Privacy Policy

Effective date: May 8, 2026 · Last updated: June 10, 2026

This Privacy Policy explains how Almai SpA (“Almai,” “we,” “us,” or “our”) collects, uses, shares, and protects your information when you use the Almai mobile application and related services (collectively, the “Service”).

Almai is a personality-matching social application. Our agent learns about your personality through natural conversation, builds a private personality profile, and uses it to suggest compatible people you can choose to connect with.

If you do not agree with this Policy, please do not use the Service.

A note on honesty: The Almai app contains no advertising SDKs, no third-party analytics, no crash-reporting or telemetry tools, and no advertising identifiers. We do not track you across other companies' apps or websites, and we do not sell your data or share it with data brokers. The one exception is outside the app: our public website uses Google Analytics only if you accept it in the cookie notice (see Section 2.9) — you can decline and it never loads. The sections below describe exactly what we do collect and why.

1. Summary

What	In plain terms
Who we are	Almai SpA, the operator of Almai.
What we collect	Account identity (via our auth provider), the chat content you write to the agent, the personality insights we derive from it, your in-app messages with matches, optional location data (not currently collected by the iOS app), and basic device-locale/preference settings.
Why	To run the conversational agent, build your personality profile, generate and explain compatible matches, let you message people you match with, keep the Service safe, and operate the app.
AI processing	The text you write to the agent — and the direct messages you send to other people you match with — is sent to our third-party large-language-model (LLM) provider, Anthropic, PBC (model claude-sonnet-4-6), to power the conversation, derive insights, write match explanations, and automatically screen messages for objectionable content.
Tracking	No ads, no cross-app tracking, no advertising ID. The app contains no analytics SDKs. Our website uses analytics (Google Analytics) only with your consent; see Section 2.9.
Your controls	You can access, export, correct, and delete your data, and delete your account from inside the app. See Sections 9 and 10.
Contact	[email protected]

2. Information We Collect

We collect only what we need to provide the Service. We group it by source.

2.1 Account and identity information (held by our authentication provider, Clerk)

When you create an account or sign in, authentication is handled by Clerk (see Section 5). Through Clerk we collect and Clerk stores:

your email address;
your first name and, if you provide it, your last name;
one-time verification codes (OTP) used to confirm your identity;
authentication sessions and credentials and a unique user ID.

Importantly, Almai's own database does not store your email or last name. Our servers store only a Clerk reference identifier (your Clerk user ID), an optional first name, your language/locale, your in-app preferences, and timestamps. Your core identity record lives with Clerk, our authentication processor.

2.2 Conversation content with the agent (“User Content”)

When you chat with the Almai agent, we collect and store the text of your messages (and the agent's replies). Each message is stored in our database, linked to your account, and is also transmitted to our LLM provider to generate the agent's response (see Section 4). Individual messages are limited to 10,000 characters.

2.3 Personality profile derived from your conversations

From your conversation content, Almai derives a personality profile that we store and link to your account, consisting of:

personality insights — a personality dimension, a confidence level, a short description, and supporting example snippets;
conversation metadata — a summary, topics discussed, and mood tags;
personality embeddings — a numerical vector representation (512 dimensions) of your profile used for similarity matching, along with an average-confidence and insight-count value.

These embeddings are generated entirely on our own servers using a local statistical technique (TF-IDF). No third-party embedding or vectorization service is used for this step.

2.4 Matches and match conversations (“User Content”)

When the Service identifies a compatible person, we create and store match records (a compatibility score, a per-dimension compatibility breakdown, a written match explanation, and each party's consent status). If you and another user both consent to connect, you can exchange direct messages; the text of those match messages is User Content that we store, linked to your account.

Your match messages are delivered only to the other user in your conversation — never to advertisers, data brokers, or other users. To keep the Service safe, each match message is automatically screened for objectionable content by our AI provider before it is delivered (see Section 4). Apart from that automated safety screening, your match messages are not used to power the Aura agent, are not used to build your personality profile, and are not used to generate match explanations.

You may also submit match feedback (a rating and an optional comment), which we store.

2.5 Location information

Almai's backend includes an optional geographic feature that can store an approximate location (latitude/longitude), a “share location” preference, and a search radius, in order to surface nearby people.

As currently built, the Almai iOS app does not request, access, or collect your device location. There is no location permission prompt and no location capture in the app. Even where location data exists on the server, the Service never returns precise coordinates to any user — other users see only a coarse, rounded distance and a distance band (for example, “1–5 km”). If we enable location collection in the iOS app in the future, we will request your permission first, update this Policy, and reflect it in our App Store privacy disclosures.

