Privacy Policy
Last updated: May 2026
1. Who We Are
Entranced: AI Dating Simulator (“the App”) is operated by Ben Hayward (“we”, “our”, “us”), the data controller for the purposes of UK data protection law.
Contact: support@entranced.ai
2. What Data We Collect
Account Data
When you sign in with Apple or Google, we receive:
- Your unique identifier from the sign-in provider (Apple ID or Google ID)
- Your email address (if you choose to share it; Apple also offers a private relay option)
We do not receive your password from either provider.
Profile Data
During onboarding, we collect:
- Your display name
- Your date of birth (used to verify you are at least 18 years old)
This data is synced to our servers for age verification, content personalisation, and cross-device continuity.
Age Verification Data
We record the method used to verify your age (self-declaration or Apple declared age range), the date of verification, and the outcome. Age verification events are logged for safeguarding compliance.
Conversation Data
Your chat messages are sent to our servers in order to generate AI responses. This data is processed by third-party AI services via OpenRouter (see Section 5). We also extract and store brief memory summaries (key facts and conversation highlights) to maintain continuity across conversations.
Voice Note Data
When AI characters send voice notes, the text content is sent to ElevenLabs for voice synthesis. The generated audio is streamed to your device and is not stored on our servers.
Character Images
AI-generated character images and venue images are pre-created and hosted on our servers. These are served to your device as part of the experience. You do not upload or generate images.
Subscription and Purchase Data
Your subscription status and voice note pack purchases are managed by RevenueCat and Apple. We store your subscription tier (free or pro) and voice note balance on our server to control feature access. Purchase events including transaction IDs are logged for billing support.
Push Notification Tokens
If you allow notifications, we store your device's push notification token to deliver messages when the App is in the background. Tokens are removed when you sign out.
Usage and Security Data
We log authentication events (sign-in, sign-out, token refresh) along with your IP address and user-agent string for security monitoring, abuse prevention, and safeguarding. API request counts are tracked per user for rate limiting (automatically deleted after 48 hours).
Cross-Device Sync Data
To support use across multiple devices, we sync the following to our servers:
- Your profile and preferences
- Conversation messages and memory summaries
- Date history and relationship state
- App settings
3. What Data Stays on Your Device
The following data is cached locally on your device:
- Character profile images and venue images
- Voice note audio files
- Conversation messages (local copy)
Local data can be deleted at any time by using “Delete Account” in Settings or by uninstalling the App.
4. Lawful Basis for Processing
Under UK GDPR, we process your data on the following legal bases:
| Data | Lawful Basis |
|---|---|
| Account data (Apple/Google ID) | Contract — necessary to provide the service |
| Profile data (name, date of birth) | Contract — necessary to provide and personalise the service |
| Age verification data | Legal obligation — age-gating for mature content |
| Conversation and memory data | Contract — necessary to generate AI responses |
| Voice note synthesis | Contract — necessary to provide the service |
| Subscription and purchase data | Contract — necessary to manage your access |
| Push notification tokens | Consent — you can disable notifications at any time |
| Usage and security logs | Legitimate interest — preventing abuse and ensuring security |
| Cross-device sync data | Contract — necessary to provide the service across devices |
5. Third-Party Services
We use the following third-party services. Your data is shared with them only as necessary to provide the App's functionality:
| Service | Purpose | Privacy Policy |
|---|---|---|
| OpenRouter | AI conversation generation | openrouter.ai/privacy |
| ElevenLabs | Voice synthesis for voice notes | elevenlabs.io/privacy |
| Microsoft Azure | Server infrastructure, database, image hosting | microsoft.com/privacy |
| RevenueCat | Subscription and purchase management | revenuecat.com/privacy |
| Apple | Sign in with Apple authentication | apple.com/privacy |
| Sign in with Google authentication | policies.google.com/privacy | |
| Expo | Push notification delivery | expo.dev/privacy |
6. International Data Transfers
Your data is transferred to and processed in the United States and the United Kingdom by the third-party services and infrastructure listed above. These transfers are necessary to provide the App's core functionality. We rely on the following safeguards:
- Standard Contractual Clauses (SCCs) where applicable
- Data processing agreements with each provider
- Providers' compliance with applicable data protection frameworks
7. How We Use Your Data
We use your data to:
- Authenticate you and maintain your session
- Verify your age for access to mature content
- Generate AI character responses to your messages
- Generate AI voice notes
- Serve AI-generated character images
- Maintain conversation memory and relationship continuity
- Sync your data across devices
- Manage your subscription, purchases, and feature access
- Deliver push notifications
- Enforce rate limits, moderate content, and prevent abuse
- Provide customer support
We do not use your data to:
- Train AI models
- Serve advertisements
- Build advertising profiles
- Sell or rent your data to third parties
8. Content Moderation
Your messages are automatically screened by a safety classifier to detect content that may involve minors, self-harm, extreme violence, or impersonation of real people. This processing is necessary for safeguarding and is performed server-side before AI responses are generated. Flagged content may result in warnings or account restrictions.
9. Data Sharing
We do not sell your personal data. Data is shared only with the third-party services listed in Section 5, solely to provide the App's functionality.
We may disclose your data if required by law, court order, or to protect our legal rights.
10. Data Retention
| Data | Retention Period |
|---|---|
| Account data | Until you delete your account |
| Profile data (name, DOB) | Until you delete your account |
| Conversation and memory data | Until you delete your account |
| Age verification records | Until you delete your account |
| Subscription and purchase data | Until you delete your account |
| Push notification tokens | Until you sign out or delete your account |
| Usage/rate limit data | Automatically deleted after 48 hours |
| Security audit logs | Until you delete your account |
| Local device data | Until you delete it or uninstall the App |
Upon account deletion, all server-side data is permanently deleted within 30 days.
11. Your Rights
Under UK GDPR, you have the right to:
- Access — request a copy of your personal data
- Rectification — request correction of inaccurate data
- Erasure— request deletion of your data (“right to be forgotten”)
- Restriction — request we limit how we use your data
- Portability — request your data in a machine-readable format
- Object — object to processing based on legitimate interest
- Withdraw consent — where processing is based on consent
How to Exercise Your Rights
- Delete your account:Settings > Delete Account (removes all server-side data)
- Delete local data: Uninstall the App
- Other requests: Contact support@entranced.ai
We will respond to all data rights requests within 30 days.
Right to Complain
If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Telephone: 0303 123 1113
12. Age Requirement
Entranced is intended for users aged 18 and older. By using the App, you confirm you are at least 18 years old.
We verify your age during onboarding using your date of birth and, where available, Apple's declared age range. Users who cannot verify they are 18 or older are denied access.
We do not knowingly collect personal data from anyone under 18. If we become aware that a user is under 18, we will terminate their account and delete their data immediately.
13. Security
We implement the following security measures:
- All API keys are stored server-side and are never included in the App binary
- All communication between the App and our servers uses HTTPS/TLS encryption
- Authentication tokens are stored in your device's secure keychain
- Refresh tokens are stored as irreversible hashes on our servers
- Server infrastructure is hosted on Microsoft Azure with enterprise-grade security (UK South region)
- Access to user data is restricted to essential service operations only
- Authentication events are logged for security monitoring
14. Cookies & Tracking
The App does not use cookies, advertising identifiers, or analytics tracking. We do not use any third-party analytics SDKs.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Updating the “Last updated” date at the top of this page
- Providing in-app notification for significant changes
Your continued use of the App after changes take effect constitutes acceptance of the updated policy.
16. Contact
For privacy questions, data requests, or concerns:
Email: support@entranced.ai
Data Controller: Ben Hayward