Skip to main content

Privacy Policy

Last updated: April 26, 2026

1. Introduction

HistorIQly ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our AI-powered educational platform and related mobile apps, including HistorIQly Past Lives.

2. Data Controller

Contact: HistorIQly
Email: privacy@historiqly.com

3. Data We Collect

3.1 Information You Provide

  • Account Information: Email address, name (optional), password
  • Payment Information: Processed securely by Stripe; we do not store card details
  • Conversation Data: Messages you send to our AI characters
  • Photo and Image Inputs: Photos you choose or take in HistorIQly: AI Photo Maker, optional profile details you enter for poster generation, and generated image outputs
  • Preferences: Theme, notification settings, accessibility options, device-local credit balances, and saved poster settings

3.2 Information Collected Automatically

  • Usage Data: Message counts, feature usage
  • Technical Data: IP address (hashed), browser type, app version, device information
  • Performance Data: Page load times, error reports

3.3 Mobile App Permissions

HistorIQly: AI Photo Maker may ask for camera and photo library permissions so you can take a selfie, choose a photo, or save a finished artifact. We only access the camera or selected photos when you choose those actions in the app.

  • Camera: Used to take a photo for AI artifact generation or an optional default profile image.
  • Photo Library: Used to select an image or save a generated poster when you request it.
  • Device Storage: Generated posters and credits are stored locally on your device unless you choose to share or save them elsewhere.

4. How We Use Your Data

PurposeLegal Basis (GDPR)
Provide our educational AI serviceContract performance
Generate AI photo artifacts and save/share results you createContract performance
Process paymentsContract performance
Send service notificationsLegitimate interest
Improve our servicesLegitimate interest
Send marketing (if opted in)Consent
Prevent fraud and abuseLegitimate interest

5. AI Data Processing

Important Notice About AI Processing

When you use our chat features, your messages are sent to third-party AI providers (including OpenRouter, Google, and DeepSeek) to generate responses. When you use HistorIQly: AI Photo Maker, the photo and details you submit are sent to our backend and to AI image providers through OpenRouter to generate the artifact you requested. These providers process your inputs to provide the service but do not use your data for training purposes.

We do not make automated decisions that significantly affect you based solely on AI processing. Our AI provides educational content only.

6. Data Sharing

We share your data with:

  • Stripe: Payment processing (PCI DSS compliant)
  • OpenRouter/AI Providers: Conversation and image generation processing
  • Resend: Email delivery
  • Neon: Database hosting (AWS US-East-1)
  • Google: OAuth authentication (if you choose to sign in with Google)

We do not sell your personal data. We do not share your data with advertisers.

7. Data Retention

  • Account data: Until you delete your account
  • Conversations: 90 days by default (configurable in settings)
  • AI Photo Maker uploads: Processed to generate the requested artifact and not intended for long-term storage on our servers; generated posters are saved locally in the app unless you choose to share or save them elsewhere
  • Payment records: As required by law (typically 7 years)
  • Security logs: 2 years for compliance

8. Your Rights

Under GDPR and CCPA, you have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Delete your account and data
  • Portability: Export your data in a common format
  • Object: Opt out of certain processing
  • Restrict: Limit how we use your data

To exercise these rights, go to Settings > Account for account-based services or email privacy@historiqly.com.

9. Cookies

We use:

  • Essential cookies: Required for authentication and security
  • Preference cookies: Remember your settings (with consent)
  • Analytics cookies: Understand usage patterns (with consent)

You can manage cookie preferences using our cookie consent banner or browser settings.

10. Security

We protect your data using:

  • AES-256-GCM encryption for sensitive fields
  • Argon2id password hashing
  • TLS encryption for data in transit
  • Multi-factor authentication (optional)
  • Rate limiting and fraud prevention

11. International Transfers

Your data may be processed in the United States. We ensure appropriate safeguards through Standard Contractual Clauses with our processors.

12. California Residents (CCPA)

California residents have additional rights:

  • Know what personal information is collected
  • Know if personal information is sold or disclosed
  • Say no to the sale of personal information (we do not sell PI)
  • Access your personal information
  • Equal service regardless of privacy choices

13. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or in-app notification.

14. Contact Us

For privacy questions or to exercise your rights:
Email: privacy@historiqly.com

For EU residents, you have the right to lodge a complaint with your local supervisory authority.