2.6 On-device settings and preferences

The app stores certain settings only on your device, in the device's secure storage, and does not transmit them to our servers:

onboarding preferences you choose during setup — what you are looking for (which may include “Dating”), your interests, an age range, and a preferred communication style;
app state such as whether you have completed onboarding, your last-seen insight marker, and your active conversation reference;
your selected language/locale (a copy of which is also sent to our servers so the agent can respond in your language).

Because these preferences are processed only on your device, they are not “collected” by us under Apple's definition. Your authentication session token is also stored securely on your device by Clerk's SDK.

2.7 Technical data used transiently

When you connect to our servers, your device's IP address is processed transiently for security and rate-limiting (for example, to prevent abuse). For authenticated app users, we do not persist your IP address and we do not log your message content, email, or prompt text. Our server logs are limited to status codes, generic error messages, authentication-failure reasons, and internal identifiers (such as user IDs and personality-dimension names).

2.8 Waitlist sign-ups (website only — not the app)

If you join the Almai waitlist through our public website (not through the iOS app), we collect the email address you submit, and we record the IP address, browser user-agent, and an anti-abuse reCAPTCHA score for that submission to prevent spam and fraud. This involves Google reCAPTCHA (see Section 5). Google reCAPTCHA is used only on the public website waitlist form; it is not used in the authenticated iOS app.

2.9 Website cookies and analytics (website only — not the app)

Our public website (not the iOS app) offers optional usage analytics via Google Analytics 4 (GA4), to understand in aggregate how the page is navigated and to improve it. This analytics is website-only and is never part of the Almai app.

Consent-only. Google Analytics does not load unless you accept it in our cookie notice. If you decline — or do nothing — no Google script runs and no data is sent to Google.
Your choice is remembered in your browser's local storage (the almai_cookie_consent key), not in a tracking cookie. You can change it anytime via the “Cookie preferences” link in the footer.
What is set if you accept. After your consent, GA4 places first-party measurement cookies (for example _ga and _ga_*) and collects usage data such as page views, a device/browser reference, an approximate IP-derived location, and the referring page.
Not advertising. We do not use GA4 for advertising, we do not enable Google's advertising features, and we do not combine this data with your app account or personality profile. We treat this as consent-based analytics, not a “sale” or sharing of personal information for behavioral advertising.

Google acts as an independent provider with respect to this website data; see Google's privacy policy at policies.google.com/privacy. This website analytics does not affect the Almai app's App Store privacy disclosures, which remain free of any analytics SDK.

2.10 Information we do not collect

For clarity, Almai does not collect: advertising identifiers (IDFA); device fingerprints or alternative IDs to evade tracking controls; usage analytics or product-interaction telemetry; crash or performance diagnostics; contacts; photos, videos, audio, or microphone data; health, fitness, or financial information; browsing or search history outside the app; or purchase history. Almai does not send push notifications and does not register push tokens. (The app's “Daily reminders” toggle is a local, non-functional placeholder that is not connected to any notification service.)

3. How We Use Your Information

We use the information described above for the following purposes:

To provide the conversational agent — process your messages and generate the agent's responses.
To build your personality profile — derive personality insights and embeddings from your conversations.
To generate and explain matches — compute compatibility between users and produce a short, written explanation of why two people might connect.
To enable connections — let you and a mutually consenting match exchange direct messages.
To keep the Service safe — automatically screen messages between users for objectionable content, and operate reporting and blocking controls.
For product personalization — respond in your chosen language and tailor your in-app experience. (Matches are computed from your personality profile, not from your on-device onboarding preferences, which stay on your device — see Section 2.6.)
To operate, secure, and improve the Service — authenticate you, maintain reliability, and prevent fraud and abuse (including reCAPTCHA on the website waitlist).
To communicate with you — send account, security, and service-related messages (for example, verification codes via Clerk).
To comply with law — meet legal obligations and enforce our terms.

We do not use your information for third-party advertising, for our own advertising or marketing profiling, or for any form of cross-app or cross-site tracking.

4. AI Processing of Your Conversations

Almai's core functionality depends on a third-party large-language-model (LLM) provider. The text you write is sent to that provider so the agent can understand and respond to you, and so we can keep the Service safe.

Who receives the text. Almai uses a single LLM provider:

Anthropic, PBC (“Anthropic”), model claude-sonnet-4-6.

Anthropic is the recipient of the data described below and is named in our App Store privacy disclosures.

