SilkRoomPrivacy Policy
Last updated: June 22, 2026
This Privacy Policy explains how SilkRoom LLC ("we", "we", "us") collects, uses, shares, and protects personal information when you use SilkRoom (the "Service"). By using the Service you agree to this Policy.
This document is a starting template, not legal advice. Have a qualified attorney confirm it meets your obligations (including GDPR, UK GDPR, CCPA/CPRA, and any other laws that apply to your users) before launch.
1. Who we are
SilkRoom LLC is the controller of your personal information. For privacy questions or to exercise your rights, contact us at privacy@silkroom.io.
2. Information we collect
You give us:
- Account information — your email address (used for sign-in via our authentication provider).
- Content you create — chat messages and prompts, custom characters you build, and onboarding quiz answers.
- Feedback — messages and any images you submit through the feedback form.
Collected automatically:
- Usage data — features used and counts (e.g. messages, photos, voice notes generated) to enforce plan limits.
- Device and log data — IP address, browser/device type, and timestamps, collected by us and our hosting provider for security and reliability.
- Cookies — see Cookies below.
From our payment processor:
- Billing data — subscription status, plan, and customer/subscription identifiers. We do not store your full card number; card details are handled directly by our payment processor.
We do not ask for or want sensitive identity documents, and the Service is strictly for users 18 and older (see Children).
3. How we use your information
- To provide, operate, and secure the Service and your account.
- To generate the AI chat, image, and voice features you request.
- To process payments, manage subscriptions, and enforce usage limits.
- To respond to feedback and support requests.
- To detect, prevent, and investigate abuse, fraud, and safety violations.
- To comply with legal obligations and enforce our Terms.
Our legal bases (where GDPR applies) include performance of our contract with you, your consent, our legitimate interests in operating and securing the Service, and compliance with legal obligations.
4. How your content is processed by AI providers
To power companions, your prompts and related content are sent to third-party AI providers that generate text, images, and voice on our behalf. These providers process the data to return a result and under our agreements are not permitted to use it to train their own models beyond what is necessary to provide the service. See the sub-processor list below.
5. Sub-processors and sharing
We share personal information only as needed to run the Service, with providers acting on our behalf. We do not sell your personal information. Current categories of sub-processors:
| Provider | Purpose |
|---|---|
| Supabase | Authentication and database |
| Stripe | Payments and subscription management |
| OpenAI | AI chat generation |
| Replicate | AI image generation |
| ElevenLabs | AI voice generation |
| Amazon Web Services (S3 / CloudFront) | Media storage and delivery |
| Vercel | Application hosting and logs |
| Discord | Internal delivery of feedback submissions |
We may also disclose information to comply with the law, respond to lawful requests, protect our rights and the safety of users, or in connection with a merger or acquisition.
6. Data retention
We keep personal information for as long as your account is active and as needed to provide the Service, then for a reasonable period to meet legal, accounting, security, and dispute-resolution needs. When you delete your account, we delete or de-identify your personal information within a commercially reasonable time, except where retention is legally required.
7. Cookies
We use a small number of cookies that are necessary for the Service to function, including:
- an authentication cookie that keeps you signed in;
- where enabled, a site-access cookie for password-protected preview deployments.
These are strictly necessary cookies. We do not currently use third-party advertising or cross-site tracking cookies. You can clear cookies in your browser, but the Service may not work properly without the necessary ones.
8. Your rights and choices
Depending on where you live, you may have the right to access, correct, delete, or export your personal information, to object to or restrict certain processing, and to withdraw consent. California residents have rights under the CCPA/CPRA, including the right to know, delete, correct, and to opt out of "sale" or "sharing" (we do not sell or share your personal information as those terms are defined). To exercise any right, email privacy@silkroom.io. We will not discriminate against you for exercising your rights, and you may appeal a decision by replying to our response.
9. Children's privacy
The Service is for adults only. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us information, contact abuse@silkroom.io and we will delete it.
10. International transfers
We are based in the United States and process data there and in the regions our providers operate. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for international transfers.
11. Security
We use technical and organizational measures to protect your information, but no method of transmission or storage is completely secure. Report security concerns to support@silkroom.io.
12. Changes to this Policy
We may update this Policy from time to time. We will revise the "Last updated" date above and, for material changes, provide additional notice where appropriate.
13. Contact
For privacy questions or requests, email privacy@silkroom.io, or write to SilkRoom LLC, 4610 Hampshire Way, Fremont CA 94538.