· · · no surprises here either

private
by default.

your conversations are yours. we only keep what we need to make itsher work, and we're specific about what that means.

last updated — april 2026

what we collect

when you sign up, we collect your email address. that's how we reach you if something important happens with your account.

when you talk to itsher, we store your messages — that's the core of how she remembers things about you. we also extract a small set of facts from those conversations (things like names you've mentioned, or dates you care about) so she can reference them later. you can see and delete those facts from your dashboard at any time.

we collect minimal usage data — which platform you're on (telegram, whatsapp, web), roughly when you last talked, whether nudges were sent. no behavioral tracking, no read receipts, no location.

what we don't collect

  • we don't track what you do on other websites or apps.
  • we don't use cookies for advertising or cross-site tracking.
  • we don't collect your contacts or calendar — unless you explicitly connect them.
  • we don't run ads. there's nothing to optimize for except you liking her.

how we use it

your messages and extracted facts are used to generate itsher's responses — that's it. we don't use your conversations to train AI models (ours or anyone else's). we don't sell them. we don't share them with third parties for marketing purposes.

we use your email to send account-related notices: billing, important changes, security alerts. we won't email you newsletters or promotions unless you ask for them.

third parties

itsher uses a language model to generate responses. your messages are sent to that model's API to produce a reply, then discarded on their end — they're not stored or used for training under our agreements. we won't name the provider here because it may change; if you want specifics, email us.

for payments, we use a third-party processor. your card details never touch our servers — they go directly to the processor. we only see whether a payment succeeded and your subscription status.

telegram and whatsapp receive your messages to deliver them — that's the nature of those platforms. their own privacy policies apply to how they handle messages in transit.

how long we keep it

while your account is active, we keep everything we described above. if you cancel, your conversations and extracted facts stay in place for 90 days — enough time to change your mind. after 90 days, they're deleted permanently. your email address is kept for a short period for billing records, then removed.

you can request immediate deletion of your data at any time by emailing us or using the delete button in your account settings. we'll confirm and complete it within 72 hours.

security

messages are encrypted in transit (TLS) and at rest. access to user data is restricted to the small team that needs it to keep the service running. we don't have a security team of fifty — we have a small one that takes it seriously.

if we ever discover a breach that affects your data, we'll notify you within 72 hours by email and explain what happened clearly — no vague corporate language.

your rights

you can ask us for a copy of your data, correct it, or delete it. you can withdraw consent and close your account at any time. if you're in the EU or UK, you have additional rights under GDPR — contact us and we'll help.

contact

questions about this policy? email us at [email protected]. we read everything and respond in plain language, not legal boilerplate.

this policy applies to itsher as of april 2026. if we make meaningful changes, we'll email you before they take effect.