PRIVACY POLICY

Last Updated: December 7, 2025

1. INTRODUCTION

This Privacy Policy explains how Back to Basics Behavior Services, LLC, doing business under the app and brand name Chatterfly App (“Chatterfly App, “app”, “we,” “us,” or “our”), collects, uses, stores, shares, and protects personal information when users access or interact with the Chatterfly App mobile application, website, related platforms, communication channels, and any services we provide (collectively, the “Services”). Chatterfly is headquartered and registered in the State of California, USA, and complies with all applicable U.S. federal, state, and local laws. We also provide this Privacy Policy to meet requirements for users under the Children’s Online Privacy Protection Act (COPPA), California Consumer Privacy Act (CCPA/CPRA), General Data Protection Regulation (GDPR), and other global privacy frameworks.

Chatterfly App is an audio-based conversation practice application designed to enhance communication skills and provide general learning experiences through interactive, AI-powered dialogue tools as well as how-to guides and practice exercises. It is not a therapy platform, counseling service, or medical tool, and we do not provide psychological, mental health, pharmaceutical, or supplement-related advice. Our Services involve audio-based conversation practice, interactive tools, and features that aim to support communication development and general learning experiences. Chatterfly App may be used by users between the ages of 13 an 17, including users with special needs, but the app is not intended for children under 13 as required under COPPA. The purpose of this Privacy Policy is to explain clearly what data we collect, how and why we collect it, how long we keep it, what rights users have, and how users can control their personal information. If you do not agree with any part of this Privacy Policy, you should discontinue use of Chatterfly App.

1.1. Definitions and Explanations

For clarity, the following terms are used throughout this Privacy Policy:

  • “Account”

A unique profile created by a parent, guardian, or user that allows access to the Chatterfly App and its features.

  • “Child” or “Minor”

“child” or “minor” refers to any person under the age of 18. For COPPA purposes, a “child” specifically means anyone under the age of 13. Chatterfly App is not intended for children under 13, and individuals ages 13 to 17 may use the Service only with a parent or legal guardian’s approval.  

  • “Personal Information” or “Personal Data”

Any information that identifies, relates to, or could be reasonably linked to an individual. This may include an email address, device information, account configuration, or conversation data necessary to operate the Service.

  • “Processing”

Any operation performed on personal data such as collecting, storing, modifying, transmitting, or deleting.

  • “Service Providers” or “Third-Party Providers”

Organizations that help us deliver the Chatterfly App such as cloud hosting providers, analytics tools, email verification tools, and artificial intelligence service providers (e.g., OpenAI).

  • “Cookies”

Small text files stored on a user’s device or browser.
Chatterfly App does not use cookies inside the mobile application. If users access content through a web browser version, limited cookie usage may apply (explained in Section 10).

  • “AI Content”

Audio or text generated by our AI-powered components, powered in part by third-party AI APIs.

  • “Sensitive Information”

Personal information that includes health data, biometric data, geolocation, or other categories defined by applicable privacy laws. Chatterfly App does not intentionally collect sensitive information.

  • “You” / “User(s)”

Any user of the Chatterfly App who use the Service.

2. PERSONAL INFORMATION COLLECTION

We only collect the minimum information needed to provide, operate, and secure the Chatterfly App platform. The specific categories of data we collect are described below.

2.1. User Provided Information 

We collect information that users voluntarily submit when interacting with our Services, such as:

  1. Email address.

  2. Contact details (email only).

  3. User display name or nickname (optional).

  4. Settings, preferences, accessibility adjustments within the app.

  5. User support communications, including troubleshooting requests or feedback.

We do not require users to submit phone numbers, home addresses, or sensitive identifiers.

2.2. Information Automatically Collected

To keep the platform secure and functional, we collect limited device and log information, including:

  1. Device type, version, and operating system

  2. Usage logs (timestamp, interaction events)

  3. Crash reports and diagnostic data

  4. Non-precise region data (e.g., country-level information)

We do not collect precise GPS location, motion data, or similar sensitive analytics.

2.3. Audio Interaction Data

Because Chatterfly App uses audio-based conversation practice, we may process:

  1. Audio input temporarily to generate an AI-powered response

  2. AI-generated output audio

Audio input is processed transiently to generate AI responses and is not used for voice recognition, speaker identification, or biometric purposes. We do not create or store voiceprints or other biometric identifiers.

2.4. Information Collected from Children

Nothing is collected from children underage of 13. Other users can use our app with permission of their parents. 

2.5. Purchase Information

When you make in-app purchases, transaction records are processed through Apple App Store or Google Play Store. We receive limited purchase confirmation data (product purchased, transaction ID, timestamp) but do not receive or store payment card details.

