← Back to Home

Privacy Policy

Last Updated: October 11, 2025

Welcome to EmotionChat. We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information. This Privacy Policy explains our practices in detail and your rights under GDPR (General Data Protection Regulation) and COPPA (Children's Online Privacy Protection Act).

1. Information We Collect

1.1 Personal Information

We collect the following types of personal information:

• Account Information: Username, email address, password (encrypted), date of birth, and account preferences
• Profile Data: Display name, profile picture, and bio (optional)
• Payment Information: Billing details processed securely through Stripe (we do not store full credit card information)
• Age Verification: Date of birth to ensure COPPA compliance

1.2 Video and Audio Data

EmotionChat's core functionality involves video communication and emotion analysis:

• Video Recordings: Session recordings when users choose to record (optional feature)
• Real-time Video/Audio Streams: Processed through LiveKit infrastructure for video chat functionality
• Emotion Analysis Data: Facial expressions, voice tone, and sentiment analysis processed in real-time
• Transcriptions: Audio transcriptions processed through AssemblyAI (when enabled)

1.3 Usage and Analytics Data

• Session duration, features used, and interaction patterns
• Device information, browser type, IP address, and operating system
• Cookies and similar tracking technologies (see Cookie Policy section)

2. How We Use Your Information

We use your personal information for the following purposes:

• Service Delivery: To provide video chat, emotion analysis, and platform features
• Emotion Analysis: To analyze facial expressions, voice tone, and provide real-time emotional insights
• Account Management: To create and manage your account, process subscriptions, and provide customer support
• Communication: To send important updates, security alerts, and service notifications
• Improvement: To analyze usage patterns and improve our services
• Legal Compliance: To comply with legal obligations and protect our rights
• Advertising: To display relevant advertisements through Google AdSense (with consent)

3. COPPA Compliance - Protection of Minors

3.1 Parental Consent Process

• Users under 16 must provide a parent/guardian email address during registration
• We send a verification email to the parent/guardian requesting explicit consent
• Account access is restricted until parental consent is verified
• Parents can revoke consent and request data deletion at any time

3.2 Special Protections for Minors

• Limited Data Collection: We collect only essential information from users under 16
• No Targeted Advertising: Minors do not receive personalized advertisements
• Shorter Retention: Data for users under 16 is retained for only 30 days (vs. 90 days for adults)
• Enhanced Privacy: Additional privacy controls and content restrictions
• Recording Restrictions: Users under 16 cannot record sessions without parental approval

4. GDPR Rights - Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

4.1 Right to Access

You can request a copy of all personal data we hold about you. Visit Privacy Settings to download your data.

4.2 Right to Rectification

You can update or correct your personal information through your account settings.

4.3 Right to Erasure ("Right to be Forgotten")

You can request complete deletion of your account and all associated data. This includes:

• Account information and profile data
• All video recordings and emotion analysis data
• Usage history and analytics data
• All data is permanently deleted within 30 days of request

4.4 Right to Data Portability

You can export your data in a structured, machine-readable format (JSON/CSV).

4.5 Right to Restrict Processing

You can request that we limit how we process your personal data.

4.6 Right to Object

You can object to processing of your data for direct marketing or other purposes.

4.7 Right to Withdraw Consent

You can withdraw consent for data processing at any time through Privacy Settings.

5. Third-Party Services

We use the following third-party services that may process your data:

5.1 LiveKit (Video Infrastructure)

• Provides real-time video and audio streaming infrastructure
• Processes video/audio streams but does not store recordings
• Privacy Policy: livekit.io/privacy

5.2 AssemblyAI (Speech Transcription)

• Processes audio for transcription services
• Data is processed and not stored by AssemblyAI
• Privacy Policy: assemblyai.com/privacy-policy

5.3 Stripe (Payment Processing)

• Securely processes subscription payments and billing
• We do not store full credit card information
• Privacy Policy: stripe.com/privacy

5.4 Google AdSense (Advertising)

• Displays advertisements on our platform
• Uses cookies for ad personalization (with your consent)
• You can opt-out of personalized ads in Privacy Settings
• Privacy Policy: policies.google.com/privacy
• Ad Settings: adssettings.google.com

6. Cookie Policy

6.1 What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve our services.

6.2 Types of Cookies We Use

• Essential Cookies: Required for basic functionality (authentication, security)
• Analytics Cookies: Help us understand how users interact with our platform
• Advertising Cookies: Used by Google AdSense for personalized ads (requires consent)
• Preference Cookies: Remember your settings and preferences

6.3 Managing Cookies

You can control cookies through:

• Cookie consent banner (appears on first visit)
• Privacy Settings page
• Browser settings (may affect functionality)

7. Data Retention and Deletion

7.1 Retention Periods

• Users under 16: Data retained for 30 days after account deletion
• Users 16 and older: Data retained for 90 days after account deletion
• Video Recordings: Stored until user deletion or account termination
• Emotion Analysis Data: Retained for service improvement unless deletion requested
• Billing Records: Retained for 7 years for legal/tax compliance

7.2 Automatic Deletion

After the retention period, all personal data is permanently and irreversibly deleted from our systems.

8. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: All data transmitted using SSL/TLS encryption
• Password Protection: Passwords are hashed using bcrypt
• Access Controls: Strict access controls and authentication requirements
• Regular Audits: Security assessments and vulnerability testing
• Data Minimization: We collect only necessary data

9. International Data Transfers

Your data may be transferred to and processed in countries outside your residence. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Compliance with GDPR requirements for international transfers
• Use of services with appropriate data protection certifications

10. Your Choices and Controls

• Account Settings: Update personal information and preferences
• Privacy Settings: Control data collection, sharing, and advertising preferences
• Cookie Preferences: Manage cookie consent and tracking
• Email Preferences: Opt-out of marketing communications
• Data Export: Download your data in portable formats
• Account Deletion: Permanently delete your account and data

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we make significant changes:

• We will update the "Last Updated" date at the top of this page
• We will notify you via email (for material changes)
• We will display a prominent notice on our platform
• For users under 16, we will obtain renewed parental consent if required

12. Contact Us