Privacy Policy

Privacy Policy – GhostGPT

Effective Date: 6 September 2025
Operator: Intelvia Ltd (“GhostGPT”, “we”, “our”, “us”)
Contact: support@ghostgpt.info

1. Introduction

GhostGPT is built with privacy as a core principle. We use strong encryption and a zero-knowledge architecture: we do not store or read your conversations. This Privacy Policy explains what information we collect, how we use it, and your rights under global privacy laws.

2. Information We Collect

We collect only the minimum information needed to provide our Services:

A. Information you provide

  • Account basics: If you create an account, we may collect your email address and password (hashed).

  • Support messages: If you contact us, we store your message and email.

  • Subscription details: Purchase receipts, subscription status, and identifiers provided by Apple App Store, Google Play, or RevenueCat.

B. Automatically collected information

  • Device & app info: Operating system, app version, device model, language, and crash/diagnostic logs.

  • Identifiers: App installation ID, platform purchase identifiers.

  • Network metadata: IP address at connection (used only for security and abuse prevention).

C. Conversations

  • Chat content is not stored by us. Your encrypted messages are transmitted securely to our AI provider for processing and then discarded.

3. How We Use Your Information

We use the information we collect for:

  • Delivering the core chat functionality.

  • Managing subscriptions and billing.

  • Detecting abuse, fraud, and security threats.

  • Debugging, crash analysis, and performance monitoring.

  • Responding to your support requests.

  • Complying with legal obligations.

We do not sell your data or use it for advertising.

4. AI Provider Processing

To generate responses, your prompts are securely transmitted to our AI provider (OpenAI). According to OpenAI’s published policy:

  • API data is not used to train models by default.

  • API inputs/outputs may be retained for up to 30 days to monitor for abuse, unless “Zero-Data Retention” endpoints are used.

  • Data may be disclosed if required by law.

5. Sharing of Information

We only share limited information with:

  • Apple, Google, RevenueCat: for subscription and billing management.

  • OpenAI: to process your chat messages.

  • Professional advisors (lawyers, auditors) under confidentiality.

  • Legal authorities if required by valid legal process.

We never sell or rent your data.

6. Data Retention

  • Chat content: Not stored by us.

  • AI vendor logs: Up to 30 days, per vendor policy.

  • Billing records: Retained as required for tax and audit purposes (typically 6–10 years).

  • Diagnostics & security logs: Retained up to 180 days, unless needed longer for security or legal reasons.

7. How We Protect Your Data

  • End-to-end encryption: Messages are encrypted before transmission.

  • No permanent chat storage: We cannot read or retrieve your past conversations.

  • Industry standards: TLS in transit, AES-256 at rest, strict access controls.

  • Vendor safeguards: Contracts and security reviews with all processors.

No system is 100% secure, but we continually apply best practices.

8. Your Rights

Depending on where you live, you may have the right to:

  • Access a copy of the personal data we hold about you.

  • Request correction of inaccurate information.

  • Request deletion of your personal data.

  • Request data portability.

  • Object to or restrict certain processing.

  • Withdraw consent (where applicable).

California (CPRA): We do not “sell” or “share” your personal information for cross-context advertising. You can request access or deletion by emailing support@ghostgpt.info.

UK/EU (GDPR): You may contact your local data protection authority if you believe your rights have been violated.

Because we do not store chat logs, we generally cannot retrieve or delete past messages.

9. Children’s Privacy

GhostGPT is not intended for children under 13, or under the minimum digital age in your country (e.g. 16 in parts of the EEA). We do not knowingly collect personal data from children. If you believe a child has used GhostGPT, contact us at support@ghostgpt.info.

10. International Transfers

Data may be transferred and processed outside your country (e.g., in the United States). Where required, we use legal safeguards such as Standard Contractual Clauses (SCCs).

11. Service Providers

Our core sub-processors are:

  • Apple App Store / Google Play (subscriptions)

  • RevenueCat (subscription management)

  • OpenAI (AI response generation)

We keep this list updated at: https://ghostgpt.info/subprocessors

12. Service Availability

We may update, suspend, or restrict the Services at any time for operational, legal, or security reasons.

13. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via the app or website. Continued use after updates constitutes acceptance.

14. Contact

For privacy questions, rights requests, or complaints:
Intelvia Limited
Email: support@ghostgpt.info

Support

Find assistance and information for GhostGPT

Contact

Help

projects@intelvia.co.uk

© 2025. All rights reserved.