Privacy First Architecture

Your Privacy is
Sacred.

SoulWhisp is built from the ground up to protect your privacy. No human ever sees your conversations. This document explains clearly how we protect what you share.

Last Updated: January 29, 2026
Effective Date: January 29, 2026
Our Commitment to PrivacyWhat Information We CollectHow We Use Your InformationTraining Data & AI ImprovementWhat We DON'T DoWhen We Might Share InformationYour Rights (GDPR & Data Protection)Data SecurityAbuse Prevention & Service MisuseCookies & Tracking TechnologiesThird-Party ServicesChildren's Privacy (COPPA Compliance)International Users & Data TransfersData RetentionFuture Features & PrivacyChanges to This Privacy PolicyYour Control Over PrivacyTransparency & AccountabilityContact UsComplaintsFinal Note

01.Our Commitment to Privacy

At SoulWhisp, privacy isn't just a legal requirement -- it's the foundation of everything we do.

When you're practising saying something you've never said out loud, the last thing you should worry about is who might see your words. That's why SoulWhisp is designed from the ground up to protect your privacy.

The most important thing to know: No human ever sees your conversations. Period.

02.What Information We Collect

Current Service (Free, Anonymous Use)

Information You Don't Need to Provide: You can use SoulWhisp completely anonymously. We don't require: - Your real name - Email address - Phone number - Location - Any identifying information - Account creation

Information We Do Collect

Technical Information (Automatically Collected): - IP address (for security and preventing abuse) - Device type and browser information - Time and date of access - Usage patterns (to improve the service) Conversation Data: - Your messages to SoulWhisp and AI responses -- processed in real-time only, then deleted when you close the chat

Optional Information (Only If You Provide It)

Donation information (processed by Stripe, not stored by us).

Future Features (Not Currently Available)

In the future, we may offer optional features such as: - Account creation (for chat history) - Personalised AI responses (based on past conversations) - Subscription options If we introduce these features: - They will be completely optional - Free anonymous use will always remain available - This privacy policy will be updated with clear information about what data is collected and how - You will be notified before any changes take effect

03.How We Use Your Information

Your Conversations

- Real-time use only: Your conversations with SoulWhisp are processed in real-time by our AI to provide responses. - No storage: Conversations are NOT stored after your session ends. Once you close the chat, your words are gone forever. - No human access: No human -- not our staff, not developers, not anyone -- can see what you say to SoulWhisp. - No memory between sessions: SoulWhisp does not remember previous conversations. Each session is completely separate. You start fresh every time.

Technical Data

We use technical information to: - Prevent abuse and protect the service - Detect and prevent spam or malicious use - Improve SoulWhisp's performance - Understand how people use the service (in aggregate, never individually)

04.Training Data & AI Improvement

Your conversations are NEVER used to train our AI.

SoulWhisp's AI is built on listening principles learned from years of volunteer crisis work -- not on your personal conversations.

When you talk to SoulWhisp, your words are processed in real-time to generate responses, then immediately deleted when you close the chat. They are: - Never stored anywhere - Never used for training or improvement - Never analysed or reviewed - Never seen by humans

Why we don't use your conversations: People practising saying the hardest things they've ever said need absolute certainty that their words stay private. We will never compromise that trust -- even for "improvement" or "research."

Will this ever change? If we ever want to offer an optional feature where users can choose to help improve SoulWhisp by sharing anonymized data, we will: - Update this policy with clear, detailed information - Make it completely opt-in (never automatic or default) - Give you full control to opt in or out at any time - Ensure true anonymization with no way to identify you - Notify all users prominently before launching But right now, and for the foreseeable future: your words are yours alone.

05.What We DON'T Do

  • -Store your conversations
  • -Create user profiles
  • -Track you across sessions
  • -Share your data with third parties
  • -Sell your information to anyone
  • -Use your conversations for marketing
  • -Track you across other websites
  • -Use your data to train AI models
  • -Remember what you said in previous sessions

06.When We Might Share Information

Legal Obligations

We may be required to disclose information if: - We receive a valid court order or subpoena - Required by law to prevent imminent harm - To comply with legal processes Important: Because we don't store conversations, we cannot provide conversation content even if legally required. We can only provide limited technical information (IP address, access times).

Safety Exceptions

SoulWhisp is not equipped to handle active emergencies. If you express immediate danger to yourself or others, SoulWhisp will: - Suggest you contact emergency services immediately - Provide crisis helpline information - Not contact authorities on your behalf (we have no way to identify or locate you) SoulWhisp cannot: - Track your location - Contact emergency services for you - Identify who you are - Reach out to anyone on your behalf

07.Your Rights (GDPR & Data Protection)

Under GDPR, CCPA, and similar data protection laws, you have the right to:

Access: Request what data we have about you. Note: We have limited data (technical information only -- no conversations). Deletion: Request deletion of your technical data. Note: Conversations are already deleted automatically after each session. Correction: Update any information we hold. Note: Currently not applicable as we don't store personal information. Portability: Receive your data in a standard format. Note: Limited to technical access logs (no conversation data exists). Opt-out: Stop using the service at any time with no record kept.

