Legal

Privacy Policy

Effective Date: February 15, 2026

1. Introduction

Welcome to Feidy AI ("Feidy AI," "we," "us," or "our"). We build thoughtful, AI-powered digital tools designed to help individuals live better, stay balanced, and improve everyday life. Your privacy is fundamental to the trust you place in us, and we take that responsibility seriously.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at feidy.ai, create an account, subscribe to our services, or interact with any of our products (collectively, the "Services"). It applies to all users worldwide, including those in the United States, Canada, the European Economic Area (EEA), and the United Kingdom.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.

2. Information We Collect

We collect information in several ways depending on how you interact with our Services.

2.1 Information You Provide Directly

  • Account Information: When you create an account, we collect your name, email address, and password. You may also choose to provide a profile photo or display name.
  • Payment Information: When you subscribe to a paid plan, payment details (such as credit card number, billing address, and transaction history) are collected and processed by our third-party payment processor. We do not store your full payment card details on our servers.
  • User Content and Inputs: When you use our AI-powered features, we may process the text, data, or other inputs you provide in order to deliver our Services. This may include prompts, preferences, and other content you submit.
  • Communications: When you contact us for support, provide feedback, or otherwise correspond with us, we collect the content of those messages along with your contact information.

2.2 Information Collected Automatically

  • Usage Data: We collect information about how you access and use our Services, including pages visited, features used, actions taken, timestamps, referring URLs, and session duration.
  • Device and Browser Data: We collect information about the device and browser you use, including device type, operating system, browser type and version, screen resolution, language preferences, and unique device identifiers.
  • IP Address and Location: We collect your IP address, which may be used to approximate your general geographic location (such as city or country).
  • Cookies and Similar Technologies: We use cookies, pixels, and similar tracking technologies to collect information about your browsing activity. See Section 5 for more details.

2.3 Information from Third Parties

  • Authentication Providers: If you sign in using a third-party service (such as Google or Apple), we may receive your name, email address, and profile picture from that provider.
  • Analytics Providers: We may receive aggregated or anonymized data from analytics services that help us understand how our Services are used.

3. How We Use Information

We use the information we collect for the following purposes:

  • Providing and Maintaining Services: To create and manage your account, process subscriptions, deliver AI-powered features, and ensure our Services function properly.
  • Improving Our Services: To understand usage patterns, diagnose technical issues, and develop new features and improvements.
  • Personalization: To tailor your experience and provide content and recommendations relevant to your use of our Services.
  • Communication: To send you transactional messages (such as account confirmations and subscription receipts), respond to your inquiries, and provide customer support.
  • Marketing: With your consent where required, to send you information about new features, product updates, and promotional offers. You can opt out at any time.
  • Security and Fraud Prevention: To detect, prevent, and respond to security incidents, fraud, abuse, and other harmful activity.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
  • AI Service Delivery: To process your inputs through our AI features and generate relevant outputs. We use your inputs to provide the service you requested and may use aggregated, de-identified data to improve our models and service quality.

If you are located in the EEA, the United Kingdom, or another jurisdiction that requires a legal basis for processing personal data, we rely on the following grounds:

  • Performance of a Contract: Processing necessary to fulfill our obligations under our Terms of Service, including providing your account and subscription services.
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our Services, ensuring security, and conducting analytics, provided these interests are not overridden by your data protection rights.
  • Consent: Where you have given us clear consent to process your personal data for a specific purpose, such as receiving marketing communications or enabling optional features.
  • Legal Obligation: Processing necessary to comply with a legal obligation to which we are subject.

You may withdraw your consent at any time where consent is the basis for processing. This will not affect the lawfulness of processing carried out before the withdrawal.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and support our operations.

Types of Cookies We Use

  • Essential Cookies: Required for the basic functionality of our Services, such as maintaining your session and remembering your preferences. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our Services by collecting information about pages visited, time spent, and navigation paths. We use this data in aggregate to improve our Services.
  • Functional Cookies: Enable enhanced functionality and personalization, such as remembering your display preferences and settings.

Managing Cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse cookies or to alert you when cookies are being sent. Please note that disabling cookies may affect the functionality of certain features of our Services.

We do not use advertising or targeting cookies. We do not serve third-party ads on our Services.

6. Third-Party Services

We work with trusted third-party service providers to operate and improve our Services. These providers have access to your information only to the extent necessary to perform their functions and are contractually obligated to protect your data.