What is sent, and when. Four distinct flows send text derived from your input to Anthropic:

Live agent chat. Each time you send a message to the agent (Aura), we transmit a system instruction, up to your 50 most recent messages in that conversation, and your new message, to generate the agent's reply.
Insight extraction. Periodically (after roughly every fifth message you send), we transmit up to the last 20 raw conversation turns together with your existing insight summaries, so the agent can update your personality profile.
Match explanations. When a match is created, we transmit both matched users' personality-insight descriptions and the compatibility breakdown to generate the explanation. Names are excluded from this request — the prompt refers only to “you” and “they.”
Content-safety screening. To enforce our zero-tolerance policy for objectionable content, the text of each direct message you send to another user (match message) is sent to Anthropic and automatically classified for objectionable content (such as harassment, sexual content, content that sexualizes minors, violence, or hate) before it is delivered. A message classified as objectionable is blocked. This screening produces only a classification result (allowed/blocked plus category labels); it does not add your match messages to your personality profile or use them to generate Aura's replies.

What is generated locally, not by the LLM. Your personality embeddings are generated on our own servers using a local statistical technique (TF-IDF) and are not produced by, or sent to, any external AI service.

How the provider may use it. Anthropic processes this text as our service provider/sub-processor to return a result to us, under its own terms and privacy commitments, acting on our instructions and not to train its own models on our customer data. We encourage you to review Anthropic's privacy policy: https://www.anthropic.com/legal/privacy. Please avoid sharing highly sensitive personal information in your conversations with the agent or in your messages to other users.

5. Third Parties, Service Providers, and Sub-Processors

We share data only with the limited set of providers needed to run the Service. We do not sell your personal information, and we do not share it with data brokers or advertising networks. Each provider below is contractually obligated to protect your data and to use it only to provide services to us, consistent with this Policy and with protections equivalent to those we apply.

Provider	Role	Data shared	Notes
Clerk	Authentication and identity management	Email, first/last name, verification (OTP) codes, user ID, auth sessions	Your primary identity record is held by Clerk, not in Almai's database. See clerk.com/legal/privacy
Anthropic, PBC	AI processing of conversation content and AI content-safety screening	The conversation text described in Section 4 (system prompt, recent agent-chat messages, derived insights, compatibility data — no names) and the text of match messages for automated objectionable-content screening	Server-to-server only; not embedded as an SDK in the app. Model: claude-sonnet-4-6. See anthropic.com/legal/privacy
Google reCAPTCHA	Anti-abuse / bot prevention	reCAPTCHA token and submitter IP address	Website waitlist form only — not used in the iOS app. See policies.google.com/privacy
Google Analytics 4	Website usage analytics (with consent)	Website usage events (page views, device/browser reference, approximate IP-based location), via GA measurement cookies	Public website only, and only if you accept the cookie notice — not used in the iOS app. See Section 2.9 and policies.google.com/privacy
Hosting & data infrastructure (Railway)	Application hosting, database, and queue infrastructure	All first-party data described in this Policy is stored in our PostgreSQL database and Redis queue, hosted on our infrastructure provider	First-party data stores under our control.

In the Almai app, we do not integrate any advertising, analytics, attribution, crash-reporting, or tracking SDKs (for example, no Google Analytics/Firebase, Meta/Facebook SDK, Sentry, Amplitude, Segment, Mixpanel, AppsFlyer, Adjust, Branch, or OneSignal). The website analytics described in Section 2.9 (Google Analytics, with your consent) is separate from the app and is never bundled into it.

We may also disclose information if required to do so by law, to respond to lawful requests, to protect the rights, safety, and security of our users or the public, or in connection with a merger, acquisition, or sale of assets (in which case we will notify you and ensure equivalent protection).

6. Legal Bases for Processing (EEA/UK Users)

Where the EU/UK General Data Protection Regulation (GDPR) applies, we rely on the following legal bases:

Performance of a contract (Art. 6(1)(b)) — to provide the agent, build your profile, generate matches, and enable messaging you have asked for.
Consent (Art. 6(1)(a)) — for any optional features that require it (for example, location, if and when enabled in the app). You may withdraw consent at any time.
Legitimate interests (Art. 6(1)(f)) — to secure the Service, prevent fraud and abuse, and maintain and improve the app, balanced against your rights.
Legal obligation (Art. 6(1)(c)) — to comply with applicable law.

Your conversation content and the personality insights derived from it may, depending on what you choose to write, include information that is considered sensitive under some laws. Where required, our basis for processing such information is your explicit consent, which you provide by voluntarily sharing it with the agent; you can withdraw it by deleting the relevant content or your account.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service:

Account/identity data is retained by Clerk for as long as your account exists.
Conversation content, personality insights, embeddings, matches, match messages, and feedback are retained while your account is active so the agent and matching can function.
Website waitlist sign-ups are retained until they are no longer needed for their purpose (for example, until launch or until you ask us to remove the entry).
Transient technical data (such as IP addresses used for rate-limiting) is not persisted for app users.

