Back to FAM

Privacy Policy

Effective date: July 2, 2026

1. Introduction

FAM is an AI companion service operated by Kaleidoco, Inc. (“Kaleidoco,” “we,” “us,” or “our”). This Privacy Policy describes how we collect, use, store, disclose, and protect personal data when you use the FAM application, website, browser extension, and related services (collectively, the “Service”).

By creating an account or using the Service you agree to the practices described in this policy. If you do not agree, please do not use FAM.

2. Our Data Philosophy

FAM is built on a custodial storage model: we store your data on your behalf and under your control. Your conversations, memories, and personality profile exist solely to deliver the companion experience you signed up for. We are the data custodian; you remain the owner.

We do not sell your personal data. We do not use your personal data to train foundational AI models. We do not share your data with advertisers.

3. Personal Data We Collect

3.1 Account information

When you create an account we collect your email address, display name, and profile photo (provided via Google Sign-In or set manually). We also collect authentication credentials managed by Firebase.

3.2 Conversations, memories, and your companion profile

We store transcripts of your voice and text conversations, AI-generated summaries, long-term memories extracted from conversations, and your inferred personality and preference profile (your “Soul Document”). These persist so your companion can remember you, pick up where you left off, and personalize its responses. This constitutes custodial data stored and processed exclusively to deliver the service.

3.3 Connected services

If you choose to connect Google Workspace (Gmail, Calendar, Drive), Strava, Todoist, or other third-party services, we store the OAuth tokens necessary to access those services on your behalf. We access only the data needed to fulfill your specific requests (for example, reading your calendar to prepare a morning briefing). Connected service tokens are stored encrypted and are never exposed to the frontend.

FAM’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

3.4 Device and usage data

We may collect:

  • Device location (latitude/longitude) when you grant permission.
  • Timezone and locale.
  • Browser type, version, and operating system.
  • Anonymous usage analytics (page views, feature interactions) via PostHog, Microsoft Clarity, and Vercel Analytics.

4. Consent

We record your consent as a timestamped, auditable event when you accept this Privacy Policy through the in-app consent gate. Each consent event is stored with the policy version, your user identifier, and the date and time of acceptance. You may withdraw consent at any time by deleting your account (see Section 8).

4.1 Companion memory consent

By using FAM you consent to the collection and custodial storage of conversation transcripts, memories, and your companion profile as described in Section 3.2. This data is processed exclusively to deliver the companion experience — so your AI companion remembers you, understands your context, and personalizes its responses.

4.2 Data network participation (separate consent)

If FAM introduces features that allow you to contribute data to a broader network (for example, aggregated insights or shared knowledge graphs), participation will require a separate, explicit opt-in that is clearly described and never implied from your companion memory consent. These two consent events are distinct and cannot be bundled.

Once you have opted into data network participation, your companion may use your existing memory and context to surface relevant suggestions within that feature. This is the feature working as intended, not a broadening of your original companion consent.

5. How We Use Your Data

  • Provide, personalize, and improve the Service (conversations, briefings, tool use).
  • Generate and maintain your companion’s memory and personality profile.
  • Authenticate your identity and secure your account.
  • Send service-related notifications (for example, morning briefings).
  • Monitor and improve reliability, performance, and safety.
  • Comply with legal obligations and enforce our Terms of Service.

We do not use your personal data to train foundational AI models.

6. Third-Party Processors and Data Boundaries

To deliver the Service we share data with the following processors under appropriate contractual safeguards:

  • Google (Gemini) — real-time voice and text conversation processing.
  • OpenAI — memory extraction, embeddings, and summarization.
  • Google Workspace APIs — Gmail, Calendar, and Drive access when connected by you.
  • Firebase (Google) — authentication and identity management.
  • Supabase / PostgreSQL — primary data storage (custodial).
  • Redis — ephemeral session caching (data expires within 60–300 seconds).
  • Vercel — web hosting and edge delivery.
  • PostHog / Microsoft Clarity — anonymous, aggregated usage analytics.

6.1 Third-party integration boundaries

When FAM integrates with third-party infrastructure (for example, external memory layers or agent-orchestration platforms), data processed on that infrastructure is governed by formal Data Processing Agreements (DPAs). We will not transfer personal data to a third-party processor that operates outside FAM’s custodial boundary without an executed DPA. Where a DPA is pending, the integration operates in a limited mode that does not transmit personal data.

7. Data Retention

Conversation transcripts, memories, and your Soul Document are retained for as long as your account exists. Ephemeral caches (session context, vision analysis) expire automatically within 60–300 seconds. Upon account deletion, all personal data is permanently removed from our primary database, file stores, and caches within 30 days. Anonymized, aggregated analytics that cannot identify you may be retained indefinitely.

8. Your Rights

Because we are the custodian of your data, your ability to access, correct, and delete it must work mechanically — not just on paper.

  • Delete your account and all data. You can permanently delete your account from Settings at any time. This triggers a cascade that removes your conversations, memories, Soul Document, preferences, integrations, briefing configurations, rituals, avatar selections, cached soul files, and session data. The deletion is immediate and irreversible.
  • Disconnect services. You can disconnect individual connected services (Google, Strava, Todoist, etc.) at any time from Settings. Disconnection revokes the stored OAuth tokens.
  • Access and export. You may request a copy of your personal data by contacting us at the address below.
  • Withdraw consent. You may withdraw your consent at any time by deleting your account. Withdrawal does not affect the lawfulness of processing performed prior to withdrawal.
  • Restrict processing. The Chrome extension only reads page content on sites you explicitly allow; you can pause or restrict page reading at any time.

9. Security

We implement industry-standard security measures to protect your data:

  • TLS 1.2+ encryption for all data in transit.
  • Encrypted storage at rest for databases and file stores.
  • OAuth tokens stored server-side, encrypted, and never exposed to the frontend.
  • Role-based access controls for internal systems.
  • Firebase Authentication with support for two-factor authentication.

No system is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication on your Google account.

10. International Transfers

Your data may be transferred to and processed in the United States and other jurisdictions where our service providers (Google, OpenAI, Vercel) operate. We work with providers that maintain appropriate data-protection safeguards, including Standard Contractual Clauses where applicable. We are actively pursuing formal Data Processing Agreements with all processors that handle personal data.

11. Children

FAM is not directed to children under 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes we will notify you through the Service or by email at least 30 days before the new policy takes effect. Your continued use of FAM after the effective date constitutes acceptance of the updated policy. The consent gate will re-appear so you can review and accept the new version.

13. Contact Us

Questions, requests, or complaints about this Privacy Policy can be directed to:

Kaleidoco, Inc.
privacy@kaleidoco.com