3. HOW WE USE PERSONAL INFORMATION

We process data for clearly defined purposes:

3.1. To Create and Manage Accounts

We use email addresses to:

  1. Verify users

  2. Create accounts

  3. Manage login credentials

  4. Contact users about account-related notices

  5. Send onboarding messages, promotions, or rewards related to app usage or signup

3.2. To Provide and Improve the Chatterfly App 

Examples include:

  1. Generating AI-driven audio responses

  2. Maintaining performance

  3. Identifying bugs

  4. Providing stability and accessibility features

3.3. To Comply with Legal Requirements

We retain minimal data for:

  1. Fraud prevention

  2. Regulatory compliance

  3. Audit logging

  4. Security monitoring

3.4. No Sensitive Data Usage

We do not use personal data for:

  1. Behavioral profiling

  2. Targeted advertising

  3. Pharmaceutical or supplement recommendations

  4. Health evaluations or diagnoses

4. OUR LEGAL BASES FOR PROCESSING 

Under GDPR, we rely on the following legal bases:

4.1. Performance of Contract

To deliver the core functions of Chatterfly App (e.g., account creation, audio interactions, settings storage).

4.2. Legitimate Interests

For limited analytics, security, fraud detection, and improving service quality.
We perform a Legitimate Interests Assessment (LIA) to ensure no unnecessary risks to users.

4.3. Legal Obligations

To comply with COPPA, CCPA, and data retention requirements.

5. HOW WE SHARE PERSONAL INFORMATION

We do not sell personal information.

We only share limited information with third-party providers essential to running the app.

5.1. OpenAI

We use OpenAI for AI-driven processing. Relevant details:

  1. OpenAI may temporarily retain logs for up to 30 days

  2. Logs are automatically deleted unless required for security

  3. OpenAI may process user inputs solely for generating outputs

  4. OpenAI’s privacy terms apply (linked within our Privacy Policy)

5.2. Cloud Hosting Providers

We store data on secure U.S.-based cloud servers.
These providers do not access content unless needed for security, maintenance, or compliance.

5.3. Analytics or Diagnostic Tools

Limited device and crash data may be shared for:

  1. Improving app stability

  2. Ensuring device compatibility

  3. Debugging critical issues

5.4. Legal Compliance

We may share information if required by:

  1. Court order

  2. Subpoena

  3. Law enforcement request

  4. Fraud or security investigation

5.5. No Third-Party Advertising

We do not share information with advertisers or marketing networks.

6. COOKIES AND TRACKING TECHNOLOGIES

6.1. Mobile App Cookie Usage

Chatterfly App does not use cookies or tracking technologies inside the mobile application.

6.2. Web-Based Cookies (If Using Browser Version)

If users access our website:

  1. We use essential cookies only

  2. We do not use advertising or behavioral tracking cookies

6.3. Your Cookie Choices

Users can control cookie settings via browser controls.

6.4. Compliance

This cookie disclosure meets:

  1. GDPR Articles 12–14

  2. CCPA/CPRA

  3. ePrivacy Directive

  4. App Store/Google Play requirements

7. CROSS-BORDER DATA TRANSFERS

Because our service providers (including OpenAI and cloud hosting partners) may process data in the United States, we implement:

  1. Standard Contractual Clauses (SCCs) where required

  2. Technical safeguards such as encryption

  3. Strict access controls

International users understand that their information may be transferred to the U.S.

8. DATA RETENTION

We retain information only for the time necessary to fulfill the purpose for which it was collected.

8.1. Retention Schedule

  1. Account email: retained until account deletion

  2. User display name: retained until deletion

  3. Settings/preferences: retained until deletion

  4. Crash logs: 30–90 days

  5. OpenAI logs: Up to 30 days (OpenAI standard)

  6. Communication with support: 12–24 months

  7. Deleted account backups: 14–30 days

  8. Legal compliance records: up to 5 years

Users may request deletion at any time.

9. YOUR PRIVACY RIGHTS

Chatterfly App respects the privacy rights of all users and provides tools, processes, and contact methods to exercise these rights. Because our users may reside in different jurisdictions (USA, California, EU, UK, and others), this section outlines rights available under applicable laws. 

9.1. Rights for U.S. Users

If you are a user located within the United States (excluding California-specific rights covered separately), you may exercise the following rights related to your personal information:

  1. Right to Access
    You may request information about the personal data we have collected, processed, or stored about you.

  2. Right to Request Corrections
    You may request correction of inaccurate or incomplete information in your account records.

  3. Right to Request Deletion
    You may request deletion of your personal information, subject to legal and operational limitations.

  4. Right to Request a Copy of Your Data
    You may request a portable copy of the personal information associated with your account.

  5. Right to Withdraw Consent for a User
    Users may withdraw consent at any time. Once consent is withdrawn, the user’s access to the app will be disabled and all associated information will be deleted unless a user requests otherwise.

  6. Right to Appeal Decisions
    You may appeal any decision related to account termination, refusal of data requests, or other administrative outcomes. We will review appeals promptly and fairly.

9.2. Rights for California Users (CCPA/CPRA)

If you are a resident of California, you are granted additional privacy rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). These include all standard U.S. rights listed above, plus the following:

  1. Right to Know
    You have the right to know what categories of personal information we collect, the purposes for which we use them, and the categories of third parties with whom this information is shared.

