Privacy Policy

DateAvella AI · Your AI dating wingman.

Last updated: November 18, 2026 · Published by VelaVia, LLC

1. Who We Are

DateAvella AI is operated by VelaVia, LLC, a California limited-liability company. You can reach our designated point of contact for privacy matters at tommy@velavia.io or by mail at the address in Section 13 below. DateAvella AI is intended for adults aged 18 and older; the app is not directed at children, and we do not knowingly collect personal information from anyone under 18.

2. Information We Collect

We try to collect as little information as possible. The data we do collect falls into the following categories:

2.1 Account & subscription data

• Account identifier. A randomly generated user ID, optional email address, and a hashed password (if you create an account). If you sign in with Google or Apple, we receive only the basic identity scope you authorize (name, email, sub-id) — never your contacts, calendar, or social graph.
• Subscription state. Whether you are on Free or DateAvella Pro, your trial status, renewal date, and platform receipt token. Payment processing for DateAvella Pro is handled by Google Play Billing or the Apple App Store; we never see your card number, billing address, or full payment details.

2.2 Content you submit to Ask DateAvella

• Conversation screenshots and pasted text. When you ask DateAvella for help on a chat, we receive the screenshot or text you paste. We extract relevant text using on-device OCR where supported and a server-side OCR provider where on-device isn't possible. The result is sent to our AI provider to generate a reply.
• Voice input. If you use the microphone in Ask DateAvella, your audio is converted to text by a speech-to-text provider and the text is processed in the same way as a typed question.
• Match-context notes (Per-Match Memory). Anything you save into the per-match memory feature is stored under your account so DateAvella can produce match-specific replies. You can delete any saved match at any time.

2.3 Photos you upload

• Profile photos for Photo Consultant. Photos you upload for scoring are sent to our AI provider for analysis (lighting, framing, expression, outfit, background, posture, authenticity), and the score plus written feedback is returned to you.
• Selfies for AI Photoshoot. A reference selfie you upload to generate four professional dating photos is sent to our image-generation provider. The generated images are saved to your account so you can re-download them.
• Retention of photos. By default, photos are retained for 30 days so you can revisit results. You can delete any photo at any time from Settings → Photos. After deletion, photos are removed from our active systems within 7 days and from backups within 30 days.

2.4 Avella Keyboard data

The Avella Keyboard is a separate keyboard extension you can install. Its privacy model is intentionally narrow:

• The keyboard reads only what you explicitly tap ♥ on. Every other keystroke stays local on your device and is never sent to us.
• When you tap ♥, the visible chat context (the message you're replying to) is sent securely to our AI provider to generate three suggested replies in different tones. You then choose one to insert.
• We do not log keystrokes. We do not capture passwords, banking inputs, OTP codes, or text from any field marked "secure" by the OS. The keyboard refuses to operate inside password and OTP fields.
• "Full Access" disclosure. On iOS the keyboard requires "Allow Full Access" only to make the ♥ network call. iOS displays a system warning for this — that warning is generic and applies to every keyboard that needs network access, including emoji and translation keyboards. We do not use Full Access for any other purpose.

2.5 Device & usage data

• Device identifiers. Advertising ID (only with your consent on Android 12+), device model, OS version, app version, language, and approximate region (country-level, derived from IP).
• Diagnostics. Crash reports, performance metrics, and anonymized event counts (e.g. "Ask DateAvella used N times today"). We use Google Firebase Crashlytics and Google Analytics for this.
• IP address. Logged temporarily for security, abuse prevention, and rate-limiting. Truncated or discarded after 30 days unless tied to an active investigation.

2.6 Sensitive data we do not collect

3. How We Use Your Information

We use the data above only to:

• Provide the features you requested — generating replies, scoring photos, producing AI Photoshoot images, planning dates, etc.
• Maintain your account, validate your subscription, and prevent fraud or abuse.
• Personalize DateAvella to your style over time (the "Learns You" feature). This personalization happens on your account; it does not contribute to training any third-party AI model.
• Diagnose crashes, fix bugs, and improve performance.
• Send transactional emails (receipt, password reset, security notices). Marketing emails are sent only with your explicit opt-in and you can unsubscribe from any of them.
• Comply with legal obligations and respond to lawful requests.

