Privacy Policy

Account information: your email address and (optionally) your name when you sign up.

Memory content: the name, description, age, relationship, and any photo, audio, or video you upload to create a memory of your loved one.

Voice data (biometric): if you upload an audio sample, we generate a voice model so the AI can speak in a similar voice. In some jurisdictions (including Illinois, Texas, Washington, and the EU), voice prints are considered biometric or sensitive personal data. By uploading audio, you give us your explicit consent to process it for this purpose only.

Conversations: the messages you send and the AI-generated replies produced on your behalf, including any synthesized audio.

Payment information: if you subscribe, our payment processor collects billing details. We never see or store your full card number.

Usage and technical data: minimal information such as browser type, device type, and error logs needed to keep the service running and secure. We do not currently use third-party analytics or advertising cookies.

We use your data only to provide and improve the service:

• To authenticate you and secure your account.
• To generate text and voice replies that resemble the person you uploaded.
• To save your conversations so you can return to them.
• To process payment if you subscribe.
• To prevent abuse, fraud, and violations of our Terms.
• To comply with legal obligations.

We do not sell your personal information. We do not share it for cross-context behavioral advertising. We do not use your memories, voice data, or conversations to train public AI models.

We rely on the following legal bases under GDPR: contract (to provide the service you signed up for), consent (for voice/biometric processing and any optional features), legitimate interests (to keep the service secure and prevent abuse), and legal obligation (to respond to lawful requests).

Replies in Missedyu are generated by third-party large language models and a third-party voice synthesis provider. To produce a reply, we send the memory's name, description, and recent conversation messages to these providers. We do not send your email address or other identifying account details. Providers process this data on our behalf under contractual confidentiality obligations and are not permitted to use it to train their public models.

All replies and synthesized audio are artificially generated. They are not real messages from a real person.

Files and data are stored on encrypted, industry-standard cloud infrastructure. Transport is protected with TLS. Access is restricted by row-level security so that only you can read your own memories and conversations.

Our infrastructure and AI providers are based in the United States and other countries. If you access Missedyu from outside the US, your data will be transferred to and processed in the US. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

We retain your account and memories for as long as your account is active. If you delete a memory, it and its associated voice model and conversations are removed within 30 days. If you delete your account, all personal data is permanently deleted within 30 days, except where we are required to retain limited records (for example, billing records) to comply with the law.

Accounts that have been inactive for 24 consecutive months may be deleted along with their content after we send you advance notice by email.

We use trusted third-party service providers to run Missedyu, including a cloud hosting and database provider, a large-language-model provider, a voice synthesis provider, and a payment processor. Each of these providers processes your data only on our instructions and is bound by confidentiality and data-protection terms.

Depending on where you live, you have some or all of the following rights:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data ("right to be forgotten").
• Export your conversations in a portable format.
• Object to or restrict certain processing.
• Withdraw consent for biometric/voice processing at any time.
• Lodge a complaint with your local data-protection authority.

California residents (CCPA/CPRA): you have the right to know what personal information we collect, to delete it, to correct it, and to limit the use of sensitive personal information. We do not sell or share personal information for cross-context behavioral advertising, so a "Do Not Sell or Share" link is not required, but you may still exercise the rights above.

To exercise any right, email hello@missedyu.com. We respond within 30 days.

Missedyu is not intended for anyone under 18, and we do not knowingly collect personal information from anyone under 18. Please do not use the service or upload content if you are under 18. If we learn we have collected data from a minor, we will delete it.

We use only the cookies and local storage strictly necessary to keep you signed in and the service running. We do not use advertising or third-party tracking cookies.

If we make material changes, we will notify you by email and update the date at the top of this page before the changes take effect.

Questions about privacy, or to exercise any of your rights, email hello@missedyu.com.