Privacy Policy

1. Information We Collect

We collect information in the following ways:

a. Information You Provide

Messages and Content:

When you interact with our AI-powered features, we receive and process message content, attachments, and metadata to operate the Service.

Contact Information:

When you contact us or create an account, we may collect your name, email, phone number, or other identifiers.

Billing Information:

For paid plans, we collect payment and billing details through secure third-party processors.

Feedback and Support:

When you communicate with us directly, we collect and store your messages to respond and improve support.

Parental Consent Information:

For users between 13-18, we may collect parental contact information to verify consent and enable parental controls.

b. Information Automatically Collected

Metadata:

Message timestamps, identifiers, conversation size, and routing information.

Usage Data:

How you interact with Service features, device type, usage volume, and frequency.

Technical Data:

Browser type, IP address, operating system, and referring URLs for users who access our websites.

Cookies and Analytics:

We may use cookies and similar technologies for analytics, security, and functionality.

Safety and Abuse Detection Data:

We automatically collect and analyze data to detect potential child exploitation, including behavioral patterns, content characteristics, and risk indicators.

c. Information from Third Parties

We may receive information from:

• Platform providers and communications carriers for message routing and delivery.
• AI providers for processing and generating responses.
• Payment processors for confirming transactions and preventing fraud.
• Law enforcement and NCMEC for safety investigations and preventing cross-platform abuse.
• Safety consortiums and industry coalitions for identifying known violators.

2. How We Use Information

We use collected information to:

Operate and Improve the Service:

• Process messages, generate responses, and provide accurate, context-aware interactions.
• Remember preferences and conversational context for continuity.
• Develop new features and refine models.
• Improve latency, reliability, and performance.

Provide Customer Support:

• Respond to inquiries, troubleshoot issues, and provide technical assistance.

Communicate with You:

• Send administrative, transactional, or promotional messages (you can opt out of non-essential messages anytime).

Maintain Security and Protect Children:

• Detect abuse, spam, or unauthorized activity.
• Identify and prevent child sexual exploitation and abuse.
• Detect grooming patterns, abusive behaviors, destructive content, criminal activity, solicitation attempts, and inappropriate contact with minors.
• Prevent generation of harmful content involving children.
• Match content against hash databases of known CSAM.
• Analyze behavioral patterns that may indicate risk to minors.
• Verify age and parental consent for minor users.

Comply with Law:

• Fulfill legal obligations, including mandatory reporting of child exploitation.
• Report suspected violations to NCMEC and law enforcement.
• Respond to legal process and governmental requests.
• Resolve disputes and enforce our Terms of Service.

3. How We Share Information

We do not sell your personal information.

We share data only as needed to operate the Service and protect children:

a. With Service Providers

We work with trusted partners that help deliver the Service:

• AI model providers
• Cloud infrastructure providers
• Payment processors
• Customer support and analytics platforms
• Child safety technology providers for content analysis and detection

These providers may access limited data only to perform services on our behalf and are bound by confidentiality obligations.

b. With Your Consent

If you explicitly request actions involving third-party integrations, we will share relevant information with those services as necessary.

c. For Child Safety and Legal Reasons

We may disclose information:

To NCMEC:

We report suspected child exploitation to the National Center for Missing & Exploited Children as required by 18 U.S.C. § 2258A.

To Law Enforcement:

We cooperate with investigations involving child safety, including sharing evidence and account information.

To Other Platforms:

We may share information about accounts associated with child exploitation with other services through industry safety coalitions to prevent cross-platform abuse.

As Required by Law:

We disclose information when required by law, regulation, legal process, or governmental request.

To Protect Rights and Safety:

We disclose information to protect the rights, safety, and property of DNFT INC, our users (especially minors), or others.

d. In Business Transfers

If DNFT INC is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice and options if your information becomes subject to a different privacy policy.

4. Data Retention

Message Content

is stored for processing and context memory for a defined retention period (depending on your plan and features).

Paid Plans

may have longer context retention as part of plan features.

Safety-Related Data

including evidence of child exploitation violations, suspicious patterns, and related metadata may be retained indefinitely for:

• Preventing repeat offenses
• Supporting ongoing investigations
• Cooperating with law enforcement
• Protecting children on our platform and others
• Training and improving detection systems

Billing, Support, and Legal Records

are retained as required by law.

Aggregated Analytics Data

may be retained indefinitely for performance and reliability purposes.

Deletion Requests:

You can request deletion of your data anytime by contacting privacy@dnftinc.com. However, we may retain safety-related information as described above even after account deletion.

5. Data Security

We use industry-standard security measures including:

• Encryption in transit (TLS) and at rest for sensitive data
• Access controls and authentication systems
• Regular security monitoring and audits
• Secure key management
• Employee security training
• Incident response procedures

However, no online service is 100% secure. You use the Service at your own risk. Please avoid sharing sensitive data (like passwords, government IDs, or financial information) through the Service.

6. AI Processing and Model Providers

The Service uses third-party AI models to process and generate content. When you interact with the Service, your content may be transmitted securely to these providers. Each provider is subject to its own privacy terms.

