Privacy Policy.

Plain-English version: every Peppi is private. We never sell your data, and your conversations are never shared with other users or used to train public models.

Last updated: January 1, 2026

1. Overview

This Privacy Policy describes how Peppi ("we," "us," "our") collects, uses, stores, and protects information when you use our SMS-based AI companion service (the "Service"). By using Peppi, you consent to the practices described here.

We employ state-of-the-art encryption and data protection measures to ensure that your interactions are confidential and safeguarded.

2. Information we collect

Account information

When you sign up, we collect your phone number, optional email, and the personalization choices you make (your buddy's name, personality, backstory, and how they know you).

Conversation data

We store the SMS messages you send and the replies Peppi generates so your buddy can remember context and personalize over time.

Connected services

If you connect Google Calendar, we receive event metadata, availability, and Meet link details to perform the actions you request. We do not read calendar contents beyond what's needed to fulfill your requests.

Usage & device data

Aggregate usage statistics, error logs, and message-delivery telemetry. No precise location data unless you explicitly share it.

3. How we use your information

  • Provide replies, memory, and personalization for your Peppi
  • Carry out actions you request (calendar events, web searches, sending email-to-self)
  • Bill your subscription and process top-ups
  • Improve reliability, fix bugs, and prevent abuse
  • Communicate service updates and respond to support requests

4. What we never do

  • Sell your personal data to third parties
  • Share your conversations with other Peppi users
  • Use your conversations to train publicly-available AI models
  • Read your messages outside what's required to operate the Service

5. When we share data

We share limited information only with vetted service providers who help us run Peppi: SMS carriers, hosting and infrastructure providers, payment processors, and AI model providers under strict data-processing agreements. We may also disclose information if legally compelled or to protect safety.

6. Retention

We retain your conversations for as long as your account is active so your Peppi can remember you. You can ask Peppi to forget specific items at any time, or wipe everything from account settings. After account deletion, we remove personal data within 30 days, except where retention is legally required.

7. Your rights

You can request a copy of your data, correct it, delete it, or restrict processing. Email [email protected] and we'll respond within 30 days. Residents of California, the EU/EEA, and the UK have additional rights under CCPA, GDPR, and UK GDPR.

8. Security

We use industry-standard encryption in transit and at rest, role-based access controls, audited infrastructure, and regular security reviews. No system is 100% secure, but we treat your data with the seriousness it deserves.

9. Children

Peppi is for adults 18+. We do not knowingly collect data from anyone under 18. If you believe a minor has signed up, contact [email protected] and we'll remove the account.

10. International users

Peppi currently operates from the United States. If you use the Service from outside the US, your data may be transferred to and processed in the US under appropriate safeguards.

11. Changes to this policy

We'll post any changes here and update the "Last updated" date above. Material changes will be communicated by SMS or email.

12. Contact us

Questions, requests, or concerns? Email [email protected] or reach out via our contact page.