Last revised · June 1, 2026

Privacy Policy

This Privacy Policy describes the privacy practices of Uare.ai, Inc. (“we,” “us,” or “our”), and how we handle personal information that we collect through and in connection with our website at https://www.uare.ai/ our applications, and any other website or service that we own or control and that links to this Privacy Policy (the “Services”).

Uare.ai lets you create, personalize, and interact with your own “Individual AI” through which you can engage via text or voice, generate authentic content, share your creations, and unlock new ways to monetize your digital self. You and other users who create and manage Individual AIs are referred to as “End Users” This Policy applies to our website visitors, registered users, End Users, guest users, business contacts, and other individuals who interact with us.

Personal Information We Collect

We collect the following categories of personal information about you:

Information you provide to us:

  • Contact information, such as your first and last name, email address, phone number, and mailing address.
  • Account information, such as the username and password you use to access our Services, profile picture, age, gender, location, and the account preferences and settings you select.
  • Payment and transaction information needed to complete your transactions with us or to facilitate payouts, including name, payment card information, billing address, transaction history, payout information, and tax-related information. Payment information is processed by our payment service providers, which handle your payment information in accordance with their own privacy policies. We do not have access to your full payment card information.
  • Demographic information, such as information that you voluntarily provide or include in your profile, including biographical information.
  • Visual, audio, and other user content, such as photos, audio recordings, videos, documents, text-based notes, personality descriptions, personal memories or knowledge, biographical information, avatar configurations, voice configurations, and other user-generated content that you upload or otherwise provide through the Services to create, customize, or enhance your Individual AI.
  • Biometric information you provide, such as voiceprints derived from voice samples and facial geometry data derived from images or videos you upload. We collect and process biometric information subject to our Biometric Notice and Consent.
  • Conversation and message information, such as chat messages you send and receive (including messages exchanged with your Individual AI or public Individual AIs), voice inputs, audio transcripts, conversation metadata, message attachments, AI-generated responses, vector embeddings generated from your messages for search and memory functionality, and conversation-level settings.
  • Communications that we exchange with you, including when you contact us with questions, feedback, or otherwise.
  • Marketing information, such as your preferences for receiving our marketing communications, details about your engagement with them and any marketing segmentation information we generate based on your interactions with our Services.
  • Other information not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Where you provide us with the personal information of third parties, it is your responsibility to inform them about the processing of their personal information in accordance with this Privacy Policy, and to confirm that they have given their permission.

Automatic data collection. We and our service providers may automatically log and combine information about you, your computer or mobile device, and your interactions over time with the Services, online resources, and our communications, such as:

  • Device data, including your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, and general location information such as city, state, or geographic area.
  • Usage data, including pages, screens and/or features you viewed, accessed and/or used, how long you spent on a page, screen and/or feature, the website you visited before browsing to the Services, navigation paths between pages or screens, information about your activity on a page, screen and/or feature, access times, duration of access, and whether you have opened or otherwise engaged with our communications, such as our marketing emails, or clicked links or files within them.

We use the following tools for automatic data collection:

  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
  • Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.

For more information, including on our use of Cookies, please visit our Cookie Notice.

Information we obtain from other sources:

  • Third-party login information. When you link, connect, or log in to our Services with a third-party service, you may direct the service to send us information controlled by that service or as authorized by you via your privacy settings on that service.
  • Social media. We may maintain pages on social media platforms, such as LinkedIn, Instagram, and other third-party platforms. When you visit or interact with our pages on those platforms, you or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.
  • Other Uare.ai users. We may receive your personal information from other users of our Services. For example, when you interact with a public Individual AI, the End User or Professional who created that Individual AI can view the conversations you have with it and any information you share in those conversations, and may receive other data associated with your interactions.
  • Other sources. We may obtain personal information from other third parties, such as marketing partners, publicly-available sources, and data providers.

