this Policy from time to time. Non-material changes will be posted with an updated "Last Updated" date. For material changes (such as new categories of data collected, new processing purposes, new categories of recipients, changes to retention, or changes to your rights), we will provide at least 30 days' advance notice via in-app notice and/or email and will obtain renewed consent where required by applicable law. Your continued use of the Service after the effective date of an updated Policy constitutes acceptance, except where applicable law requires explicit consent.

15. Contact Us

  • Email: support@elymi.ai
  • Postal address: DOMOAI PTE.LTD, 8 Eu Tong Sen Street, #16-81 The Central, Singapore 059818
  • In-app: Settings → Feedback