We take steps to minimize the data shared and to pseudonymize or aggregate it whenever possible. However, content sent to these providers may be subject to their data practices, including potential use for model training unless you are on an enterprise plan.

Child Safety Processing: Content analysis for child safety purposes may involve additional AI processing specifically designed to detect exploitation, grooming patterns, abusive behaviors, destructive content, criminal activity, and other risks to minors.

7. Payments

• Payments are processed by third parties (e.g., Stripe). We do not store full payment card details on our servers.
• For more information about their data handling, please review their privacy policies.

8. Your Rights and Choices

Depending on your location, you may have the right to:

• Access the data we hold about you.
• Request deletion of your personal information (subject to legal retention requirements for safety data).
• Correct inaccurate or incomplete data.
• Opt out of promotional messages.
• Export your data in a portable format.
• Object to or restrict certain processing.
• Lodge a complaint with a data protection authority.

To exercise these rights, contact privacy@dnftinc.com. We may verify your identity before fulfilling your request.

Note: Some data, particularly safety-related evidence, may not be subject to deletion if required for legal compliance, ongoing investigations, or child protection purposes.

9. Children's Privacy and Protection

9.1 Age Requirements and Parental Consent

The Service is not intended for children under 13, and children under 13 are strictly prohibited from using the Service under any circumstances. We do not knowingly collect personal information from children under 13. We do not offer a parental consent mechanism for children under 13. If we discover that a child under 13 has created an account or used the Service, we will immediately terminate access.

Users aged 13-17 may use the Service only with parental consent and supervision. Parents may contact us at parents@dnftinc.com to:

• Verify their child's account
• Review their child's information
• Request deletion of their child's information
• Revoke consent and terminate the account

If you believe a child under 13 has used the Service, contact us immediately at safety@dnftinc.com for immediate review and account termination.

9.2 Enhanced Protection for Minor Users

When we detect or have reason to believe a user is under 18, we may apply additional protections including enhanced monitoring for concerning behaviors, identification of exploitation indicators, and restrictions on certain features. Parental supervision remains essential for minor users.

Parents may contact us at parents@dnftinc.com for account controls and notification systems.

9.3 Child Safety Data Processing

We process data about all users, including minors, to protect children. This includes:

Content Analysis:

• Scanning messages and images for CSAM using hash matching and perceptual hashing
• AI-based semantic analysis to detect inappropriate content involving minors
• Pattern recognition for grooming, abusive behaviors, destructive content, criminal activity, solicitation, and exploitation behaviors

Behavioral Analysis:

• Detecting suspicious interaction patterns
• Identifying age-inappropriate conversations
• Flagging concerning requests or topics
• Monitoring for coercion or manipulation tactics

Account Risk Assessment:

• Evaluating account history and patterns
• Cross-referencing with known violator databases
• Analyzing metadata and usage patterns

This processing occurs automatically and continuously for all users to protect children on our platform.

9.4 Reporting to NCMEC

We are committed to combating child exploitation. When we detect suspected CSAM or child exploitation:

1. We immediately preserve evidence
2. We report to NCMEC through the CyberTipline as required by law
3. We terminate the violating account
4. We cooperate fully with law enforcement investigations
5. We share information with other platforms through safety coalitions

We file reports that may include:

• User account information (identifiers, email, IP address)
• Content (messages, images, videos)
• Metadata (timestamps, technical data)
• Our analysis and findings

9.5 Parental Rights and Controls

Parents or legal guardians of users under 18 may:

Review:

Request to review personal information we have collected from their child.

Delete:

Request deletion of their child's personal information (subject to safety retention requirements).

Control:

Modify privacy settings and account permissions.

Revoke Consent:

Refuse further collection or use of their child's information and terminate the account.

Report Concerns:

Contact us immediately if they observe concerning behavior or content.

To exercise these rights, contact parents@dnftinc.com with:

• Your name and contact information
• Your child's account identifier
• Proof of parental relationship (we may request verification)
• Your specific request

10. International Users

Your data may be processed and stored in the United States or other countries where we or our service providers operate. By using the Service, you consent to the transfer of your information to those jurisdictions, which may have different data protection laws than your home country.

For EU/UK Users: We comply with applicable data protection requirements for international transfers.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will update the effective date at the top when changes are made. We may provide notice by email or within the Service, but are not required to do so. Continued use after an update constitutes acceptance of the new version.

Child Safety Provisions: We may update child safety measures and detection systems at any time to respond to new threats without advance notice.

12. Contact Us

If you have any questions, concerns, or requests about this Privacy Policy:

General Privacy Questions:

• privacy@dnftinc.com
• DNFT INC, 251 Little Falls Drive, Wilmington, DE 19808

Child Safety Concerns or to Report Suspected Exploitation:

• safety@dnftinc.com
• Or report directly to NCMEC CyberTipline: www.cybertipline.org

Parental Verification and Controls:

• parents@dnftinc.com

General Support:

• support@dnftinc.com