Information from Connected Services:

If you choose to authorize your Individual AI to connect to a third-party service (each, a “Connected Service”)—for example, email, calendar, messaging, document storage, productivity, customer relationship management, payments, or social media applications—we may receive limited personal information from that Connected Service through the Model Context Protocol and our integration partner Composio, Inc. (“Composio”). We refer to this information as “Connected Service Data.” Connected Service Data may include:

  • Content you instruct your Individual AI to access, read, send, or modify (such as email messages, calendar events, chat messages, documents, contact lists, customer records, or social media posts);
  • Metadata associated with that content (such as senders and recipients, timestamps, subject lines, file names, channel names, or labels); and
  • Connection metadata identifying which Connected Services you have authorized and the OAuth scopes you have granted.

How we handle Connected Service Data. Connected Service Data is processed ephemerally on a per-turn basis (i.e., per user interaction). Connected Service Data is truncated at 10KB per call and is not persisted into our long-term storage, our knowledge graph, or used to train any AI model. OAuth credentials and access tokens for Connected Services are held by Composio as our authorized sub-processor; Uare.ai does not directly store OAuth tokens for Connected Services.

Third-party data subjects. Content from Connected Services may include personal information about third parties (for example, the senders and recipients of your emails). You are responsible for ensuring that you have a lawful basis to share such information with us and that doing so complies with applicable privacy and data protection laws and the terms of the Connected Service.

How to disconnect a Connected Service. You may disconnect a Connected Service at any time from your account settings, which signals Composio to revoke the underlying authorization. You may also revoke authorizations directly at the third-party service provider.

Important—account deletion does not automatically revoke Connected Services. At the time of publication of this Privacy Policy, deleting your Uare.ai account does not automatically revoke OAuth authorizations you have granted to Connected Services through Composio. To fully revoke a Connected Service authorization, you must (a) disconnect the Connected Service through your account settings prior to deletion, or (b) revoke the authorization directly at the third-party service provider or with Composio. We are working to enable automatic revocation on account deletion in a future release.

How We Use Personal Information

We use personal information for the following purposes or as otherwise described at the time of collection:

To provide our Services. We process your personal information as necessary to perform our contract with you. This includes:

  • Creating, hosting, and operating your Individual AI, including processing your uploaded content to generate your Individual AI’s knowledge, personality, communication style, avatar, and voice;
  • Facilitating conversations and interactions between you and your Individual AI, between End Users and public Individual AIs, and communicating with you regarding your account and responding to any inquiries you may have;
  • Generating AI-powered content (text, images, audio, and video) through your Individual AI, serving personalized content feeds, and recommending Individual AIs or content based on your preferences and engagement;
  • Analyzing your use of our Services to allow us to evaluate, maintain, and improve the Services.

For Sensitive Information you provide. In creating or enhancing your Individual AI, or when communicating with public Individual AIs, you may choose to provide information that is considered sensitive under applicable data protection laws, such as health information, information about religion or beliefs, racial or ethnic origin, or other similar categories. We process sensitive information only where permitted by law, such as with your explicit consent, where necessary for reasons of substantial public interest, or where required to comply with legal obligations.

For research, development, benchmarking, and improving our Services. We rely on our legitimate interests in analyzing, improving, and growing our business to process your personal information for these purposes. We may use Service-usage insights to analyze and improve the Services, identify trends, and operate and expand our business activities. We do not use your private data, voice, likeness, or Individual AI content to train foundational or shared AI models. We only process your data to train your private, per-user model and embeddings that power your Individual AI. We may create aggregated, anonymized, or other de-identified statistics, which we may use for lawful business purposes, including for analytics, forecasting, and strategic planning.

For marketing and advertising. We rely on your consent or our legitimate interests in promoting our business to process your personal information for marketing and advertising purposes, as applicable and as permitted by law, including:

  • Email. We or our advertising partners may from time-to-time send you direct marketing emails as permitted by law, including, but not limited to, notifying you of special promotions, offers and events via email. We process your personal information for this purpose based on our legitimate interest in promoting our Services, or where required by applicable law, based on your consent. You may opt out of our marketing emails as described in the “Opt out of marketing communications” section below.
  • Interest-based advertising. We engage our advertising partners, including third party advertising companies and social media companies, to display ads around the web. These companies may use cookies and similar technologies to collect information about your interaction over time across our Services, our communications, and other online services, and use that information to serve online ads that they think will interest you. We process your personal information for this purpose based on your consent or our legitimate interest in promoting our Services, as applicable. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms. You can learn more about your choices for limiting interest-based advertising in the “Online tracking opt-out” section below.

For Surveys and reviews. We rely on our legitimate interests to process information you provide in surveys or reviews to understand user satisfaction, improve the Services, and monitor service quality.

For Supplier and partner relationships. Where you are a supplier, partner, or representative of one, we process your personal information as necessary to perform a contract or based on our legitimate interests in communicating with you and managing the business relationship.

For compliance and protection. We rely on our compliance with legal obligations, or our legitimate interests in protecting our rights and the rights of others, to process your personal information as necessary to comply with legal obligations and regulatory requirements, to enforce any applicable terms and conditions, initiate, defend or resolve legal claims or disputes, protect the security and integrity of our Services, and identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity.

How We Disclose Personal Information

We may disclose personal information to the following individuals or entities and as otherwise described in this Privacy Policy or at the time of collection:

  • Other End Users. In accordance with the settings you select for your Individual AI, we make certain information available to other users of our Services. For example, if you make your Individual AI public, End Users may interact with your Individual AI and view associated profile information. You control the information you upload to the Service and make available through your Individual AI; If you interact with an Individual AI created by another End User or a Professional, that creator can view your conversations with their Individual AI, including any sensitive or health-related information you choose to share. Please exercise care in the information you choose to share, and do not share information you would not want the creator of an Individual AI to see.
  • Affiliates. We may share your personal information with our affiliates, meaning an entity that controls, is controlled by, or is under common control with Uare.ai.
  • Service providers. Companies and individuals that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, advertising and analytics services).
  • Professional advisors. Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
  • Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
  • Business transferees. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, our business (including, in connection with a bankruptcy or similar proceedings).
  • Your instruction or permission. Other relevant third parties, where you give us permission to do so in the course of your relationship with us from time to time.

International Data Transfers

You will provide personal information directly to us in the United States. We may also transfer personal information to our affiliates and service providers in the United States and other jurisdictions. Please note that such jurisdictions may not provide the same protections as the data protection laws in your home country.

When we engage in cross-border data transfers, we will ensure that relevant safeguards are in place to afford adequate protection for personal information and we will comply with applicable data protection laws. Where required, we rely on appropriate transfer mechanisms, including the European Commission’s Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum, and, where applicable, the EU-U.S. Data Privacy Framework and its UK extension. For more information about how we transfer personal information internationally, or to obtain a copy of the relevant safeguards, please contact us as set out in the “How to Contact Us” section below.

Your Privacy Rights and Choices

Access or update your information. If you have registered for an account with us, you may review and update certain personal information in your account profile by logging into the account.

Opt out of marketing communications. You may opt out of marketing-related communications – both emails and texts – by following the opt-out or unsubscribe instructions in the communications you receive from us or by contacting us as provided in the “How to Contact Us” section below. You may continue to receive Services-related and other non-marketing communications.

Personal information requests. We offer you choices that affect how we handle your personal information. Depending on your location and the nature of your interactions with our Services, you may request the following in relation to personal information:

  • Information about how we have collected and used personal information. We have made this information available to you by including it in this Privacy Policy.
  • Access to a copy of the personal information that we have collected about you. Where applicable, you can also ask us for portability of this personal information (i.e. to provide personal information in a portable, machine-readable, readily usable format to you or another third party you designate).
  • Correction of personal information that is inaccurate or out of date.
  • Deletion of personal information that we no longer need to provide the Service or for other lawful purposes.
  • Object to us processing your personal information where we rely on our legitimate business interest to do so.
  • Additional rights, such as to request that we restrict our use of your personal information, and where applicable, you may withdraw your consent to our processing of your personal information at any time where we rely on your consent to process that personal information. This won’t affect anything we have used your personal information for before you withdraw your consent.
  • Appeal our denial of your personal information request by contacting us as set out in the “How to Contact Us” section below.

To make a request, please email us or write to us as provided in the “How to Contact Us” section below. We may ask for specific information from you to help us confirm your identity. Depending on your jurisdiction, you may designate an authorized agent to make requests on your behalf. You are entitled to exercise the rights described above free from discrimination.

Limits on your privacy rights and choices. In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the “How to Contact Us” section below.

Right to complain. You have the right to lodge a complaint about the way we handle or process your personal information with a data protection regulator in the country where you live or work, or where you believe your data protection rights have been violated.

Right not to share your personal information. Where we are required by law to collect your personal information, or where we need your personal information in order to provide services to you, if you choose not to provide this information when requested (or you later ask to delete it), we may not be able to provide you with these services. We will tell you what information is necessary at the time of collection or through other appropriate means.

Mobile Application Disclosures

The following disclosures apply specifically to our mobile applications:

  • Camera. Where you grant camera permission, we use it solely for capturing photos to create or update your Individual AI’s avatar. Captured images are temporarily cached on your device, then uploaded to our servers for processing.
  • Microphone. Where you grant microphone permission, we use it solely for voice interactions with your Individual AI and for voice training (to create or refine your voice configuration). Audio is transmitted to our servers over secure connections.
  • Device-based biometric authentication. Where you enable Face ID, Touch ID, or fingerprint recognition to unlock the app, the biometric matching is performed entirely on your device by your device’s operating system. We do not collect, transmit, or have access to any biometric template used by your device for authentication. See our Biometric Notice & Consent for additional information.
  • Local device storage. We store certain authentication-related data on your device using Apple Keychain (iOS) or Android Keystore (Android), including your refresh token, session identifier, user identifier, and a flag indicating whether biometric authentication is enabled. Local preferences (such as theme) and cached media for offline playback are also stored on your device.
  • Third-party analytics and crash reporting. As of the date of last revision, our mobile applications do not include third-party analytics or crash reporting software development kits (SDKs).
  • Network transmission. All data transmitted between our mobile applications and our servers is sent over HTTPS.

Other Sites and Services

Our Services may contain links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions. This Privacy Policy does not apply to such third-party sites or services.

Security

We use reasonable organizational, technical, and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration, and destruction of personal information we maintain. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure. Therefore, while we strive to protect your personal information, we cannot guarantee the security of personal information.

Retention of Personal Information

Where required under applicable laws, we retain personal information only for as long as is necessary to fulfil the purposes described in this Privacy Policy, including to provide the Services and where we have a legitimate business need to do so, such as where the retention is required by law or regulatory obligations (e.g. tax, legal, or accounting purposes), to enforce and prevent violations of our terms and conditions of service, or to defend against legal claims.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we use personal information and whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements. Additionally, when it comes to biometric information, we will retain it in accordance with our Biometric Notice and Consent.

Children’s Privacy

Our Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13 without verifiable parental consent as required by applicable law. Children between 13 and 18 years of age (or the applicable minimum age of digital consent in their country of residence) may use the Services only as permitted in our Terms of Service and, where required by law, with the consent of a parent or legal guardian. If we learn that we have collected personal information from a child in a manner inconsistent with applicable law, we will delete it.

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. Where we do so, we will update the date of this Privacy Policy and post it on the Services. If we make material changes to this Privacy Policy, we will let you know.

How to Contact Us

Contact us. If you have any questions or comments about this Privacy Policy, our privacy practices, or if you would like to exercise your rights with respect to your personal information, please email us at privacy@uare.ai

EU and UK Representatives. We have appointed European Data Protection Office (EDPO), at Avenue Huart Hamoir 71, 1030 Brussels, Belgium as our representative in the EU for data protection matters, and EDPO UK Ltd, at Unit 33, Waterside, Schooner Court, 44-48 Wharf Road, London, N1 7UX, United Kingdom as our representative in the UK for data protection matters.

Pursuant to Article 27 of the GDPR, you can contact EDPO regarding matters pertaining to the GDPR by using EDPO’s online request form at https://edpo.com/gdpr-data-request/ or by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium. Pursuant to Article 27 of the UK GDPR, you can contact EDPO UK regarding matters pertaining to the UK GDPR by using EDPO UK’s online request form at https://edpo.com/uk-gdpr-data-request/ or by writing to EDPO UK at Unit 33, Waterside, Schooner Court, 44-48 Wharf Road, London, N1 7UX, United Kingdom.

Your U.S. State Privacy Rights

This section provides additional information for residents of California and other U.S. states that have comprehensive privacy laws (including Virginia, Colorado, Connecticut, Texas, Oregon, Montana, and others). It supplements the rest of this Privacy Policy.

Notice at Collection. We collect the categories of personal information described in the “Personal Information We Collect” section above, including identifiers, contact and account data, commercial and transaction information, payment information, demographic information, visual and audio content, biometric information, conversation and message content, internet and other electronic activity, geolocation, professional information, inferences, and sensitive personal information. We collect personal information for the business and commercial purposes described in the “How We Use Personal Information” section, and we disclose it to the categories of recipients described in the “How We Disclose Personal Information” section. We retain personal information for the periods described in the “Retention of Personal Information” section.

Sale or sharing of personal information; your right to opt out. We do not sell your personal information for money. However, when we enable interest-based advertising and allow advertising and analytics partners to collect identifiers and internet activity through cookies and similar technologies, those activities may be considered a “sale” or “sharing” (cross-context behavioral advertising) under California and other state laws. You have the right to opt out. To exercise it, you may (a) use our “Do Not Sell or Share My Personal Information” control available through the Service or our cookie preferences tool, or (b) enable a Global Privacy Control (GPC) signal in your browser, which we will treat as a valid opt-out request for the browser or device on which it is enabled. We do not knowingly sell or share the personal information of consumers under 16 years of age.

Sensitive personal information. We collect certain sensitive personal information, such as biometric information, account log-in credentials, precise location (where enabled), and any sensitive information you choose to include in content you provide. We use and disclose this information only for the purposes permitted by law and to provide the Service. Where required, you have the right to limit our use and disclosure of your sensitive personal information; you may exercise it by contacting us as described below.

Your rights. Depending on your state, you may have the right to: confirm whether we process your personal information and access it; obtain a portable copy; correct inaccuracies; delete your personal information; opt out of targeted advertising, the sale or sharing of personal information, and certain profiling; and appeal a denial of your request. We will not discriminate against you for exercising these rights. To submit a request, email us at privacy@uare.ai or use the request methods made available through the Service. We will respond within the timeframes required by applicable law (generally 45 days, subject to extension). You may use an authorized agent to submit a request on your behalf. If we deny your request, you may appeal by contacting us at privacy@uare.ai; if you are unsatisfied with our response, you may contact your state attorney general.

Notice of Financial Incentive. We may offer programs that provide bonus Credits, promotional pricing, free trials, or referral rewards in exchange for, or in connection with, your participation and certain personal information (for example, your contact details for a referral). Participation is voluntary, you may withdraw at any time, and the value of these incentives is reasonably related to the value of the personal information involved, which we estimate based on the cost of the incentive. Material terms are presented when you enroll.

California “Shine the Light.” California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, contact us at privacy@uare.ai.