To Exercise These Rights

Contact: support@soulwhisp.ai

08.Data Security

How We Protect Your Data

- Encryption in transit: All communications are encrypted using HTTPS/TLS - No storage = No breach risk: Because we don't store conversations, they cannot be stolen, leaked, or accessed in a data breach - Minimal data collection: We collect only the minimum technical data necessary to operate securely - Secure infrastructure: Our servers are hosted in secure, GDPR-compliant facilities within the EU - Access controls: Only essential technical personnel have access to systems (and they cannot see conversations--these are processed by AI only) - No permanent records: Without stored conversations, there are no databases to hack or subpoena

09.Abuse Prevention & Service Misuse

How We Detect Misuse

While we don't store your conversations, we do monitor for patterns of abuse to protect the service. We may detect: - Repeated rapid-fire messages (spam) - Attempts to break or manipulate the AI - Patterns suggesting automated bot use - Excessive usage designed to overload the system What we see: Technical patterns only (frequency, timing, behavior) What we DON'T see: Actual conversation content

Prohibited Uses

SoulWhisp is designed for people who need a space to be heard. It is not designed for: - Sexual or romantic conversation - Entertainment or "jailbreaking" the AI - Spam, advertising, or promotional content - Harassment or abusive language - Automated bot interactions - Testing or "tricking" the AI for fun - Any use unrelated to genuine emotional support Why these restrictions matter: SoulWhisp is a resource built for people who need to practise saying the things they can't say anywhere else. When people misuse it, they take that resource away from someone who needs it.

What Happens If You Misuse SoulWhisp

Temporary measures: - Your IP address may be temporarily blocked - You may be asked to verify you're human (CAPTCHA) - Access may be rate-limited For serious or repeated abuse: - Permanent IP ban - Report to authorities (if illegal activity detected) Important: We cannot see your conversation content to determine misuse. We only detect technical patterns that suggest the service is being abused.

How to Appeal

If you believe you were blocked in error, contact: support@soulwhisp.ai We'll review the technical patterns and restore access if appropriate.

10.Cookies & Tracking Technologies

What Are Cookies

Cookies are small text files stored on your device when you visit websites. They help websites remember your preferences and provide essential functionality.

Cookies We Use

Essential Cookies (Always Active) These cookies are necessary for the website to function and cannot be disabled: - Session Cookies: Manage your browsing session - Duration: Session - Purpose: Security and functionality - Cookie Consent: Store your cookie preferences - Duration: 12 months - Purpose: Remember your cookie choices - Stripe Cookies: Payment processing (only on donation page) - Duration: Varies - Purpose: Secure payment processing - Third-party: stripe.com - Stripe Privacy Policy: https://stripe.com/privacy

Optional Cookies (Require Your Consent)

Analytics Cookies: Not currently active - Future use: Understand website usage - Will require explicit consent before activation Marketing Cookies: Not used - We do not use marketing or advertising cookies

AI Chat and Cookies

Our AI chat feature does NOT use cookies: - Conversations are not tracked - No session persistence - No data storage - Completely anonymous - Messages deleted immediately after session

Managing Cookies

You can manage your cookie preferences: - Click "Cookie Settings" in the footer - Change preferences anytime - Block cookies through browser settings Note: Blocking essential cookies may prevent payment processing.

Third-Party Cookies

The only third-party cookies we use are from Stripe for payment processing. These are only set when you visit the donation page. We do NOT use: - Google Analytics - Facebook Pixel - Advertising cookies - Cross-site tracking - User profiling tools

Cookie Duration

- Essential cookies: Session or 12 months - Consent preferences: 12 months - We will re-ask for consent after 12 months

GDPR and CCPA Compliance

- EU/UK visitors: Full GDPR compliance - California residents: CCPA compliant - You can withdraw consent anytime - Essential cookies exempt from consent requirement - No pre-checked boxes (opt-in required) - Clear information about each cookie category

11.Third-Party Services

Services We Use

Stripe (Donations): If you donate, Stripe processes your payment. We never see your payment information. See Stripe's privacy policy: https://stripe.com/privacy OpenAI (AI Processing): Processes conversations in real-time to generate responses. Does not store your conversations. See OpenAI's privacy policy: https://openai.com/privacy Web Hosting (Vercel): Our website is hosted on Vercel's secure servers. Hosting provider cannot access conversation content. Only technical logs (IP addresses, access times).

We Do Not Use

- Google Analytics or Google services - Facebook or social media tracking - Third-party advertising networks - Email marketing services (we don't collect emails)

12.Children's Privacy (COPPA Compliance)

Ages 13 and under: SoulWhisp is not intended for children under 13. We do not knowingly collect information from children under 13.

Ages 13-17: Teens may use SoulWhisp. We recommend parental awareness, though we do not require parental consent.

