← Back to YourBuddy

Privacy Policy

Last updated: 1 June 2025

1. Who We Are

YourBuddy Ltd is a company incorporated in England and Wales. Company number: [INSERT COMPANY NUMBER]. Registered office: [INSERT REGISTERED OFFICE ADDRESS].

References to "we", "us" or "our" mean YourBuddy Ltd. For privacy matters, contact us at privacy@yourbuddy.com.

[INSERT ONCE REGISTERED: We are registered with the Information Commissioner's Office (ICO) as a data controller. ICO registration number: [INSERT ICO NUMBER].]

2. What Data We Collect

**Account data:** Email address and password (hashed by Supabase) when you create an account.

**Conversation data:** Messages you send to YourBuddy and the responses generated. These are stored to provide continuity of your experience and to generate your memory context.

**Memory summaries:** An AI-generated summary of themes from your conversations, used to personalise future responses. This is derived data, not a verbatim transcript.

**Waitlist data:** Email address if you join our waitlist before registering.

**Usage data:** Standard server logs, including IP address, browser type, and pages visited, retained for up to 90 days.

**Cookies:** See our Cookie Policy for details.

3. Legal Basis for Processing

We process your data under the following lawful bases under UK GDPR:

  • **Contract:** To provide the YourBuddy service you have signed up for.
  • **Legitimate interests:** To improve our service, prevent fraud, and maintain security.
  • **Consent:** For non-essential cookies and marketing communications.

    • 4. How We Use Your Data

  • To operate and improve the YourBuddy service
  • To personalise your AI companion experience using memory context
  • To send your Weekly Longevity Brief (when you opt in)
  • To respond to your enquiries and support requests
  • To comply with legal obligations

    • 5. Who We Share Data With

    We share data only with trusted sub-processors necessary to operate the service:

  • **Supabase Inc** (database and authentication hosting)
  • **Anthropic PBC** (AI model processing) — data processed per Anthropic's API privacy terms
  • **Vercel Inc** (web hosting and edge functions)

    • We do not sell your data. We do not share it with advertisers.

    6. Your Rights

    Under UK GDPR, you have the right to:

  • **Access** the personal data we hold about you
  • **Rectification** of inaccurate data
  • **Erasure** ("right to be forgotten")
  • **Restriction** of processing
  • **Data portability**
  • **Object** to processing based on legitimate interests
  • **Withdraw consent** at any time where consent is the basis

    • To exercise any right, email privacy@yourbuddy.com. We will respond within 30 days.

    7. Data Retention

  • Account and conversation data: retained while your account is active, deleted within 30 days of account deletion request.
  • Memory summaries: deleted with your account.
  • Waitlist emails: retained until you ask to be removed.
  • Server logs: 90 days.

    • 8. Security

    We use industry-standard security measures including encrypted data in transit (TLS), encrypted storage, and access controls. No method of transmission over the internet is 100% secure.

    9. Changes to This Policy

    We will notify you by email of material changes. The "last updated" date at the top of this page will always reflect the current version.

    10. Complaints

    You have the right to lodge a complaint with the ICO at ico.org.uk or by calling 0303 123 1113.

    Other legal pages

    Terms of ServiceCookie PolicyAI Transparency StatementComplaints Procedure