Privacy Policy
1. Introduction & Our Commitment
Limbo Chat ("we", "us", "our") is a privacy-first AI chat platform designed from the ground up for European data protection standards. This Privacy Policy explains how we collect, use, and protect your personal data when you use our services.
Our Core Promise: We do not store, log, or have access to your chat conversations. Your AI chat history lives entirely on your device unless you explicitly choose otherwise.
We believe privacy is a fundamental right, not a feature. This policy is written in plain language to ensure you understand exactly what happens with your data. If anything is unclear, please contact us.
Privacy ≠ Anonymity
To be transparent: Limbo Chat is privacy-first, not anonymity-first. We protect your data from unnecessary collection and third-party access. However, we comply with lawful legal requests and cannot protect users engaging in illegal activities.
2. Data Controller
The data controller responsible for your personal data is:
[Company Address]
[City, Postal Code]
[Country - EU Member State]
Email: [email protected]
Data Protection Contact: [email protected]
3. Data We Collect
3.1 Data You Provide Directly
- Account Information: Email address, name (optional), and authentication credentials via Google OAuth
- Billing Information: Payment details processed by Stripe (we never see your full card number)
- Communications: Support requests, feedback, and correspondence with us
- Waitlist Data: Email address and optional information submitted via our waitlist form
3.2 Data Generated Through Use
- Usage Metadata: Number of AI requests, feature usage, and session information (no content)
- Technical Data: Browser type, operating system, IP address (anonymized after 24 hours)
- Error Reports: Sanitized crash reports via Sentry (never includes prompts or conversation content)
3.3 Data We Do NOT Collect
We never collect, store, or have access to:
- Your AI chat prompts or conversations
- AI model responses
- Any content you create or discuss
- Your local chat history
Your conversations are stored locally in your browser using SQLite. They never transit our servers in an unencrypted or readable form.
4. Legal Basis for Processing
Under GDPR Article 6, we process your personal data based on the following legal grounds:
| Processing Activity | Legal Basis |
|---|---|
| Account creation & authentication | Contract performance (Art. 6(1)(b)) |
| Payment processing | Contract performance (Art. 6(1)(b)) |
| AI request routing | Contract performance (Art. 6(1)(b)) |
| Error monitoring & debugging | Legitimate interest (Art. 6(1)(f)) |
| Security & fraud prevention | Legitimate interest (Art. 6(1)(f)) |
| Marketing communications | Consent (Art. 6(1)(a)) |
| Legal compliance | Legal obligation (Art. 6(1)(c)) |
5. How Your Data is Stored
5.1 The Purist Tier (€10/month)
100% Local Storage: All chat history is stored exclusively in your browser using IndexedDB/SQLite WASM. We have zero access to this data. You can export it as encrypted JSON at any time.
5.2 The Pragmatist Tier (€20/month)
Zero-Knowledge Backup: In addition to local storage, you may enable encrypted backups to EU-hosted storage (OVHcloud). Your backup is encrypted with a password that never leaves your browser. We store encrypted blobs we literally cannot decrypt.
5.3 The Professional Tier (€50/month)
Multi-Device Sync: Chat data is synchronized via Turso, pinned to Frankfurt (eu-central-1). Data is encrypted in transit and at rest. Access is authenticated through our secure relay—database credentials never reach your browser.
Key Principle: Regardless of tier, we are architecturally designed to have minimal access to your data. Where we must process data, we do so only in EU jurisdictions with signed DPAs.
6. Subprocessors
We work with carefully selected subprocessors, all of whom have signed Data Processing Agreements (DPAs) with explicit "no retention for training" clauses where applicable.
| Subprocessor | Purpose | Location | DPA Status |
|---|---|---|---|
| Cloudflare | Hosting, CDN, Workers, D1 database | EU (with global edge) | ✓ Signed |
| OAuth authentication only | EU | ✓ Accepted | |
| Stripe | Payment processing | EU (Dublin/Frankfurt) | ✓ Signed |
| Sentry | Error monitoring (sanitized) | EU | ✓ Signed |
| OVHcloud | Encrypted backup storage (€20+ tiers) | EU (France) | ✓ Signed |
| Turso | Sync database (€50 tier only) | EU (Frankfurt - AWS eu-central-1) | ✓ Signed (SOC 2) |
| Mistral AI | AI model provider | EU (France) | ✓ Signed |
| Anthropic (Claude) | AI model provider | EU endpoints only | ✓ Signed |
| AWS Bedrock | AI model provider | EU regions only | ✓ Signed |
| Google Forms | Waitlist collection | EU | ✓ Accepted |
AI Provider Guarantee: All AI providers have confirmed in writing that they do not store prompts or responses, and do not use our users' data for model training.
7. International Data Transfers
We are committed to keeping your data within the European Economic Area (EEA). Our architecture is specifically designed to ensure:
- All AI processing occurs through EU-only endpoints
- All databases are pinned to EU data centers
- Backup storage is exclusively in EU jurisdictions
Where any data might technically transit non-EU infrastructure (e.g., Cloudflare's global CDN for static assets), appropriate safeguards are in place including Standard Contractual Clauses (SCCs) and additional technical measures.
8. Your Rights Under GDPR
As a data subject in the EU, you have the following rights:
Right of Access (Art. 15)
You can request a copy of all personal data we hold about you. For chat data stored locally, you can export this directly from the app.
Right to Rectification (Art. 16)
You can correct any inaccurate personal data through your account settings or by contacting us.
Right to Erasure (Art. 17)
You can request deletion of your account and all associated data. Local chat data can be deleted directly from your browser.
Right to Data Portability (Art. 20)
You can export your chat history as encrypted JSON and your account data in a machine-readable format.
Right to Object (Art. 21)
You can object to processing based on legitimate interests. Contact us to exercise this right.
Right to Restrict Processing (Art. 18)
You can request we limit how we use your data while resolving any concerns.
Right to Withdraw Consent
Where processing is based on consent (e.g., marketing), you can withdraw at any time without affecting prior lawful processing.
How to Exercise Your Rights: Email [email protected] with your request. We will respond within 30 days. You also have the right to lodge a complaint with your local Data Protection Authority.
9. Data Retention
| Data Type | Retention Period |
|---|---|
| Local chat history | Until you delete it (your control) |
| Account data | Until account deletion + 30 days |
| Encrypted backups | Until account deletion + 30 days |
| Billing records | 7 years (legal requirement) |
| Error logs (sanitized) | 90 days |
| IP addresses | Anonymized after 24 hours |
| Waitlist submissions | Until launch or unsubscribe |
11. Children's Privacy
Limbo Chat is not intended for users under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at [email protected].
12. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. When we make material changes:
- We will update the "Last updated" date at the top
- We will notify you via email (for account holders)
- We will display a notice in the app
- We will maintain an archive of previous versions
Continued use of Limbo Chat after changes constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
General Privacy Inquiries
Email: [email protected]
Data Protection Officer
Email: [email protected]
Data Subject Requests
For access, deletion, or portability requests:
Email: [email protected]
Response time: Within 30 days
Supervisory Authority
You have the right to lodge a complaint with your local Data Protection Authority if you believe your rights have been infringed.
This Privacy Policy is provided in English. If there is any conflict between the English version and any translation, the English version shall prevail.