Categories of Third-Party Services

  • Payment Processing: We use Stripe (or a similar PCI-compliant payment processor) to handle subscription payments. Your payment information is transmitted directly to the processor and is subject to their privacy policy.
  • Cloud Hosting and Infrastructure: Our Services are hosted on reputable cloud infrastructure providers that maintain industry-standard security certifications.
  • Analytics: We use analytics services to collect and analyze usage data, helping us understand how our Services are used and how we can improve them.
  • Email and Communication: We use third-party services to send transactional and, where permitted, marketing emails.
  • Authentication: If you choose to sign in through a third-party provider, your authentication is handled by that provider's systems.

We do not sell your personal information to third parties. We do not share your personal information with third parties for their own marketing purposes.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Services. We also retain information as necessary to comply with legal obligations, resolve disputes, enforce our agreements, and support our business operations.

Specific retention practices include:

  • Account Data: Retained for the duration of your account. When you request account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
  • Usage and Analytics Data: Generally retained in an aggregated or anonymized form and may be kept for up to 24 months for service improvement purposes.
  • Payment Records: Retained as required by tax and financial regulations, typically for a period of 7 years.
  • Support Communications: Retained for up to 24 months after resolution to improve our support processes and maintain continuity.
  • AI Inputs and Outputs: Processed in real time to deliver results. We do not retain identifiable AI inputs beyond what is needed to provide the service, unless you choose to save content within your account.

8. Data Security

We implement appropriate technical and organizational measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and vulnerability testing
  • Access controls that limit employee access to personal data on a need-to-know basis
  • Secure software development practices
  • Incident response procedures for detecting and addressing security events

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to continuously improving our security practices.

9. International Data Transfers

Feidy AI is based in Canada. If you access our Services from outside Canada, your information may be transferred to, stored, and processed in Canada or other countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

When we transfer personal data from the EEA, the United Kingdom, or Switzerland, we rely on appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data processing agreements with our service providers that include adequate data protection commitments
  • Adequacy decisions, where applicable, recognizing the destination country as providing an adequate level of data protection

You may request a copy of the safeguards we use for international data transfers by contacting us at the address provided in Section 13.

10. Your Rights

Depending on your location, you may have specific rights regarding your personal information. We are committed to honoring these rights regardless of where you reside, to the extent feasible.

10.1 Rights Under GDPR (EEA and UK Residents)

If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation:

  • Right of Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct inaccurate or incomplete personal data.
  • Right to Erasure: You have the right to request that we delete your personal data, subject to certain legal exceptions.
  • Right to Restriction of Processing: You have the right to request that we limit how we use your personal data in certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
  • Right to Object: You have the right to object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority.

10.2 Rights Under CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom we share your data.
  • Right to Delete: You have the right to request the deletion of your personal information, subject to certain legal exceptions.
  • Right to Opt-Out of Sale: We do not sell your personal information. As such, there is no need to opt out, but we honor this right in principle.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. You will not receive different pricing, quality, or levels of service for making a rights request.

10.3 Rights for All Users

Regardless of your location, you may:

  • Access and Update Your Information: You can review and update your account information at any time through your account settings.
  • Delete Your Account: You can request account deletion by contacting us or through your account settings. Upon deletion, we will remove or anonymize your personal data within 30 days, except where retention is legally required.
  • Opt Out of Marketing: You can unsubscribe from marketing emails at any time using the link in any marketing message we send.
  • Manage Cookies: You can control cookies through your browser settings as described in Section 5.

To exercise any of these rights, please contact us using the information in Section 13. We will respond to your request within the timeframes required by applicable law and may ask you to verify your identity before processing your request.

11. Children's Privacy

Our Services are not directed to children under the age of 16 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at the address provided in Section 13 so we can take appropriate action.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Effective Date" at the top of this page
  • Post the revised policy on our website
  • Notify you by email or through a prominent notice within our Services, where appropriate

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Services after any changes take effect constitutes your acknowledgment of the revised policy.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:

Feidy AI Inc.

Email: kevin.dai@feidy.ai

Address: 770 Bay Street, Toronto, Ontario, M5G 0A6, Canada

If you are located in the EEA or the United Kingdom and have concerns about our data processing that we have not been able to resolve, you have the right to lodge a complaint with your local data protection supervisory authority.