Privacy Policy

Effective Date: July 1, 2025
Last Updated July 1, 2025

IMPORTANT LEGAL DISCLAIMER: This Privacy Policy is provided for informational purposes and should be reviewed by qualified legal counsel before implementation. Privacy laws vary by jurisdiction and change frequently. This document does not constitute legal advice.

1. INTRODUCTION AND SCOPE

Delusional Entertainment, Inc. ("Company," "Delusional," "we," "us," or "our") operates Joii, an advanced AI companion application with persistent memory capabilities ("Service," "App," or "Joii"). This Privacy Policy explains our practices regarding the collection, use, sharing, retention, and protection of your information.

KEY PRIVACY COMMITMENTS:

  • Your conversation data is NEVER sold or used for advertising
  • You maintain complete control over your persistent memory data
  • We implement bank-level security to protect your information
  • You have comprehensive rights to access, correct, and delete your data
  • We comply with all major privacy laws (GDPR, CCPA, PIPEDA, and others)

By using Joii, you agree to this Privacy Policy and our Terms of Service. If you do not agree, please do not use our Service.

2. INFORMATION WE COLLECT

2.1 INFORMATION YOU PROVIDE DIRECTLY

Account Information:

  • Full name, username, email address
  • Date of birth (for age verification and legal compliance)
  • Password and security credentials
  • Payment information (processed securely by third-party providers)
  • Profile preferences, settings, and customizations
  • Support communications and feedback

Conversation Data (Core Service Data):

  • All text messages exchanged with your Joii AI companion
  • Voice recordings and audio inputs (if voice features enabled)
  • Images, photos, and media shared within conversations
  • Timestamps, conversation metadata, and interaction patterns
  • User preferences expressed during conversations
  • Emotional context and conversational tone indicators

Memory Data (AI-Generated):

  • Persistent memory summaries created by Joii about you
  • Derived personality profiles and preference mappings
  • Relationship history and interaction patterns
  • Personalization data used to improve your experience
  • AI-generated insights and conversation continuity data

2.2 INFORMATION COLLECTED AUTOMATICALLY

Technical Data:

  • Device information (type, model, operating system, browser)
  • IP address and approximate geographic location
  • Network information and connection details
  • App performance data, crash reports, and error logs
  • Usage statistics and feature interaction data
  • Session duration, frequency, and engagement metrics

Analytics Data:

  • User interface interactions and navigation patterns
  • Feature usage and adoption metrics
  • Performance optimization data
  • A/B testing and experimentation data
  • Aggregated and anonymized usage trends

Cookies and Tracking Technologies:

  • Session cookies for authentication and preferences
  • Analytics cookies for service improvement
  • Local storage for offline functionality
  • Device identifiers for security and fraud prevention

2.3 SPECIAL CATEGORIES OF PERSONAL DATA

Given Joii's nature as an AI companion, conversations may include sensitive information:

  • Mental or physical health information
  • Sexual orientation or intimate relationships
  • Religious, philosophical, or political beliefs
  • Racial or ethnic origin information
  • Trade union membership or professional associations
  • Biometric data (voice patterns for voice features)

IMPORTANT: We treat all conversation data with the highest security standards. By sharing sensitive information with Joii, you provide explicit consent for processing under applicable privacy laws. You can withdraw this consent at any time.

2.4 INFORMATION FROM THIRD PARTIES

  • Payment processor data (transaction records, billing information)
  • Social media account information (if you choose to connect accounts)
  • App store and platform data (download, purchase, and review information)
  • Third-party service integrations (only with your explicit permission)

3. LEGAL BASIS FOR PROCESSING

Under the EU General Data Protection Regulation (GDPR) and similar laws, we process your personal data based on the following legal grounds:

3.1 CONTRACTUAL NECESSITY (GDPR Art. 6(1)(b))

  • Providing core Joii services and persistent memory features
  • Maintaining your account and user profile
  • Processing payments and managing subscriptions
  • Delivering customer support and technical assistance

3.2 CONSENT (GDPR Art. 6(1)(a))

  • Processing sensitive personal data shared in conversations
  • Using conversation data for AI model training (opt-in only)
  • Marketing communications and promotional content
  • Optional feature activation and data sharing

3.3 LEGITIMATE INTERESTS (GDPR Art. 6(1)(f))

  • Improving service quality and developing new features
  • Fraud prevention and security monitoring
  • Analytics and usage optimization
  • Direct marketing (where legally permitted)