  2. Right to Opt-Out of Sale or Sharing
    Although Chatterfly App does not sell or share your personal information for cross-context behavioral advertising, California law still requires us to offer this right.

  3. Right to Limit Use of Sensitive Information
    If sensitive information were collected (we do not intentionally collect sensitive data), you would have the right to limit its use to essential operational purposes.

  4. Right to Deletion
    You may request that we delete personal information we collected from you, subject to certain legal exceptions.

  5. Right to Correction
    You have the right to request correction of inaccurate personal information.

  6. Right to Use Two Request Methods
    CCPA/CPRA requires that we provide two separate methods for submitting privacy requests (e.g., email and online form). Both will be made available on our website or within the app.

  7. Right to Non-Discrimination
    You have the right not to face discrimination or reduced service quality for exercising your privacy rights.

California Privacy Notice

A standalone “California Privacy Notice” detailing the categories of data collected, sources of information, and statutory rights is provided within this Privacy Policy to ensure full compliance.

9.3. Rights for EU and UK Users (GDPR)

If you are located in the European Union or United Kingdom, you are covered under the General Data Protection Regulation (GDPR) or the UK GDPR. Under these frameworks, you have the following rights. 

  1. Right of Access
    You may request confirmation of whether your personal data is being processed and obtain a copy of that data.

  2. Right to Erasure (“Right to Be Forgotten”)
    You may request deletion of your personal information in certain situations, such as when data is no longer necessary, consent is withdrawn, or processing is unlawful.

  3. Right to Rectification
    You may request correction of inaccurate or incomplete personal information.

  4. Right to Restrict Processing
    In certain circumstances (e.g., accuracy disputes or pending objections), you may request that we restrict the processing of your personal data.

  5. Right to Object
    You may object to processing based on legitimate interests, including limited analytics or security monitoring. If an objection is valid, we will stop processing your data unless we can demonstrate compelling legitimate grounds.

  6. Right to Data Portability
    You may request your personal data in a structured, commonly used, and machine-readable format and may ask us to transfer this data to another service when technically feasible.

  7. Right to Withdraw Consent
    If we rely on consent for any processing activity, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

9.4. Exercising Your Rights (All Jurisdictions)

Users may exercise any of the rights listed above by contacting us at the email provided in the “Contact Us” section of this Privacy Policy. Upon receiving a request, we will confirm receipt, verify your identity process the request within the timeframes required by applicable law, and communicate our findings or actions in writing. Where appropriate, we will also provide options to appeal any decision. Requests involving users’ data under age of receive priority handling in accordance with COPPA requirements. 

10. CHILDREN’S PRIVACY (COPPA COMPLIANCE)

10.1. Service Not Intended for Children Under 13
Chatterfly App is not intended for children under the age of 13, and we do not knowingly allow users under 13 to create an account or access the Service. If we become aware that a user under 13 has created an account, provided information, or attempted to use the Service, we will immediately delete the account and remove all associated data. Chatterfly App is designed for teens ages 13–17 with a parent’s approval and for adults.

10.2. Parental Approval for Ages 13–17
Teens aged 13–17 may use Chatterfly App only with a parent or legal guardian’s approval. Parents must review and agree to the Terms and this Privacy Policy before allowing their teen to use the Service. Parents also remain responsible for monitoring and supervising their teen’s use of the Service.

10.4. Action Required If a Child Under 13 Is Found Using the App
If a parent, guardian, or user believes that a child under 13 has accessed Chatterfly App or provided any personal information, they must contact us immediately using the email listed in the “Contact Us” section. We will take all necessary steps to delete the account and remove any related data as required by COPPA.

11. DATA SECURITY

We use industry-standard safeguards to protect personal information, including encryption in transit and at rest, cloud server firewalls, strict access controls, continuous monitoring for suspicious activity, multi-layer authentication for administrators, restricted employee access, regular security audits, and secure handling of data processed through AI components. While no system can ever be guaranteed 100% secure, we take reasonable and appropriate measures to safeguard all user information.

12. THIRD-PARTY SERVICES

We rely on the following service types:

  1. AI service provider (OpenAI)

  2. Cloud hosting provider

  3. Email verification provider

  4. Analytics/crash reporting

  5. Customer support email provider

Each service provider maintains its own privacy policies and may process limited data strictly for the purpose of providing their services. To know more about Open AI’s policies and terms read the following:

https://openai.com/policies/usage-policies/

https://openai.com/policies/privacy-policy/

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically. If material changes occur:

  1. We will notify users through email or app notifications

  2. Continued use after updates implies acceptance

14. CONTACT US

If you have questions, privacy requests, or concerns, contact us at:

Back to Basics Behavior Services, LLC
Attn: Privacy Department

Email: support@Chatterfly.org 

Address: 5101 Santa Monica Blvd, Ste 8 PMB 1393, Los Angeles, CA 90029