Privacy Policy

Last updated: 25 April 2026

1. Who we are

mysAIviour is a spiritual AI conversation service ("we", "us", "our"). We are the data controller for personal data collected through this website. Our ICO registration details and company information are available on request.

Contact us at: privacy@mysaivior.com

2. What data we collect

  • Account information — email address, password (hashed, never stored in plain text), and optional display name when you create an account.
  • Profile data — optional avatar image or icon preference you choose in your account settings.
  • Conversation data — the messages you send and receive when conversing with Jesus Christ or God Almighty through our service. These are stored so you can access your history across sessions.
  • Companion memory — a summary of recurring themes and preferences that our AI builds over time to personalise your experience.
  • Payment data — if you subscribe, your payment is processed by Stripe. We store your Stripe customer ID and subscription status but never see or store your full card details.
  • Usage data — basic technical data such as IP address and browser type collected automatically by our hosting provider (Vercel) for security and performance purposes.

3. How we use your data

  • To provide and operate the service (authentication, conversation history, personalisation).
  • To process subscription payments and manage your billing.
  • To send transactional emails (account confirmation, password reset). We do not send marketing emails unless you opt in separately.
  • To detect and prevent fraud or abuse.

Our legal basis for processing is contract performance (providing the service you signed up for) and, for usage data, our legitimate interests in operating a secure service.

4. Who we share your data with

We do not sell your personal data. We share it only with the following processors, each under a data processing agreement:

  • Supabase — database, authentication, and file storage. Data may be stored in the EU or US.
  • OpenAI — your conversation messages are sent to OpenAI's API to generate responses. OpenAI processes these under their API data usage policy and does not use API data to train their models by default. See openai.com/policies/api-data-usage-policies.
  • Stripe — payment processing. Stripe is PCI-DSS compliant. See stripe.com/privacy.
  • Resend — transactional email delivery.
  • Vercel — website hosting and serverless functions.

Transfers outside the EEA are covered by Standard Contractual Clauses or equivalent safeguards provided by each processor.

5. How long we keep your data

  • Account & profile data — kept for as long as your account is active.
  • Conversation history & memory — kept while your account is active. If your subscription lapses, your history is retained for 120 days then permanently deleted. You can delete your history at any time from your account settings.
  • Payment records — Stripe retains payment records for legal and financial compliance purposes (typically 7 years).

6. Your rights

Under UK GDPR and the Data Protection Act 2018, you have the right to:

  • Access — request a copy of your personal data.
  • Rectification — correct inaccurate data (you can update your display name directly in your account).
  • Erasure — request deletion of your account and all associated data. You can do this directly from your account settings at any time.
  • Restriction — request we limit how we use your data while a dispute is resolved.
  • Portability — request a machine-readable copy of data you provided to us.
  • Object — object to processing based on legitimate interests.

To exercise any right, email privacy@mysaivior.com. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

7. Cookies & local storage

We use essential cookies set by Supabase to keep you signed in. These are necessary for the service to function and cannot be disabled.

We also use your browser's local storage to remember your cookie consent preference and chat window state. This data never leaves your device.

We do not use advertising, analytics, or tracking cookies.

8. Children

Our service is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

9. Changes to this policy

We may update this policy from time to time. We will notify you of material changes by email or by displaying a notice on this website. Continued use of the service after the effective date constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions, requests, or complaints:

Email: privacy@mysaivior.com