Privacy Policy

Thinkboks, LLC (“Selfie,” “the Company,” “we,” “us,” “our”) provides the Selfie iOS application, the selfie-ai.com website, embeddable widgets, APIs, and all related products, features, and services (collectively, the “Services”). This Privacy Policy explains what information we collect, how we use and share it, and your limited choices. By accessing or using the Services in any manner, you unconditionally accept and consent to the practices described in this Privacy Policy. If you do not agree, you must immediately stop using the Services.

1) Scope

This Privacy Policy applies to all interactions with the Services, including but not limited to:

• the Selfie iOS app and any future mobile applications on any platform
• selfie-ai.com, all subdomains, and any successor domains
• embeddable chat widgets deployed on third-party websites
• all APIs, webhooks, integrations, and backend services operated by the Company
• any communications you send to or receive from the Company (including email and SMS)

This Privacy Policy does not apply to third-party websites, platforms, or services you may access through the Services. We are not responsible for the privacy practices of any third party.

2) Information we collect

We collect information broadly and reserve the right to collect any information that is technically available to us through your use of the Services. This includes, without limitation:

A. Information you provide

• Account information: email address, phone number, account identifiers, and authentication credentials.
• Profile information: display name, handle, bio, profile image, intro message, persona settings, rules, preferences, and any other profile data you supply.
• Messages and content: all chat messages, conversation history, prompts, instructions, and any text or content you enter into the Services.
• Uploads and documents: all files you upload (including PDFs, text documents, images, and any other file types), extracted text, metadata, and any data derived therefrom.
• Email content: if you use Selfie to draft, send, receive, or manage emails, we collect and store the full contents of those emails, including recipients, subject lines, body text, attachments, and metadata.
• Calendar data: if you use calendar features, we collect event details, scheduling information, attendee information, and related metadata.
• SMS and messaging: if you use SMS or messaging features, we collect the full content of messages sent and received, phone numbers, and associated metadata.
• Shopping and transactions: if you use shopping or price-tracking features, we collect product searches, pricing data, purchase preferences, and transaction information.
• Voice and audio: if you use voice features, we may collect and store audio recordings, voice data, transcripts, and any data derived from voice input, including voiceprints and speech characteristics.
• Training and knowledge data: content you provide for training your persona, knowledge base entries, override rules, and any instructional content.
• Lead and contact information: names, email addresses, social media handles, URLs, and other contact information submitted through lead capture features.
• Payment information: billing details, subscription information, and payment history (payment card details are processed by our third-party payment processor).
• Support communications: any messages, feedback, or correspondence you send to us.

B. Information from third-party accounts

If you connect a third-party service (e.g., Instagram, email providers, calendar services, or any other integration), we may receive, access, and store any and all information made available through that connection, including but not limited to:

• account identifiers (user ID, username, handle)
• profile information (bio, profile image, follower/following counts, public information)
• content (posts, captions, media, stories, comments, messages, emails, calendar events)
• contacts and social graph data
• engagement and analytics data
• any other data the third-party API makes available to us

We may continue to collect data from connected accounts until you explicitly disconnect them.

C. Information collected automatically

• Device and usage information: app interactions, pages/screens viewed, features used, clicks, taps, scrolls, session duration, frequency of use, timestamps, and performance metrics.
• Technical data: IP address, approximate geolocation derived from IP, user agent, browser type and version, device type, operating system and version, screen resolution, language settings, time zone, and diagnostic information.
• Push notification tokens: device tokens for sending notifications.
• Widget and embed data: when your Selfie is accessed via shared links or embedded widgets, we collect event data, visitor identifiers, referring/origin domains, conversation data, and analytics.
• Cookies and tracking technologies: we may use cookies, web beacons, pixels, local storage, and similar technologies to collect information about your interactions with the Services.
• Agent activity data: when Selfie performs autonomous actions on your behalf (e.g., sending emails, booking services, making purchases, searching the web), we log all actions taken, parameters used, results received, and any errors encountered.

D. Derived and inferred information

We may derive or infer additional information about you from the data we collect, including but not limited to interests, preferences, behavioral patterns, communication style, personality characteristics, and predictive analytics.

3) How we use information

We may use all information we collect for any lawful purpose, including but not limited to:

• providing, operating, maintaining, and improving the Services
• performing autonomous actions on your behalf (email, calendar, shopping, SMS, web search, booking services, and any other agent actions)
• personalizing your experience and delivering tailored content and recommendations
• training, developing, fine-tuning, and improving our AI models, machine learning systems, algorithms, and technology using your content and data
• creating and using aggregated, de-identified, or anonymized data for any purpose, including commercial purposes, without restriction
• analyzing usage patterns, conducting research, and generating analytics and insights
• communicating with you, including promotional communications, marketing messages, service announcements, and administrative notices
• enforcing our Terms of Use and other agreements, and protecting our rights, property, and safety
• detecting, preventing, and addressing fraud, abuse, security issues, and technical problems
• complying with applicable law, legal process, and government requests
• developing new products, services, and features
• any other purpose disclosed at the time of collection or with your consent

4) AI processing and third-party AI providers

The Services rely on artificial intelligence, including third-party AI providers such as OpenAI, to generate responses, perform tasks, and provide functionality. By using the Services, you acknowledge and consent to the following:

• Data sent to AI providers: we may send any of your data to AI providers, including your profile information, uploaded content, connected account data, chat messages, email content, calendar data, and any other information necessary to provide the Services.
• Third-party processing: AI providers process your data according to their own terms and privacy policies, which we do not control.
• No guarantee of accuracy: AI-generated outputs may be inaccurate, incomplete, biased, or inappropriate. You are solely responsible for reviewing and verifying all AI outputs before relying on them.
• Model training: we may use your data, including inputs and outputs, to train, fine-tune, and improve our own AI models and systems. You grant us an irrevocable right to use such data for this purpose.