When you delete your account (see Section 10), we delete or irreversibly anonymize the personal data we hold about you, except where we are required to retain certain information to comply with legal obligations, resolve disputes, or enforce our agreements. Data held by Clerk is deleted in accordance with the account-deletion process and Clerk's retention practices.

8. Security

We take reasonable technical and organizational measures to protect your information, including:

Authentication handled by a dedicated provider (Clerk), keeping your core credentials out of our database.
Minimized data collection — we deliberately do not copy your email or last name into our own database, and we do not log message content, email, or prompt text.
Encrypted on-device storage of session tokens and local app state using the device's secure storage.
Encryption in transit for communications between the app, our servers, and our providers.
Abuse prevention, including rate-limiting and (on the website waitlist) bot protection.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If we become aware of a breach affecting your personal data, we will notify you and the relevant authorities as required by law.

9. International Data Transfers

Almai is operated from, and uses service providers located in, Chile and other countries, including the United States. Your information — including conversation content sent to our LLM provider — may be processed in countries other than the one in which you live, which may have different data-protection laws.

Where we transfer personal data out of the EEA, the UK, or other regions with transfer restrictions, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum) or other lawful transfer mechanisms. You may request a copy of the relevant safeguards by contacting us at [email protected].

10. Your Privacy Rights

Depending on where you live (for example, under the GDPR/UK GDPR or the California Consumer Privacy Act, as amended), you may have some or all of the following rights:

Access — request a copy of the personal data we hold about you.
Portability — receive certain data in a portable, machine-readable format.
Correction — correct inaccurate or incomplete data.
Deletion (“right to be forgotten”) — request deletion of your personal data and account.
Restriction / Objection — restrict or object to certain processing, including processing based on legitimate interests.
Withdraw consent — where processing is based on consent, withdraw it at any time (without affecting prior processing).
Non-discrimination — we will not discriminate against you for exercising your rights.

Because the Almai app contains no advertising or tracking, and our website analytics (Section 2.9) is optional, consent-based, and does not enable advertising features, we do not “sell” or “share” your personal information for cross-context behavioral advertising as those terms are defined under California and similar laws, and there is no such activity to opt out of.

How to delete your account and data

You can delete your account from within the app on the Settings screen, using the Delete Account option. This works directly in the app: it calls our backend deletion endpoint, which permanently removes your Almai profile data — including your conversations with Aura, your match messages, your personality insights, embeddings, matches, and feedback — and deletes your associated identity record with our authentication provider, Clerk. Our data model is designed so that deleting your account cascades to the related records linked to you. Deletion is not merely deactivation, and you are not required to email us or call us to delete your account.

You may also exercise any of your rights, or request deletion or export, by emailing us at [email protected]. We will respond within the timeframe required by applicable law. We may need to verify your identity before acting on your request.

11. User-to-User Content and Safety

Almai lets people who mutually consent to connect exchange direct messages. You are responsible for the content you send to other users, and you should not send unlawful, harassing, or objectionable content.

To keep the Service safe, the app provides in-product safety controls:

Automated screening. Every direct message sent between users is automatically screened for objectionable content by our AI provider before it is delivered (see Section 4), and objectionable messages are blocked.
Report. You can report a user or specific content directly in the app, from the relevant conversation or profile.
Block. You can block another user directly in the app; once blocked, you and that user can no longer message each other.

A Terms of Use / End User License Agreement (EULA) governing user-generated content — including a zero-tolerance policy for objectionable content and abusive users, the reporting and blocking controls above, and a commitment to act on reports of objectionable content within 24 hours — is published at https://almai.cl/terms.

12. Children's Privacy

Almai is a social and dating-oriented application intended only for adults. The Service is not directed to children, and we do not knowingly collect personal information from anyone under the minimum age.

You must be at least 18 years old to use Almai. If you believe a child has provided us with personal information, please contact us at [email protected] and we will take steps to delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you in the app or by other means. Your continued use of the Service after an update means you accept the revised Policy.

14. Contact Us

If you have questions, requests, or concerns about this Policy or your personal data, contact us at:

Email: [email protected]
Entity: Almai SpA
Address: (address to be confirmed)

For users in the EEA/UK, Almai SpA is the data controller for the processing described in this Policy. You also have the right to lodge a complaint with your local data-protection authority.