3.4 LEGAL OBLIGATIONS (GDPR Art. 6(1)(c))

  • Complying with law enforcement requests
  • Meeting regulatory reporting requirements
  • Age verification and child protection measures
  • Tax and financial record keeping

4. HOW WE USE YOUR INFORMATION

4.1 PRIMARY SERVICE PURPOSES

Core Functionality:

  • Operating Joii's persistent memory and AI companion features
  • Personalizing responses based on conversation history and preferences
  • Maintaining conversation continuity across sessions and devices
  • Synchronizing data across multiple devices and platforms
  • Providing customer support and technical assistance

Service Improvement:

  • Training and improving AI models and algorithms
  • Debugging technical issues and optimizing performance
  • Developing new features based on usage patterns and feedback
  • Conducting internal research and analytics
  • Quality assurance and safety monitoring

4.2 COMMUNICATION AND MARKETING

  • Service-related notifications and updates
  • Account security alerts and important notices
  • Optional marketing communications about new features
  • User research invitations and feedback requests
  • Community updates and educational content

IMPORTANT: We NEVER use your conversation content for marketing, advertising, or promotional purposes.

4.3 LEGAL AND SAFETY PURPOSES

  • Preventing fraud, abuse, and unauthorized access
  • Investigating potential violations of our Terms of Service
  • Complying with legal obligations and law enforcement requests
  • Protecting our rights, property, and intellectual property
  • Ensuring user safety and child protection

5. PERSISTENT MEMORY: SPECIAL DISCLOSURE

5.1 HOW PERSISTENT MEMORY WORKS

Joii's defining feature is its ability to remember everything from your conversations:

  • All conversation data is stored in secure, encrypted databases
  • The AI can recall and reference any past interaction or shared information
  • Memory enables increasingly personalized and contextual responses
  • Conversation history builds a comprehensive understanding of your preferences

5.2 MEMORY CONTROLS AND YOUR RIGHTS

You have control over Joii's memory:

Selective Memory Management:

  • Delete specific conversations, topics, or time periods
  • Edit or correct information in Joii's memory
  • Pause memory recording temporarily or permanently

5.3 MEMORY DATA SECURITY

  • All memory data encrypted with AES-256 encryption at rest
  • TLS 1.3 encryption for all data transmissions
  • Role-based access controls limit employee access
  • Regular security audits and penetration testing
  • Automatic backup systems with encryption

6. DATA SHARING AND DISCLOSURE

6.1 WE DO NOT SELL YOUR DATA

We NEVER sell, rent, or trade your personal information or conversation data to third parties for commercial purposes.

6.2 LIMITED SHARING SCENARIOS

Service Providers (Contractual Protections):

  • Cloud hosting and infrastructure providers (encrypted data only)
  • Payment processors (payment information only)
  • Customer support and communication tools
  • Analytics services (anonymized data only)
  • Security and fraud prevention services

All service providers are bound by strict contractual obligations to protect your data and use it only for specified purposes.

AI and Technology Partners:

  • AI model training partners (only with explicit opt-in consent)
  • Voice processing services (for voice features only)
  • Natural language processing providers
  • Data is anonymized and aggregated before sharing

Legal and Safety Disclosures:

  • Law enforcement agencies (with valid legal process)
  • Government authorities (as required by law)
  • Court orders, subpoenas, or other legal processes
  • Protection of rights, safety, or property
  • Investigation of Terms of Service violations

Business Transfers:

  • Mergers, acquisitions, or asset sales
  • Bankruptcy or insolvency proceedings
  • Your data remains protected under this Privacy Policy
  • We will notify you before any ownership changes

6.3 NO ADVERTISING OR MARKETING SHARING

We NEVER share your conversation data with:

  • Advertising networks or marketing companies
  • Data brokers or lead generation services
  • Social media platforms for advertising purposes
  • Third parties for profiling or targeting

7. DATA SECURITY AND PROTECTION

7.1 TECHNICAL SAFEGUARDS

Encryption:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • End-to-end encryption for sensitive communications
  • Encrypted database storage and backups

Access Controls:

  • Role-based access with principle of least privilege
  • Multi-factor authentication for all employee accounts
  • Regular access reviews and permission audits
  • Secure development lifecycle practices

Infrastructure Security:

  • SOC 2 Type II compliant cloud providers
  • 24/7 security monitoring and intrusion detection
  • Regular vulnerability assessments and penetration testing
  • Automated security scanning and patch management