Do not submit information to the Services that you are not willing to have processed by third-party AI providers.

5) How we share information

We may share your information broadly, including with:

• AI and technology providers (e.g., OpenAI) for processing, generation, and task completion, without limitation on the type or amount of data shared.
• Service providers and vendors that help us operate the Services, including hosting, databases, authentication, storage, push notifications, analytics, diagnostics, payment processing, email delivery, SMS delivery, and any other operational needs.
• Third-party platforms you connect (e.g., Instagram, email providers, calendar services) as necessary for those integrations.
• Affiliates and related entities: we may share information with our parent company, subsidiaries, affiliates, and any entities under common control.
• Business partners: we may share aggregated, de-identified, or anonymized information with business partners, advertisers, and other third parties for any purpose.
• Recipients of your actions: when Selfie performs actions on your behalf (e.g., sending emails or SMS, booking services), data is shared with the recipients and service providers involved in those actions.
• Legal and safety reasons: to comply with law, respond to lawful requests (including from law enforcement and government agencies), enforce our Terms, investigate abuse, protect rights, property, and safety, and defend against legal claims.
• Business transfers: in connection with any merger, acquisition, reorganization, restructuring, financing, asset sale, bankruptcy, or similar transaction, all of your information may be transferred, sold, or disclosed as part of that transaction without additional notice or consent.

We do not sell personal information for monetary consideration. However, certain data sharing described above may constitute a “sale” or “sharing” under some state privacy laws.

6) Data retention

We retain all information we collect indefinitely, unless we determine in our sole discretion that deletion is appropriate. We may retain information for as long as necessary to:

• provide and operate the Services
• train and improve our AI models and technology
• comply with legal obligations and respond to legal process
• resolve disputes and enforce our agreements
• maintain security and prevent fraud and abuse
• fulfill any other legitimate business purpose

If you request deletion, we will make commercially reasonable efforts to delete your personal information from active systems, but we may retain copies in backups, archives, logs, AI model training data, and aggregated/anonymized datasets. Information that has been incorporated into AI models, aggregated data, or de-identified datasets will not be deleted.

7) Your choices

• Account deletion: you may request deletion of your account by using the delete function in the app or by contacting us. Deletion requests are subject to our retention policies described above and may take up to 90 days to process. Certain data may be retained as described in Section 6.
• Access / correction: you may request access to or correction of certain personal information by contacting us. We will respond within a commercially reasonable timeframe. We reserve the right to deny requests that are excessive, repetitive, or technically impractical.
• Push notifications: you can disable notifications in iOS settings.
• Permissions: you can manage device permissions (camera, microphone, contacts, etc.) in iOS settings; some features may not work without them.
• Connected accounts: you can disconnect third-party accounts from within the app; however, data already collected will be retained per our retention policies.
• Marketing communications: you may opt out of promotional communications by following the instructions in those messages, but we may still send you service-related and administrative communications.

8) Security

We implement commercially reasonable security measures. However, no method of transmission or storage is completely secure. We make no warranty, guarantee, or representation regarding the security of your information. You transmit information at your own risk, and you are solely responsible for maintaining the security of your account credentials. The Company shall not be liable for any unauthorized access to, or breach of, your information.

9) Children and eligibility

The Services are intended solely for adults 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected information from a person under 18, we may (but are not obligated to) delete it.

10) International users

The Services are operated from the United States. If you access the Services from outside the United States, your information will be transferred to, processed, and stored in the United States and potentially other countries where our service providers operate. By using the Services, you explicitly consent to such transfer and processing. These countries may not have the same data protection laws as your jurisdiction, and your information may be subject to access by law enforcement and government authorities in those jurisdictions.

11) California and state privacy rights

If you are a California resident, the California Consumer Privacy Act (CCPA) may provide you with certain rights. To the maximum extent permitted by law, the Company’s obligations under such laws are limited to those that are strictly non-waivable. You may submit verifiable requests by contacting us, and we will respond within the timeframes required by applicable law.

12) Do Not Track

The Services do not respond to “Do Not Track” signals or similar browser mechanisms.

13) Changes to this Privacy Policy

We may update this Privacy Policy at any time, in our sole discretion, by posting the updated version and updating the “Last Updated” date. We are not obligated to provide individual notice of changes. Your continued use of the Services after any changes constitutes your binding acceptance of the updated Privacy Policy. It is your sole responsibility to review this Privacy Policy periodically.

14) Contact us

Thinkboks, LLC (Selfie)
316 Sheridan Road
Winnetka, IL 60093
Email: developer@thinkboks.com