Privacy Policy for BuddyTalk.ai

Your privacy is important to us. It is Mobile Tech Media, LLC's policy to respect your privacy and comply with applicable laws and regulations regarding any personal information we may collect about you, including across our website, https://buddytalk.ai, our web application, and our voice services accessed via telephone calls.

Effective Date: October 14, 2025
Last Updated: October 14, 2025

Who We Are (Data Controller) and How to Contact Us

Controller: Mobile Tech Media, LLC (a Wyoming LLC)
Address: 1309 Coffeen Avenue STE 1200, Sheridan, WY 82801, USA
Support: [email protected]
Abuse Reports: [email protected]
Legal/Privacy: [email protected]

Scope and Acknowledgements

This policy applies to our websites, APIs, dashboards, and telephone- based AI friendship services. If our services link to third-party websites or services, their own privacy policies will govern their use of your information.

Our services are intended for adults only. You must be 18 years or older to use BuddyTalk.ai. We do not knowingly collect information from individuals under 18.

Information We Collect

We collect information that you provide directly and information that is collected automatically when you use our services.

Account and Identity Information

• Email address and account credentials
• Verified phone number (via Twilio Verify)
• Age verification outcome (pass/fail)
• Country/region and time zone (if provided)
• Persona selections and preferences

Telephony and Usage Metadata

• Caller ID/phone number
• Call direction (inbound/outbound), timestamps, duration
• Call status events and scheduling windows
• Usage limits, minutes used, and plan details
• Consent and opt-in/opt-out logs related to calling

Conversation Data (No Audio Recordings)

We do not retain call audio recordings. Audio from your call is processed in real time to operate the service, but the audio itself is not stored. We retain high-level conversation summaries and structured "memories" that capture key context (e.g., preferences, persona-relevant details) to personalize future interactions. We do not retain full word-for-word transcripts.

Payment and Billing Information

• Subscription plan, status, invoices, and billing history
• Payment details are handled by Stripe; we do not store full card numbers on our servers

Technical and Device Information

• IP address, device, browser, and basic diagnostics
• Website and API activity, error logs, and performance metrics
• WebSocket session events for live call status

How We Use Information

• Provide, operate, and improve our voice-first AI services
• Verify phone numbers and route calls to your chosen persona
• Maintain context and "memories" across sessions
• Detect, prevent, and respond to abuse, fraud, or misuse
• Measure usage, enforce plan limits, and manage billing
• Comply with legal obligations and law enforcement requests
• Conduct privacy-focused analytics to understand service performance (via PostHog)

We do not use your content to train third-party AI models. We may use de-identified or aggregated information to evaluate and improve service quality. Conversation summaries and "memories" are stored on our systems to personalize your experience.

No Audio Recordings

We do not retain audio recordings of your calls. Audio is processed ephemerally for real-time operation and is not stored after the call. As a result, we cannot later retrieve or produce call audio. If you need records, we will provide conversation summaries and relevant metadata to the extent available.

Legal Bases for Processing (GDPR/UK GDPR)

• Performance of a contract (to provide you the service)
• Consent (e.g., phone verification and certain outbound calling permissions)
• Legitimate interests (e.g., security, fraud prevention, service analytics)
• Legal obligation (e.g., tax and regulatory compliance)

How We Share Information

We share personal information with service providers who act on our behalf and under our instructions. We do not sell personal information and we do not share personal information for cross-context behavioral advertising.

International Transfers

We are based in the United States. We may transfer personal information internationally to our service providers. For transfers from the EU/EEA or UK, we rely on Standard Contractual Clauses (SCCs) or other lawful mechanisms. We have not appointed an EU/UK representative. EU/UK users may contact [email protected] with questions about international transfers.

Retention

We retain conversation summaries, "memories," telephony metadata, account information, and billing records until you request deletion, unless we are required to keep them longer by law or for the establishment, exercise, or defense of legal claims. We do not retain audio recordings.

If we reasonably anticipate litigation or receive a lawful request to preserve information, we may place a legal hold and preserve relevant data despite a deletion request. When a legal hold ends, normal retention and deletion practices resume.

Your Rights and Choices

• Access, correction, and deletion of personal information
• Opt-out of outbound calls or revoke consent to be called on a verified number
• Objection and restriction rights where applicable by law (EU/UK)
• Data portability where applicable by law (EU/UK)

To exercise these rights, email [email protected]. We will verify your identity and respond within timeframes required by law. Because we do not store audio recordings, requests for call audio cannot be fulfilled; we may provide available summaries and metadata.

Calling Consent (TCPA) and Do Not Call

We only dial phone numbers that you verify and consent to. You can revoke consent by contacting support or using in-product settings (if available). We honor applicable Do Not Call requirements and will not place marketing calls; our calls are service-related to your AI friendship interactions and scheduling preferences.

Security

We employ administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit, access controls, least-privilege practices, audit logging, and secure software development practices. No method of transmission or storage is 100% secure.

Cookies and Analytics

We use PostHog to understand product usage and improve the service. Our configuration uses PostHog Cloud in the EU. Depending on how analytics are configured, cookies or similar technologies may be used. See our Cookie Policy for details and to manage preferences where applicable. We do not use marketing cookies and we do not sell or share personal information for cross-context behavioral advertising. We honor applicable regional consent requirements.

Do Not Track and Global Privacy Controls

Some browsers offer "Do Not Track" (DNT). Our service does not respond to DNT signals. Where required by law, we will honor applicable browser-based or platform-based opt-out signals for targeted advertising if we introduce such features in the future.

U.S. State Privacy Disclosures (e.g., CA/VA/CO/CT/UT)

We do not sell personal information and do not share personal information for cross-context behavioral advertising. State residents may have rights to access, delete, correct, or opt out of certain processing. Submit requests to [email protected]. We will not discriminate against you for exercising your rights.

Additional Disclosures for EU/UK Residents

For EU/UK data subjects, you have the right to lodge a complaint with your local supervisory authority. We rely on SCCs for international transfers and have not appointed an Article 27 representative. Contact [email protected] with questions or to exercise your rights described in this policy.

Additional Disclosures for Canada (PIPEDA)

Canadian residents may request access to and correction of personal information and may withdraw consent subject to legal or contractual limitations. Requests can be sent to [email protected].

Business Transfers

If Mobile Tech Media, LLC is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction, subject to this policy and applicable law.

Limits of Our Policy

Our website and services may link to external sites not operated by us. We have no control over their content and policies and cannot accept responsibility for their practices.

Changes to This Policy

We may update this policy to reflect business, legal, or regulatory changes. We will post updates here and, where required by law or where changes are material, notify you using your contact preferences or in- product notices.

Contact Us

For questions or requests regarding this policy or your personal information, contact:

Mobile Tech Media, LLC
1309 Coffeen Avenue STE 1200
Sheridan, WY 82801, USA
[email protected] | [email protected] | [email protected]