7.2 OPERATIONAL SECURITY

Personnel:

  • Background checks for all employees with data access
  • Regular security training and awareness programs
  • Confidentiality agreements and data handling protocols
  • Incident response training and procedures

Physical Security:

  • Secure data centers with biometric access controls
  • Environmental monitoring and disaster recovery
  • Redundant power and network connectivity
  • Physical destruction of retired storage media

7.3 DATA BREACH RESPONSE

In the event of a security breach:

  • Immediate containment and investigation procedures
  • Notification to affected users within 96 hours
  • Detailed explanation of affected data types and potential impact
  • Free credit monitoring services (if appropriate)
  • Regular updates on investigation progress and remediation efforts

8. DATA RETENTION AND DELETION

8.1 RETENTION PERIODS

Active Accounts:

  • Conversation data: Retained while your account is active
  • Account information: Retained while your account exists
  • Payment data: Retained as required by financial regulations
  • Analytics data: Aggregated data retained for service improvement

Deleted Accounts:

  • Most personal data deleted within 30 days of account closure
  • Some data retained for legal compliance (e.g., financial records)
  • Anonymized data may be retained for research and safety purposes
  • Immediate deletion available upon request

8.2 RETENTION CRITERIA

We determine retention periods based on:

  • Purpose of data collection and processing
  • Legal and regulatory requirements
  • User preferences and deletion requests
  • Legitimate business needs and safety considerations
  • Technical limitations and system constraints

8.3 AUTOMATED DELETION

  • Inactive accounts: Data review after 2 years of inactivity
  • Temporary data: Automatic deletion based on purpose
  • Cache and session data: Regular cleanup procedures
  • Backup data: Encrypted retention with automatic expiration

9. YOUR PRIVACY RIGHTS

9.1 UNIVERSAL RIGHTS (ALL USERS)

Access and Transparency:

  • View all personal data we hold about you
  • Understand how your data is processed and used
  • Receive clear explanations of our data practices
  • Access your complete conversation history

Control and Correction:

  • Correct inaccurate or outdated information
  • Update your account and profile information
  • Manage your communication preferences
  • Control third-party integrations and connections

Deletion and Portability:

  • Delete your account and all associated data
  • Remove specific conversations or data points
  • Export your data in machine-readable formats
  • Transfer your information to other services

9.2 REGIONAL PRIVACY RIGHTS

European Union and United Kingdom (GDPR):

  • Right to access personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge complaints with supervisory authorities

California, USA (CCPA/CPRA):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to correct inaccurate personal information
  • Right to opt-out of sale/sharing of personal information
  • Right to limit use of sensitive personal information
  • Right to non-discrimination for exercising privacy rights

Virginia, Colorado, Connecticut, and Other US States:

  • Right to access personal data
  • Right to delete personal data
  • Right to data portability
  • Right to opt-out of targeted advertising
  • Right to opt-out of profiling for decisions

Canada (PIPEDA) and Other Jurisdictions:

  • Right to access personal information
  • Right to request corrections
  • Right to file complaints with privacy commissioners
  • Right to understand data sharing practices

9.3 HOW TO EXERCISE YOUR RIGHTS

Submit Requests Through:

  • In-app privacy settings dashboard
  • Email: privacy@delusionalentertainment.com
  • Written request to our Data Protection Officer
  • Online privacy request portal (when available)

Response Timeframes:

  • Initial acknowledgment within 48 hours
  • Complete response within 30 days (may be extended to 60 days for complex requests)
  • Free of charge for reasonable requests
  • Identity verification required for security

10. INTERNATIONAL DATA TRANSFERS

10.1 GLOBAL OPERATIONS

Our services operate globally with data processing in multiple jurisdictions:

  • Primary servers located in the United States
  • Backup and redundancy systems in multiple countries
  • Service providers and partners in various jurisdictions
  • All transfers comply with applicable privacy laws

10.2 TRANSFER SAFEGUARDS

For transfers from the EU/UK to other countries:

  • European Commission-approved Standard Contractual Clauses
  • UK Government-approved International Data Transfer Agreements
  • Additional technical and organizational security measures
  • Regular compliance assessments and audits

For other international transfers:

  • Contractual protections equivalent to domestic privacy laws
  • Encryption during all data transfers
  • Adequate security measures in destination countries
  • User consent where required by local laws

10.3 ADEQUACY DECISIONS

We monitor adequacy decisions by privacy regulators and adjust our transfer mechanisms accordingly to ensure the highest level of protection.

