Privacy Policy
At Gozzeep AI ("we," "us," "our"), your privacy is paramount. This Privacy Policy explains in detail what information we collect when you use our platform at gozzeep.io, how we use and protect that information, and your rights regarding your personal data. We encourage you to read this policy thoroughly.
01Information We Collect
We collect several categories of information to provide and improve our Service:
1.1 Account Information
When you register, we collect your email address, display name, chosen username, and password (stored in encrypted/hashed form using Django's PBKDF2 algorithm). You may optionally provide a profile photo, bio, interests, and AI personality notes.
1.2 Chat & Messaging Data
All messages you send and receive are stored to maintain your chat history and provide the Service:
- AI chat messages (your messages and AI responses)
- Direct messages between you and other users
- Group chat messages in groups you participate in
- System messages (join/leave notifications, role changes)
When you summon the AI inside a direct message by typing "@AI", your question and the AI's reply are stored as part of that conversation thread. By default these AI messages are private to you — the other participant cannot see them — until you choose to make a specific AI exchange public. Once you make an AI exchange public, both your question and the AI's reply become visible to the other participant in that thread.
1.2a G Wall Posts & Engagement
Content you publish to the G Wall — including text, photos, videos, captions, and your chosen post visibility (public, friends-only, or private) — is stored to display and deliver your posts. We also store comments, replies, loves, shares, and view counts associated with posts. If you edit a post, we retain the edit timestamp; if you delete a post, it and its attached media are removed from active systems. Posts that contain a video also appear in the dedicated Videos feed, which is simply a filtered view of the same G Wall posts.
1.3 Media & Files
Photos, videos, voice notes, and documents you upload through DMs, group chats, and G Wall posts are stored on our servers. File metadata (name, size, type) is also recorded. The number of images you may attach to a single G Wall post depends on your subscription plan (see our Pricing page); every plan supports one video per post.
1.4 Gossip Mode Data
When you use Gossip Mode, we store:
- The gossip task details (who initiated, who is the target, context provided)
- Task status and progress (pending, approaching, in progress, resolved)
- AI-generated approach messages sent to the target
- The initiator's identity is stored securely but is never shared with or revealed to the target user
1.5 Roast, Confessions & Gift Data
- Roast Mode: We process your public profile information (display name, username, bio, interests) to generate roasts. Roast content is not stored permanently.
- Confessions: Confession text and AI responses are stored. Author identity is recorded internally for abuse prevention but is never displayed to other users.
- Gift Messages: The sender, recipient, message type, and AI-generated message content are stored to deliver and display the gift.
- Gossip Points: Point balances, transaction history, and referral relationships are tracked.
- Streaks: Daily chat activity dates are tracked to calculate streaks and award badges.
1.6 Usage & Analytics Data
We collect usage data to operate and improve the Service:
| Data Type | Purpose |
|---|---|
| Daily message counts | Enforce subscription plan limits |
| Login timestamps | Security and re-engagement notifications |
| Feature usage patterns | Product improvement (aggregate only) |
| Subscription status | Billing and feature access |
| Token usage | AI cost management |
1.6 Device & Technical Data
We collect browser type, operating system, and Web Push notification subscription tokens. We do not collect device identifiers, location data, or contact lists.
1.7 Payment Information
Subscription payments are processed through Flutterwave. We store transaction reference IDs and payment status. We never store credit card numbers, bank account details, or other sensitive payment credentials on our servers.
1.8 Business Hub Information (sellers only)
If you choose to list services on the Business Hub, you provide profile information so buyers can evaluate and contact you: display name, headline, bio, contact email and/or phone, location, website, banner image, and — if you list as a business — business name, address, type, and description. You also create service listings (title, description, price, delivery time, tags, images). This information is public on your hub profile and listing pages. Hiring and payment for hub services takes place off our platform; we do not collect transaction details, contracts, or invoices between you and your buyers.
02How We Use Your Information
- Provide Core Service: Store and deliver messages, maintain chat history, process AI conversations, manage your account and subscriptions
- Gossip Mode: Facilitate anonymous check-ins while ensuring the initiator's identity remains protected
- Groups: Enable group creation, membership management, role assignment, and AI integration in group conversations
- G Wall: Publish, display, edit, and delete your posts; deliver comments, replies, and reactions; surface video posts in the Videos feed; and apply your chosen post visibility
- Business Hub: Display your hub profile and service listings to other users so buyers can discover and contact you; route "Contact seller" requests through our existing DM system; calculate aggregate seller ratings from reviews
- AI in Direct Messages: Generate private AI replies when you summon "@AI" in a chat, and keep those replies private to you until you choose to share them
- Notifications: Send push notifications for new messages, friend requests, group invites, gossip updates, and re-engagement reminders
- Billing & Access Control: Process payments, manage plan features, enforce message limits and feature restrictions per subscription tier
- Security: Detect and prevent fraud, abuse, spam, and unauthorized access
- Improvement: Analyze aggregate usage patterns to improve features, performance, and user experience
03How We Share Your Information
We do not sell, rent, or trade your personal data to third parties. We share data only in these limited circumstances:
- AI Processing (Anthropic): Your chat messages are sent to Anthropic's Claude API for AI response generation. Anthropic processes this data according to their own privacy policy and data handling agreements.
- Payment Processing (Flutterwave): Subscription and payment data is shared with Flutterwave to process transactions securely.
- Push Notifications: Web Push subscription tokens are shared with browser push services (via the standard Web Push Protocol) to deliver notifications to your device.