4. Sharing & Service Providers

We do not sell your personal information. We do not share your personal information with advertisers for cross-app behavioral advertising. We do share narrowly with the following service providers, only to the extent needed to deliver the feature you used:

• OpenAI / Anthropic (LLM providers). Text content you submit to Ask DateAvella, Reply Coach, Bio Rewriter, Compatibility, Date Planner, and similar features. Per their data-processing agreements, your inputs are not used to train their models.
• Image-generation provider (e.g. fal.ai or equivalent). Reference selfies and prompts for AI Photoshoot. Generated images are returned to us and stored under your account; the provider does not retain them after generation.
• Google Cloud Speech-to-Text or equivalent. Audio you record in Ask DateAvella is converted to text and the audio is discarded.
• Google Firebase (Auth, Crashlytics, Analytics). Account auth, crash logs, anonymized usage metrics.
• Google Play Billing & Apple StoreKit. Subscription processing.
• SendGrid / Postmark or equivalent. Transactional email delivery.
• Cloudflare. CDN, DDoS protection, and bot mitigation for our website and APIs.

We may also disclose information when required by law, to protect the safety of our users, to enforce our Terms, or in connection with a merger or acquisition (in which case we will notify you and give you a meaningful choice).

5. AI Processing & Training

6. Data Retention

• Account data — retained while your account is active. Deleted within 30 days of account deletion (subject to legal hold for billing records, which are retained for 7 years).
• Conversation screenshots and pasted text — retained for 14 days for support and abuse-investigation purposes, then deleted.
• Voice recordings — discarded immediately after transcription. The transcribed text is treated as conversation content (14-day retention).
• Photos — retained for 30 days by default. Delete-on-demand from Settings → Photos.
• Per-Match Memory — retained until you delete the match or your account.
• Crash logs & analytics — retained 90 days for crashes, 14 months for aggregate analytics.
• IP address logs — 30 days.

7. Security

We use TLS 1.2+ for all network traffic, at-rest encryption for our databases and storage buckets, hashed passwords (bcrypt with per-user salt), and least-privilege access controls for our team. No system is perfectly secure; if we ever experience a security incident affecting your data, we will notify you without undue delay and as required by applicable law.

8. Your Rights

Depending on where you live, you may have one or more of the following rights. We honor these rights for all users worldwide regardless of jurisdiction:

• Access — request a copy of the personal information we hold about you.
• Correction — fix inaccurate or incomplete information.
• Deletion — delete your account and all associated personal data. You can self-serve from Settings → Account → Delete Account (full instructions: Delete your account), or email tommy@velavia.io.
• Portability — receive a machine-readable export of your data.
• Opt-out of marketing — unsubscribe from any marketing email; we'll still send transactional emails (receipts, security notices).
• Withdraw consent — disable Advertising ID, microphone, photo access, or any optional permission at any time from your device's OS settings.
• Lodge a complaint — with your local data-protection authority. EU users can also contact our representative via tommy@velavia.io.

We will respond to verified rights requests within 30 days (or as required by your local law).

9. California (CCPA / CPRA) Rights

California residents have specific rights under the California Consumer Privacy Act and California Privacy Rights Act:

• The right to know what personal information we collect, use, and share (described in Sections 2–4 above).
• The right to delete personal information we hold about you (Section 8).
• The right to correct inaccurate personal information.
• The right to opt out of "sale" or "sharing" of personal information for cross-context behavioral advertising. We do not sell or share personal information for advertising.
• The right to limit the use of "sensitive personal information." We do not collect sensitive personal information categories (geolocation, financial-account credentials, biometric, etc.) for any inferential purpose.
• The right not to be discriminated against for exercising any of these rights.

10. International Transfers

DateAvella AI is operated from the United States. If you use the app from outside the U.S., your information will be transferred to and processed in the U.S. and other countries where our service providers operate. For users in the European Economic Area, the United Kingdom, and Switzerland, we rely on Standard Contractual Clauses or equivalent transfer mechanisms with our service providers.

11. Children's Privacy

DateAvella AI is for adults 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a child under 18 has provided us with personal information, please contact tommy@velavia.io and we will delete it. Detailed child-safety standards are published at our Child Safety Standards page.

12. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will (a) update the "Last updated" date at the top of this page, (b) post an in-app notice the next time you open the app, and (c) for significant changes, email registered users where we have an email on file. Continued use of DateAvella AI after the effective date constitutes acceptance of the updated Policy.

13. Contact Us

---

← Back to DateAvella AI  |  Terms of Service  |  Child Safety Standards