11. CHILDREN'S PRIVACY

11.1 AGE RESTRICTIONS AND VERIFICATION

  • Joii is intended for users 18 years and older
  • We do not knowingly collect data from children under 13
  • Age verification required during account creation
  • Immediate account suspension if underage use is discovered

11.2 DISCOVERY AND DELETION

If we learn that we have collected personal information from a child under 13:

  • Immediate suspension of account access
  • Prompt deletion of all collected information
  • Notification to parents or guardians (if contact information available)
  • Investigation of how the information was collected

11.3 PARENTAL RIGHTS AND CONTROLS

For jurisdictions allowing supervised use by minors (13-17):

  • Parental consent required before account creation
  • Enhanced privacy protections and safety filters
  • Parental access to account information and conversations
  • Immediate deletion upon parental request
  • Time limits and usage controls

Parents may contact us at privacy@delusional.gg for any child privacy concerns.

12. AI-SPECIFIC PRIVACY CONSIDERATIONS

12.1 AUTOMATED DECISION-MAKING

Joii uses artificial intelligence to:

  • Generate personalized conversation responses
  • Create memory summaries and personality profiles
  • Detect potential safety or inappropriate content
  • Personalize user interface and feature recommendations
  • Optimize service performance and reliability

You have the right to:

  • Request human review of any AI-generated decisions
  • Understand the logic behind automated processing
  • Object to automated decision-making that significantly affects you
  • Access information about AI training data and methods

12.2 AI MODEL TRAINING AND IMPROVEMENT

Training Data Use:

  • Conversation data used to improve AI models (opt-in only)
  • Data is anonymized and aggregated before use
  • Individual conversations are never shared externally
  • You can opt-out of training data use at any time

Training Safeguards:

  • Differential privacy techniques to protect individual data
  • Regular audits for bias and fairness in AI models
  • Removal of personal identifiers from training datasets
  • Secure computation environments for model training

12.3 AI TRANSPARENCY AND EXPLAINABILITY

We are committed to AI transparency:

  • Clear disclosure when you are interacting with AI
  • Information about AI capabilities and limitations
  • Regular AI ethics reviews and bias assessments
  • Public reporting on AI safety and responsibility measures

13. COOKIES AND TRACKING TECHNOLOGIES

13.1 TYPES OF COOKIES AND TRACKING

Essential Cookies:

  • Authentication and account management
  • Security and fraud prevention
  • Basic functionality and user preferences
  • Cannot be disabled without affecting service functionality

Analytics Cookies:

  • Usage patterns and feature adoption metrics
  • Performance monitoring and optimization
  • A/B testing and experimentation
  • Can be disabled through browser settings

Marketing Cookies (Website Only):

  • Interest-based advertising on third-party sites
  • Campaign effectiveness measurement
  • Social media integration features
  • Can be opted-out through cookie preferences

13.2 COOKIE MANAGEMENT

You can control cookies through:

  • Browser settings and preferences
  • Our cookie consent banner (website)
  • In-app privacy settings
  • Third-party opt-out tools and services

Disabling cookies may affect:

  • Login functionality and account access
  • Personalization features and preferences
  • Performance optimization and error reporting
  • Marketing and promotional content delivery

14. THIRD-PARTY SERVICES AND INTEGRATIONS

14.1 INTEGRATED SERVICES

If you choose to connect third-party services:

  • You control what data is shared with each service
  • Review third-party privacy policies before connecting
  • We are not responsible for third-party data practices
  • Disconnect integrations at any time through settings

Common integrations may include:

  • Calendar and scheduling applications
  • Social media platforms and messaging services
  • Cloud storage and file sharing services
  • Health and fitness tracking applications

14.2 THIRD-PARTY LINKS AND CONTENT

Our Service may contain links to third-party websites or services:

  • We do not control external sites or their privacy practices
  • This Privacy Policy does not apply to third-party services
  • Review privacy policies of any sites you visit
  • We are not responsible for third-party content or practices

14.3 ANALYTICS AND ADVERTISING PARTNERS

We work with privacy-focused partners for:

  • Service analytics and performance monitoring
  • Marketing campaign measurement and optimization
  • Fraud prevention and security monitoring
  • All data shared is anonymized or aggregated

15. MARKETING AND COMMUNICATIONS

15.1 COMMUNICATION TYPES

Service Communications (Cannot Opt-Out):