- Legal Compliance: We may disclose data if required by law, valid court order, subpoena, or to protect the safety and rights of our users or the public.
04Gossip Mode — Privacy Guarantees & Your Controls
Gossip Mode lets you ask the AI to check in on a friend on your behalf. It's designed with privacy as its foundation:
- By default, the AI never reveals who initiated a check-in — your identity stays hidden unless you choose otherwise
- The AI's approach message paraphrases your concern; it does not quote you verbatim or include identifying details
- The target sees what looks like a friendly AI check-in — they cannot determine who prompted it
- Initiators can view the status of their tasks but cannot read the target's private responses; the AI summarizes (always paraphrasing, never quoting)
- We internally track gossip task relationships solely for service operation, abuse prevention, and feature improvement
Recipient privacy controls. Every user has settings (/settings/privacy/) that govern who can run gossip tasks on them:
- Pause gossip mode — a master switch. While paused, no one can run a gossip check-in about you regardless of friend status
- Who can gossip about me — choose Anyone, Friends only, or Nobody
- Allow anonymous check-ins — when off, the AI must reveal who started the check-in before reaching out to you
Initiator anonymity choice. When you start a gossip task, you choose whether to stay anonymous or reveal your identity. This preference is set in your privacy settings and applied automatically. If your recipient blocks anonymous check-ins, the AI will tell you and skip the task.
Voluntary disclosure. The AI does not reveal an initiator's identity even if the target asks repeatedly, unless the initiator has explicitly chosen to reveal their identity for that task.
04bAI Conversations & AI Service Provider
- AI provider: Conversations with our AI are processed by Anthropic's Claude API. By using Gozzeep AI, you consent to your messages being processed by Anthropic for the purpose of generating responses
- No model training: Anthropic does not use our API conversations to train its models, per their commercial agreements
- Conversation storage: Your chat sessions, including messages with the AI, are stored on our servers so you can access them later. You can delete individual sessions at any time
- Background AI tasks: When the AI runs background work (e.g., approaching a target during a gossip task, generating status reports, classifying intent), it does so under the same privacy guarantees as foreground chat
- Voice notes & media: If you upload voice notes or media in DMs or groups, they are stored on our servers. We do not transcribe or analyze them by default
- System AI account: The AI sends DMs to users via a designated system account (@gozzeep). This account cannot log in and is operated only by automated AI services
05Data Storage & Security
We take data security seriously and implement industry-standard protections:
- Hosting: Our platform is hosted on Heroku (Salesforce) with PostgreSQL databases on Amazon Web Services (AWS RDS)
- Encryption in Transit: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS
- Password Security: Passwords are hashed using Django's PBKDF2 algorithm with SHA256 — we never store plaintext passwords
- Media Storage: Uploaded files are stored securely with access controls preventing unauthorized access
- Access Controls: Internal access to user data is restricted to essential personnel only
While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security of your data and encourage you to use strong, unique passwords.
06Data Retention
- Active Accounts: Data is retained as long as your account remains active
- Chat History: Stored based on your subscription plan. You can delete individual chats at any time
- Account Deletion: When you delete your account, personal data is removed within 30 days
- Backups: Encrypted backups may retain data for up to 90 days after deletion
- Aggregate Data: Anonymized, aggregate analytics data may be retained indefinitely
- Legal Holds: Data may be retained longer if required by law or pending legal proceedings
07Your Rights
You have the following rights regarding your personal data:
- Right to Access: Request a copy of all personal data we hold about you
- Right to Correction: Update or correct inaccurate or incomplete information through your profile settings or by contacting us
- Right to Deletion: Request deletion of your account and all associated data
- Right to Data Portability: Request your data in a machine-readable format (available on Premium plan)
- Right to Opt-Out: Disable push notifications, adjust notification frequency, or opt out of re-engagement messages
- Right to Restrict Processing: Request that we limit how we use your data in certain circumstances
To exercise any of these rights, contact us at hello@gozzeep.io. We will respond to all legitimate requests within 30 days.
08Children's Privacy
Gozzeep AI is not intended for and should not be used by children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has created an account, we will promptly delete the account and all associated data. If you believe a child under 13 is using our Platform, please contact us immediately.
09Cookies & Tracking Technologies
We use minimal cookies and tracking technologies:
- Session Cookies: Django session cookies for authentication and maintaining your login state
- CSRF Tokens: Security tokens to prevent cross-site request forgery attacks
- Push Subscription: Browser-stored data for Web Push notification delivery
We do not use third-party tracking cookies, advertising cookies, analytics trackers (like Google Analytics), or any form of cross-site tracking. Your browsing activity on Gozzeep AI stays on Gozzeep AI.
10International Data Transfers
Our servers are hosted in the United States (via Heroku/AWS). If you access the Platform from outside the US, your data may be transferred to and processed in the US. By using the Platform, you consent to this transfer. We ensure appropriate safeguards are in place for international data transfers.
11Third-Party Links & Services
The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of third parties. We encourage you to read the privacy policies of any third-party services you interact with.
12Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated via email or prominent in-app notification at least 14 days before taking effect. The "Last updated" date at the top of this page reflects the most recent revision. Your continued use of the Platform after changes take effect constitutes acceptance of the updated Policy.
13Contact Us
For privacy-related inquiries, data access requests, concerns, or complaints, please contact us:
Get in touch
Email: hello@gozzeep.io
Website: gozzeep.io
We take all privacy concerns seriously and will respond to inquiries within 30 days.