Legal

Privacy Policy

Last updated: April 18, 2026

1. Summary

Amour collects only the personal data we need to vet Chatters, match them with creators, run payments, and keep both sides safe. We do not sell personal data. We do not share application contents with creators unless and until you accept a match.

2. What we collect

  • Application data- name, email, phone (optional), country, timezone, prior platform experience, niches, bio, and your “why Amour” statement.
  • Assessment data - your answers and scores on the skills assessment.
  • Account data - your login email and a hashed PIN. We cannot read or recover your PIN.
  • Usage data - pages you visit, actions you take on the dashboard, and device/browser information for security and debugging.
  • Payment data - handled by Stripe. We receive payout confirmations and the last four digits of your payout method; we never store full card or bank numbers.

3. How we use it

  • To evaluate your application and match you with compatible creators.
  • To pay you, issue tax documents where required, and prevent fraud.
  • To operate security measures: rate limiting, account lockout on suspected takeover, moderation of messages flagged by our safety systems.
  • To send operational emails (application status, payout confirmations).
  • To improve the product in aggregate. We never train AI models on the private contents of messages between Chatters and subscribers.

4. Who we share it with

  • Creators- only once you accept a match, and only the subset of your profile you've chosen to make visible.
  • Vendors - hosting (Vercel), database (Supabase), file storage (Vercel Blob), payments (Stripe), and email (Resend). Each is bound by a data-processing agreement.
  • Law enforcement - only in response to valid legal process, or where we have a good-faith belief disclosure is necessary to prevent imminent harm.

5. Retention

We keep active account data for as long as your account is active, plus ninety days to handle wind-down. We retain payment records for seven years as required by tax law. Application data for rejected or withdrawn applicants is deleted within one year unless you ask us to keep it for a future reapplication.

6. Your rights

  • Access - request a copy of the data we hold about you.
  • Correction - fix inaccurate data. Most fields are editable from your dashboard.
  • Deletion - request deletion. We will comply except where we are legally required to retain (e.g. tax records).
  • Portability - request an export in a common machine-readable format.
  • Withdraw consent - revoke permissions you previously granted (profile visibility, marketing email).

To exercise any of these rights, email privacy@amour.app. We respond within thirty days.

7. Security

Data is encrypted in transit (TLS) and at rest (AES-256). PINs are hashed with a salted algorithm. Access to production data is restricted to named engineers on a need-to-know basis and audited.

8. Contact

Questions about this policy? Email privacy@amour.app.