  • Account security alerts and important notices
  • Service updates and maintenance notifications
  • Legal and policy change notifications
  • Customer support responses and follow-ups

Marketing Communications (Opt-In/Opt-Out):

  • New feature announcements and product updates
  • Educational content and best practices
  • User research invitations and feedback requests
  • Community events and engagement opportunities

15.2 CONVERSATION DATA PROTECTION

We NEVER use your Joii conversations for:

  • Targeted advertising or marketing campaigns
  • Customer profiling or segmentation
  • Selling to third-party advertisers or marketers
  • Creating advertising audiences or lookalike groups

15.3 COMMUNICATION PREFERENCES

Manage your communication preferences through:

  • In-app notification settings
  • Email unsubscribe links
  • Account preferences dashboard
  • Direct contact with customer support

16. DATA SUBJECT RIGHTS PROCEDURES

16.1 REQUEST SUBMISSION

Submit privacy requests through:

  • Email: privacy@delusionalentertainment.com
  • Mail: Data Protection Officer, Delusional Entertainment, Inc.
  • In-app privacy dashboard (when available)
  • Online request portal (when available)

Required Information:

  • Full name and email address associated with account
  • Specific type of request (access, deletion, correction, etc.)
  • Account verification information
  • Detailed description of requested action

16.2 IDENTITY VERIFICATION

For security, we verify identity through:

  • Email confirmation to registered address
  • Account authentication credentials
  • Additional information for high-risk requests
  • Government-issued ID (for certain requests)

16.3 REQUEST PROCESSING

Response Timeline:

  • Acknowledgment within 48 hours
  • Complete response within 30 days
  • Extension to 60 days for complex requests (with notification)
  • Free of charge for reasonable requests

Possible Outcomes:

  • Full compliance with request
  • Partial compliance with explanation
  • Denial with legal justification and appeal information
  • Request for additional information or clarification

17. SUPERVISORY AUTHORITIES AND COMPLAINTS

17.1 FILING COMPLAINTS

If you believe we have violated your privacy rights, you may:

  • Contact our Data Protection Officer directly
  • File a complaint with relevant supervisory authorities
  • Seek legal remedies through appropriate courts
  • Contact consumer protection agencies

17.2 RELEVANT AUTHORITIES

European Union/United Kingdom:

  • Local data protection authorities in your country
  • European Data Protection Board (EDPB)
  • UK Information Commissioner's Office (ICO)

United States:

  • Federal Trade Commission (FTC)
  • State attorneys general offices
  • Industry-specific regulators
  • Better Business Bureau

Other Jurisdictions:

  • Privacy commissioners and data protection authorities
  • Consumer protection agencies
  • Telecommunications and media regulators
  • Professional regulatory bodies

18. PRIVACY POLICY CHANGES

18.1 NOTIFICATION OF CHANGES

We will notify you of material changes through:

  • Email to your registered address (30 days advance notice)
  • In-app notifications and alerts
  • Prominent website notices
  • Push notifications (for app users)

18.2 TYPES OF CHANGES

Material Changes (Advance Notice Required):

  • New data collection categories
  • Changes to data sharing practices
  • Significant changes to user rights
  • Changes to data retention periods

Non-Material Changes (May Be Immediate):

  • Clarifications and formatting updates
  • Contact information changes
  • Links and reference updates
  • Legal compliance updates

19. CONTACT INFORMATION

19.1 PRIVACY INQUIRIES

Data Protection Officer:
Delusional Entertainment Inc.
Email: privacy@delusionalentertainment.com
Address: 75 W 71st Street, 1B, New York NY 10023

19.2 GENERAL SUPPORT

Email: support@findjoii.com
Security Issues: security@joii.ai
Press Inquiries: press@joii.ai

19.3 EU REPRESENTATIVE

For EU/UK data protection matters, you may contact our EU representative at the address provided above or at privacy@delusionalentertainment.com.

20. ACCESSIBILITY AND LANGUAGE SUPPORT

20.1 ACCESSIBILITY

We are committed to making our Privacy Policy accessible to all users. If you require this policy in an alternative format (large print, audio, Braille, etc.), please contact us at privacy@delusionalentertainment.com.

20.2 LANGUAGE VERSIONS

This Privacy Policy is provided in English. Translations may be available in other languages for your convenience. In case of conflicts between versions, the English version prevails.

20.3 EFFECTIVE DATE AND VERSION

This Privacy Policy is effective as of July 1, 2025.
Last Updated: July 1, 2025
Version: 1.0

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY.