PearPie Privacy Policy

PearPie is built on a simple principle: your conversations are yours alone.

When you use local AI models, your conversations stay within devices you trust. They may run on the device you are chatting from, or be processed by another of your trusted devices acting on your behalf (delegated inference), or be synced between your trusted devices. In all of these cases, PearPie cannot access, read, or store your conversations: the data never reaches our servers. This is a technical reality, not a policy promise.

When you use premium models via the PearPie Network, your requests are processed transiently through our EU-based infrastructure. We do not store, log, or retain these requests. They exist only for the moment it takes to process them.

This policy explains what little data we do handle, why, and what control you have over it.

What we do not collect

We want to start with what we don't have, because the list is long:

• Your conversations or chat history
• The content of your AI interactions
• An email address, phone number, username, or password
• Your contact lists or address book
• Any biometric data
• Any data used for advertising, profiling, or behavioural targeting

We will never sell, rent, or monetise your personal data or content in any way. We do not serve ads. We do not build profiles. We do not train AI models on your data.

What we do collect

PearPie collects the minimum data necessary to operate the service.

Your public key

Your PearPie identity is a cryptographic public key generated on your device. This is not linked to your name, email, or any personal information. It is pseudonymous by default.

Payment data

If you purchase credits, your payment is processed by our payment provider (currently Stripe). PearPie does not directly store your credit card number or billing details: these are held by the payment provider.

However, PearPie does have access to transaction records through the payment provider's platform. This includes transaction history, payment status, and the customer record the payment provider creates for you. This means that if you purchase credits, your public key becomes linked to your real identity through the payment relationship. Free users who do not purchase credits remain fully pseudonymous.

Why we retain payment data

We want to be transparent about this: the payment data we can access through our payment provider is not something we can simply delete on request. Under EU tax law, anti-money laundering regulations, and accounting requirements, we are legally required to retain transaction records for a statutory period (typically 7 to 10 years, depending on jurisdiction). This is not our choice; it is a legal obligation that overrides the GDPR right to erasure (Article 17(3)(b) of the GDPR explicitly exempts data retained for compliance with a legal obligation).

This data is not directly queryable by us as part of daily operations. We do not browse, analyse, or mine payment records. They are accessed only when specifically needed: for example, to resolve a billing dispute you raise, to respond to a lawful request from a tax authority, or to comply with a legal obligation.

Content safety flags

PearPie does not monitor or review your conversations. However, premium model requests are subject to automated content safety screening.

If a request is automatically flagged as potentially violating our Acceptable Use Policy, we may store that specific flagged request and associate it with your public key. This is the sole exception to our no-storage principle. Flagged requests are stored only for the purpose of enforcement and dispute resolution. Non-flagged requests are never stored.

Basic service data

PearPie does not currently collect technical or usage data: no crash reports, no aggregate analytics, no connection metadata. If we ever add any of this in the future (for example to investigate stability issues), we'll disclose it here, keep it minimal, and not link it to your conversations or to your public key where technically avoidable.

How we use your data

The data we collect is used for:

• Fulfilling credit purchases and processing payments
• Operating and maintaining the PearPie Network
• Enforcing our Acceptable Use Policy (via automated content safety screening)
• Complying with legal obligations (tax records, anti-money laundering)
• Resolving billing disputes or support requests you initiate

That's it. We do not use your data for advertising, profiling, training AI models, market research, or any purpose other than those listed above.

Premium model requests & third-party providers

When you use premium models through the PearPie Network, your requests are processed through infrastructure and providers with whom PearPie maintains data processing agreements.

Your data does not leave PearPie's control. In certain cases, a provider may retain request data for a limited period solely for the purpose of abuse prevention, after which it is automatically deleted. In no case is your data permanently stored by a third-party provider. Your pseudonymous identity is preserved throughout the processing chain.

PearPie has negotiated these protections on your behalf. We select providers and infrastructure configurations that align with our privacy commitment.

Device sync

PearPie allows you to sync data and share processing between devices you trust using peer-to-peer connections. This includes syncing conversation data between devices, and delegated inference, where one of your trusted devices performs AI processing on behalf of another. These connections happen directly between devices without passing through PearPie's servers. We do not have access to the data being synced or the requests being processed. You are responsible for choosing which devices to trust and for the security of those devices.

Additional services

PearPie may offer optional additional services in the future (such as encrypted cloud storage) that are subject to supplementary terms. These supplementary terms will be presented to you before you use any additional service and will describe how that service handles your data. This Privacy Policy continues to apply, supplemented (not replaced) by any additional terms.

Your rights

Under the GDPR and applicable EU law, you have the right to:

• Access: the personal data we hold about you. For most users, this is limited to your public key and, if applicable, payment provider records.
• Deletion: of your personal data, except where retention is required by law (such as tax and anti-money laundering obligations for payment records).
• Portability: receive a copy of your data in a portable format.
• Correction: of inaccurate personal data.
• Objection: to processing, and restriction of processing.
• Complaint: you have the right to lodge a complaint with a supervisory authority. If PearPie is established in the Netherlands, this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl). You may also complain to the supervisory authority in your country of residence.

For your conversation data: you already have full control. It's on your device. We don't have it.

To exercise any of these rights, contact us at privacy@pearpie.ai.

Legal basis for processing

Under GDPR, we process data on the following bases:

• Contract performance (Article 6(1)(b)): processing your payment and delivering the service you purchased.
• Legal obligation (Article 6(1)(c)): retaining payment and transaction records as required by tax and anti-money laundering law.
• Legitimate interest (Article 6(1)(f)): enforcing our Acceptable Use Policy to prevent abuse of the service, and collecting minimal technical data to maintain service reliability.

Security

PearPie's security is rooted in its architecture:

• Your identity is a cryptographic key pair generated on your device.
• Local conversations never leave your device.
• Device sync is peer-to-peer, with no cloud intermediary.
• Premium model processing occurs within EU infrastructure.
• We minimise data collection. What we don't have, we can't lose.

Changes to this policy

We may update this Privacy Policy from time to time. Changes will be posted on our website with an updated effective date and a new version recorded in the version history. We will also notify you of updates through the PearPie application. For minor changes, you will see an informational banner in the app. For material changes that significantly affect your rights, you will be asked to review and acknowledge the updated policy before continuing to use the service.

Each version of this policy is permanently retrievable from the version history, along with the SHA-256 hash of its canonical text, so what you agreed to remains verifiable.

Contact

If you have questions about this policy, contact us at privacy@pearpie.ai.