Parents should know: - Conversations are completely private (we cannot monitor or access them) - We cannot provide transcripts or reports - We cannot identify users or track their activity - If you have safety concerns, we encourage open communication with your teen

If we learn we've collected data from a child under 13, we will delete it immediately.

13.International Users & Data Transfers

SoulWhisp is available globally.

Where data is processed: - Servers located in EU data centres - AI processing by OpenAI (US-based, GDPR-compliant)

We comply with: - GDPR (European Union) - UK GDPR (United Kingdom) - CCPA (California Consumer Privacy Act) - Other applicable data protection laws

Data transfers: Any data processed outside the EU is protected by: - Standard Contractual Clauses (SCCs) - Adequacy decisions where applicable - Strong encryption and security measures

14.Data Retention

  • -Conversations: Deleted immediately when you close the chat. Not stored anywhere, ever. Cannot be recovered.
  • -Technical logs (IP address, access time): Retained for 30 days for security/abuse prevention. Then permanently deleted.
  • -Donation records: Processed and stored by Stripe (not SoulWhisp). Retained per Stripe's policy and tax requirements.
  • -Analytics data: Aggregate only (no individual data). Retained indefinitely (cannot identify individuals).
  • -Future account data (when available): Will be detailed in updated privacy policy. Users will have full control to delete.

15.Future Features & Privacy

What We're Planning

We may introduce optional features in the future, such as:\n\n- Optional accounts with chat history saved (only if you create an account)\n- Personalised responses based on past conversations\n- Subscription for enhanced features

What Won't Change

- Free anonymous use will always be available - No one will be forced to create an account - Conversations will remain private (no human access) - You'll always have the option to use SoulWhisp without any data storage

How We'll Handle New Features

Before launching new features that collect data: - We'll update this privacy policy with clear details - We'll notify all users prominently on the website - We'll give you time to review changes - New features will be opt-in (you choose to use them) - Anonymous use will remain unchanged You will always have the choice between: - Anonymous mode (no storage, no tracking, no account) - Account mode (optional features with some data storage)

16.Changes to This Privacy Policy

When We Update This Policy

We may update this Privacy Policy to reflect: - Changes in laws or regulations - New features or services - User feedback - Security improvements

How We'll Notify You

Minor changes: Updated "Last Updated" date at the top Major changes: Prominent notice on the website for at least 30 days Significant changes affecting your privacy: - Banner notification on homepage - Email notification (if we have your email from donations) - Explanation of what changed and why

Your Continued Use

Continued use of SoulWhisp after policy updates means you accept the changes. If you don't agree, please stop using the service.

17.Your Control Over Privacy

You Are In Control

- Use anonymously: No account needed, no data stored - Close the chat: All conversation data is deleted immediately - Clear your browser: Remove any local session data - Use incognito/private browsing: Extra privacy layer - Use a VPN: Additional privacy protection (optional)

What You Can Request

Access request: "What data do you have about me?" Response: Technical logs from past 30 days (IP, access times). No conversation data (doesn't exist). Deletion request: "Delete my data" Response: We'll delete technical logs immediately. Conversations are already deleted automatically. Questions: "How is my data used?" Response: Contact support@soulwhisp.ai

18.Transparency & Accountability

Our Promise

We commit to complete transparency about privacy practices.

We will never

- Secretly change how we handle data - Start storing conversations without telling you - Sell data to third parties - Use your conversations for any purpose beyond your immediate session

We will always

- Be honest about what data we collect - Explain clearly how data is used - Give you control over your information - Notify you of any changes

If We Receive Legal Requests

If we receive: - Court orders - Subpoenas - Government requests for data We will: - Notify you if legally permitted - Provide only the minimum information required by law - Challenge overly broad requests - Publish transparency reports (if we receive requests) Remember: We can't provide conversation content--it doesn't exist.

19.Contact Us

Privacy Questions or Concerns

Email: support@soulwhisp.ai Response time: We aim to respond within 48 hours

Data Protection Rights Requests

Email: support@soulwhisp.ai Subject line: "Data Rights Request"

Security Issues

Email: support@soulwhisp.ai If you discover a security vulnerability, please report it responsibly.

General Contact

Email: support@soulwhisp.ai

20.Complaints

If you believe we've violated your privacy rights or data protection laws:

EU/UK residents: Contact your local data protection authority - UK: Information Commissioner's Office (ICO) - EU: Your national data protection authority

California residents: California Privacy Protection Agency

Other jurisdictions: Your local consumer protection or privacy regulator

We take complaints seriously and will work to resolve any concerns.

21.Final Note

Privacy is not just a policy for us -- it's our core principle.

SoulWhisp exists to give people a safe space to practise saying the things they can't say anywhere else. That requires absolute trust that what you say stays private.

We've built SoulWhisp to respect that trust: - No storage - No tracking - No humans seeing your words - No compromises

The practice conversation only works if you feel completely safe. We're committed to making sure you always do.

If you ever have concerns about privacy, please reach out. We're here to help.