Privacy Policy

We collect the following types of information:

• Account information: Your name and email address when you register.
• Questionnaire answers: The personal responses you provide when creating an Echo. These form the basis of your digital consciousness profile.
• Conversation data: Messages exchanged with your Echo, stored to build memory and improve your experience.
• Payment information: Billing details processed securely by Stripe. We never store your full card number.
• Usage data: Information about how you use the platform, including message counts and session activity.

We use your data exclusively to:

• Create and maintain your Echo — your digital consciousness profile.
• Enable conversations between you and your Echo.
• Process subscription payments and manage your plan.
• Provide customer support and respond to your requests.
• Improve the quality of the Echo experience over time.
• Send essential service communications (account confirmations, billing receipts).

We do not sell your personal data. We do not use your data for advertising purposes.

EchoArks uses the Anthropic Claude API to power Echo conversations. Your questionnaire answers and conversation messages are sent to Anthropic's API solely to generate responses. Anthropic processes this data in accordance with their own privacy policy, available at anthropic.com/privacy.

We do not use your conversations to train AI models. Each conversation is processed in real time and stored only to maintain continuity of your Echo's memory.

Your data is stored in Supabase, a secure cloud database provider, with servers located in the United States. We apply industry-standard security measures including:

• Encrypted connections (HTTPS/TLS) for all data in transit.
• Row-level security policies ensuring each user can only access their own data.
• Secure API keys and environment variables never exposed to the client.
• Regular security reviews of our codebase and infrastructure.

No method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

All subscription payments are processed by Stripe, Inc. EchoArks never receives or stores your full credit card number. Stripe's privacy policy is available at stripe.com/privacy.

We store only your Stripe customer ID and subscription status to manage your plan access.

We share your data only with the service providers necessary to operate EchoArks:

• Anthropic — AI processing for Echo conversations.
• Supabase — Database and authentication services.
• Stripe — Payment processing.
• Vercel — Hosting and deployment infrastructure.

We do not share your data with advertisers, data brokers, or any third parties beyond what is listed above. We may disclose your data if required by law or to protect our rights.

When you link your Echo to another user's Echo through the Family Constellation feature, a limited subset of your Echo's memories and profile may be shared with that linked Echo to enrich its responses. This sharing is intentional and initiated by you. You may remove family links at any time from the Manage Echo page.

You have the right to:

• Access the personal data we hold about you.
• Correct inaccurate information in your profile.
• Delete your Echo and all associated data using the "Delete this Echo permanently" option in your account.
• Export your data by contacting us at privacy@echoarks.com.
• Object to processing of your personal data.

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local supervisory authority.

We retain your data for as long as your account is active. If you delete your Echo, all associated questionnaire answers, conversations, memories, and family links are permanently removed immediately. If you wish to delete your entire account, contact us at privacy@echoarks.com and we will process the request within 30 days.

EchoArks uses only essential cookies required for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You can disable cookies in your browser settings, but this will prevent you from signing in.

EchoArks is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at privacy@echoarks.com and we will delete the information promptly.

We may update this Privacy Policy periodically. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy whenever you access our platform. Continued use of EchoArks after changes constitutes your acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at: