Contact us
Login to Continue
Login

Privacy Policy

Date of Revision: December 1, 2025

Privacy Notice of TrueFlareAI

TrueFlareAI ("TrueFlareAI", "we", "us" or "our") is the Controller for the processing implemented through this website accessible at https://www.trueflareai.com and our Chrome Extension (collectively, the "Services").

The Services are an AI-powered chat application that uses artificial intelligence algorithms to generate virtual AI personas (the "AI Personas"), with whom you as a user of the Services ("you") can chat and exchange messages. The Servicesare available both through our website and Chrome Extension.

This Privacy Policy details how TrueFlareAI collects, uses, discloses and handles your Personal Data for the Services and, as applicable, your rights under applicable data protection laws including the European Union's General Data Protection Regulation (GDPR), UK GDPR, and other applicable privacy laws.

By using the Services, you agree that you have read and understood our Privacy Policy.

1. Definitions

All capitalized terms not otherwise defined in this Privacy Policy shall have the following meaning:

  • "Content": the information that you provide in order to register as a Userand/or in the course of using our Services. Such information includes your Personal Data, inputs in the course of conversations with AI Personas, and outputs in response to same;
  • "Consent": any freely given, specific, informed and unambiguous indication of your wishes by which you, by a statement or a clear affirmative action, signify agreement to the Processingof Personal Data relating to you;
  • "Controller": the natural or legal person, alone or jointly with others, who determines the purposes and means of the Processing of Personal Data (TrueFlareAI);
  • "Performance of our Services": the actions necessary for us to provide our Services;
  • "Personal Data": any information relating to an identified or identifiable natural person, directly or indirectly ("Data Subject"), such as your name, email address, account information, chat history, and other identifying information;
  • "Processing": any operation or set of operations which is performed on Personal Dataor on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • "User", "you" and "your": collectively a person that has visited or is using the Services;
  • "Visitor": anyone who is browsing the Services without creating an account.

2. Purposes of Personal Data Processing

As we are committed to respect your privacy, such Services will always be provided in accordance with the most relevant legal basis. If you do not or cannot provide us with the required data, we may not be able to provide the Services to you.

Account Creation and Management

Purpose: Managing your registration to our Services.

Categories of Personal Data:

  • Email address (mandatory for website registration)
  • Authentication credentials (password or OAuth tokens from Google, Discord, Twitter)
  • User preferences and settings
  • Account creation date and time
  • Sign-in history (dates, times, IP addresses)
  • JWT tokens for Chrome Extension authentication

Legal Basis: Consent; necessity for the performance of a contract; compliance with our legal obligations.

Provision of the Services

Purpose:

  • Customization of AI Personas
  • Interactive chat with AI Personas
  • Synchronization between website and Chrome Extension

Categories of Personal Data:

  • User preferences regarding AI Personas (as provided by you)
  • User prompts and messages to AI Personas (as provided by you)
  • AI-generated responses (generated by us)
  • Chat history and conversation data
  • Source of chat (website or extension)

Legal Basis: Consent; necessity for the performance of a contract.

Chrome Extension Functionality

Purpose: Providing Chrome Extension features including side panel access and JWT-based authentication.

Categories of Personal Data:

  • Extension JWT tokens
  • Browser and device information
  • Extension usage data
  • User ID for session management

Legal Basis: Consent; necessity for the performance of a contract.

Support of the Services

Purpose: Service support to inform you and to answer your requests (technical support, customer service).

Categories of Personal Data:

  • Support inquiries (as provided by you)
  • Email correspondence
  • Device information (mobile/desktop)
  • Browser type
  • Technical logs for debugging

Legal Basis: Our legitimate interest in addressing your queries and technical issues.

De-identification and/or Anonymization of Data

Purpose:

  • Improve and develop our services
  • Conduct internal research
  • Perform quality assurance and data analysis

Categories of Personal Data:

  • Exchanges with AI Personas (anonymized and/or de-identified)
  • Aggregated usage statistics

Legal Basis: Our legitimate interest in providing the best Service possible and improving our Services.

Improvement and Development

Purpose:

  • Train and develop our AI models
  • Prepare datasets for further training
  • Conduct internal research for new features

Categories of Personal Data:

  • Anonymized chat interactions
  • User interaction patterns (anonymized)

Legal Basis: Our legitimate interest in improving our Services.

Quality Assurance and Analytics

Purpose:

  • Ensure content generation tools work as intended
  • Monitor usage trends
  • Detect errors and anomalies

Categories of Personal Data:

  • De-identified and aggregated usage data
  • Log files (automatically deleted after 30 days)
  • User interaction patterns

Legal Basis: Our legitimate interest in providing quality service and detecting misuse.

Safety and Moderation

Purpose:

  • Moderation of the Services
  • Ensuring compliance with our policies
  • Reporting to law enforcement in appropriate cases

Categories of Personal Data:

  • Flagged content and user reports
  • Account data and history
  • Metadata regarding content (timestamps, IP addresses)

Legal Basis: Necessity for compliance with legal obligations; legitimate interest in preventing misuse of our Services.

3. Sharing Your Personal Data

We may share your information with:

a. Service providers to deliver the Services:

  • Authentication providers (Google, Discord, Twitter OAuth)
  • Cloud hosting services
  • Analytics tools
  • Database services

b. Professional advisers where necessary to obtain advice or assistance, including lawyers, accountants, IT advisers;

c. Legal and regulatory authorities, as required by applicable laws and regulations;

d. Our employees, as needed for them to carry out their work.

We will not disclose, sell, trade, or otherwise transfer your Personal Data to any third parties without your Consent (where required) or unless otherwise stated in this Privacy Policy.

4. Data Retention

We retain your Personal Data for as long as your account is active or necessary to fulfill the purposes for which we collect it.

When you terminate your account, we will retain certain Personal Data as follows:

  • Account data: up to 3 years after account closure
  • Chat history: stored while account is active; deleted upon account deletion (or retained in anonymized form for service improvement)
  • Technical logs: automatically deleted after 30 days
  • Legal and accounting records: as required by applicable law

5. Personal Data of Minors

TrueFlareAI does not provide Services or collect Personal Data from anyone under 18 years of age. Our Services are intended for use only by adults who are at least 18 years of age. If we learn that we have been misled by an underaged individual, we will take steps to delete the information as soon as possible and block such User.

6. Third-Party Links

The Services may include links to third-party websites, plug-ins, and applications. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the Privacy Policy of every website that can be accessed through the Services.

7. Your Rights Under GDPR

7.1. Right to Access Your Personal Data

You have the right to request a copy of your Personal Data that we hold. To submit such a request, please contact us using the details in Section 10.

7.2. Right to Rectification

You have the right to obtain rectification of inaccurate Personal Data concerning you. This enables you to have any incomplete or inaccurate data we hold about you corrected.

7.3. Right to Erasure

You can request that we erase your Personal Data in limited circumstances where:

  • It is no longer needed for the purposes for which it was collected
  • You have withdrawn your consent
  • Following a successful right to object
  • It has been processed unlawfully
  • To comply with a legal obligation

7.4. Right to Restriction of Processing

You may request that we suspend the Processing of your Personal Data in certain scenarios, such as if you want us to establish the data's accuracy.

7.5. Right to Data Portability

You can ask us to provide you with the Personal Data you provided in a structured, commonly used, machine-readable format, or to transfer it to another controller.

7.6. Right to Withdraw Consent

You have the right to withdraw your Consent at any time and free of charge. If you withdraw your Consent, we may not be able to provide our Services to you to their full extent.

7.7. Right to Object

You can object to any Processing of your Personal Data based on our legitimate interests, if you believe your fundamental rights and freedoms outweigh our legitimate interests.

8. Data Security

We have implemented appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. This includes:

  • Encrypted data transmission (HTTPS)
  • Secure JWT-based authentication for Chrome Extension
  • Password encryption
  • Access controls and authentication systems
  • Regular security audits

9. International Data Transfers

Your Personal Data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.

10. Contact Us

If you have any questions, concerns, or complaints regarding this Privacy Policy, or if you wish to exercise your rights related to your Personal Data, you can reach us at:

Email: official@trueflareai.com

Website: https://www.trueflareai.com

We will make every reasonable effort to respond to all legitimate requests within one month. Occasionally it may take us longer if your request is particularly complex.

11. Changes to This Privacy Policy

We may revise this Privacy Policy from time to time to take account of changes in our practices or applicable data protection law. If we modify our Privacy Policy, we will post the revised version on the Services with an updated revision date. Where such changes are substantial, we will notify you by email or through the Service. By continuing to use our Services after such revisions are in effect, you will be deemed to accept and agree to the revisions.

Last Updated: December 1, 2025