Privacy Policy
Last updated: May 2026
What data we collect
We collect your email address, country, and the content of your conversations with Chaegim. We also store memory objects derived from your conversations, and anonymised crisis event hashes where applicable. We do not collect or store your date of birth — age is verified by Didit liveness scan at onboarding and we receive only a pass or fail result.
Facial age verification
Every new Chaegim account must complete a facial age check before accessing the platform. This is a mandatory requirement under the Australian Online Safety Act 2021 and equivalent legislation in other jurisdictions. There are no passive or automatic bypasses — every user completes this step.
Step 1 — Face scan (all users): After reading and accepting a consent notice, your front camera takes a single photo. This image is sent in real time to our age assurance partner, Didit, which estimates your age and checks that the image is a live face (not a photo of a photo). If the system is confident you are 18 or over, verification is complete immediately. For the vast majority of users this is the only step required.
Step 2 — Document check (rare fallback, fewer than 1% of users): If the face scan cannot determine your age with sufficient confidence — for example, because you look close to 18 — you will be asked to provide a government-issued ID document (passport, driver's licence, or national ID card). This is handled entirely by Didit on their hosted, secure platform.
Your photo and any document image are processed by Didit and retained by Didit for up to 1 month from the date of verification, after which they are permanently deleted. Chaegim receives only a pass or fail outcome — never your image, never your biometric data, and never your document details. Chaegim does not store any verification images or documents at any time.
The legal basis for this processing is your explicit consent, which you provide on a dedicated consent screen before your camera opens. You also confirm your age by ticking a checkbox declaring you are 18 or older.
Age verification partner: Didit
Partner privacy policy: didit.me/privacy-policy
How long we retain your data
| Data type | Retention period |
|---|---|
| Conversation transcripts | 2 years |
| Memories | 2 years |
| Session threads | 2 years |
| Pattern cards | 2 years |
| Monthly letters | 2 years |
| Milestone markers | 2 years |
| Crisis events (anonymised SHA-256 hash only, no PII) | 3 years |
| Account data | Until deletion + 30 days |
| Buddy messages and summaries | Until relationship ends or buddy requests deletion |
| Pending data deletion requests | Processed within 30 days |
| Age verification data (held by Didit, not Chaegim) | 1 month from date of verification |
How we use your data
We do not sell your data. We do not use your data to train AI models.
Your data is used solely to provide the Chaegim service — to power conversations, build memories, track commitments, and generate accountability insights.
Specifically, we use your conversation history and memory objects to generate: session threads (a brief narrative of each conversation that is used to open the next session), monthly personal letters (a reflective summary of your month), pattern cards (recurring themes identified across your conversations), Ghost You snapshots (a scored comparison of who you were at onboarding versus who you are today), and closing observations (a single insight generated at the end of each session).
Session threading and between-session signals
At the end of each conversation, Chaegim generates a short narrative summary called a session thread. This thread is stored against your account and used at the start of your next conversation to provide continuity — so Chaegim remembers where you left off.
For Core, Pro, and Founding Member subscribers, Chaegim may also generate between-session signals — brief, proactive observations delivered via push notification when a meaningful pattern is detected across your sessions. These are generated from your memory objects and session summaries, not from real-time monitoring.
You can disable between-session signals at any time from Settings.
Monthly personal letters
On the first day of each month, Chaegim generates a personal letter for Core, Pro, and Founding Member subscribers. This letter is a reflective summary of the previous month — drawing on your session threads, memories, and goal progress.
Monthly letters are stored in your identity timeline and are available in My Space → Letters. You receive a push notification when your letter is ready. Letters are generated entirely from your own data and are never shared with third parties.
Communications
Chaegim uses your email address to send the following communications:
- Account creation confirmation
- Password reset
- Account deletion confirmation
- Partner invitation for Together
- Together relationship activation
- Subscription confirmation
- Payment failure notification
- Subscription cancellation and grace period warning
- Trial ending reminder — 7 days before and 1 day before
- Final reminder when access ends
- Accountability buddy weekly digest (sent to your designated buddy — not to you)
Chaegim does not send marketing emails, promotional emails, weekly digest emails, or content emails. Your letters, reports, weekly digest, and content notifications are delivered inside the app via push notification.
Push notifications
Chaegim uses push notifications to your browser and mobile device to inform you when new content is ready — including personal letters, relationship letters, weekly digest, reports, pattern cards, Ghost You updates, and partner activity. You can manage notification permissions at any time through your device or browser settings. Revoking notification permission does not affect your access to content — everything remains available inside the app.
The weekly digest notification can be turned on or off independently in My Space → Settings → Weekly Digest.
Founding Member data
If you purchase a Founding Member subscription, your account is marked with a founding_member flag. This flag determines your subscription tier and price. It is stored in your account record and is never shared with third parties.
Founding Member status is tied to your Stripe subscription. If you cancel your subscription, your Founding Member status is removed. It cannot be transferred to another account.
Accountability Buddy feature
If a Chaegim user invites you as their accountability buddy, we will store your email address and first name in order to send you weekly summary emails on their behalf. These summaries contain only goal-progress information — never the content of private conversations.
As a buddy, you have the following rights at any time:
- Unsubscribe from emails — stop receiving weekly summaries without ending the relationship.
- End the relationship — be removed as a buddy entirely. The user will be notified.
- Delete all your data — permanently delete all messages and summaries associated with your email address. This also ends the relationship.
All three options are available via the unsubscribe link in every email, or by contacting [email protected].
Your rights
You can export all your data at any time from Settings.
You can delete your account at any time. Data is removed within 30 days of account deletion, except for anonymised crisis event hashes which are retained for 3 years for safety reporting purposes.
If you are a buddy (not a Chaegim account holder), you can manage your preferences or request data deletion via the link in any email you have received, or by emailing [email protected].
Third-party services
Chaegim uses the following third-party service providers. Each operates under their own privacy policy. We share only the minimum data necessary to provide the service. We do not share your data with any third party for advertising purposes.
| Provider | Purpose | Data handling |
|---|---|---|
| Anthropic (Claude) | AI conversation responses | Uses your conversation content only to generate personalised responses. Does not use your data to train models. |
| ElevenLabs | Voice synthesis | Receives audio text only. Does not receive your name or any personally identifying information. |
| Supabase | Data storage and authentication | Stores your account record including name, email, and conversation data. Data is encrypted at rest and protected by row-level security. |
| PostHog | Product analytics | May receive a user identifier for analytics purposes. This is first-party analytics used solely for product improvement — not advertising tracking. You can opt out from Settings. |
| Sentry | Error monitoring | Receives technical error data and stack traces to help us fix bugs. Does not receive your name or conversation content. |
| Stripe | Payment processing | Receives your name and payment details for subscription billing only. Chaegim does not store your card details. |
| Didit | Age verification | Receives a face photo for age estimation. For rare cases, also receives a government-issued ID document. Didit retains verification data (images and associated records) for up to 1 month from the date of verification, then permanently deletes it. Chaegim never receives or stores your image or biometric data. Used once at sign-up and never repeated. |
| Resend | Email delivery | Receives your email address to deliver transactional emails such as account confirmations and weekly summaries. Does not use your data for marketing. |
Cookies
Chaegim uses essential cookies to keep you signed in, and optional analytics and performance cookies to improve the product. You can manage your cookie preferences at any time. See our full Cookie Policy.
Governing law
This Privacy Policy is governed by the Australian Privacy Act 1988 and applicable international privacy law, including the GDPR where applicable.
Contact
For privacy enquiries: [email protected]