Last updated: March 18, 2025 · Effective: March 18, 2025
Your privacy matters. This policy explains clearly what data Lyra collects, why we collect it, how we use it, and your rights. We believe in transparency — if you have any questions, reach out at privacy@lyraapp.com.
1. Information We Collect
1.1 Information You Provide
When you create an account or use Lyra, you may provide:
Account information: email address, username, and password (stored as a salted hash).
Profile information: optional details such as display name or avatar you choose to share.
Conversation content: messages, voice recordings, and any other content you send to or receive from your companions.
Payment information: processed exclusively by Apple (App Store) or Google (Play Store) — Lyra never receives or stores your card details.
Support communications: emails or messages you send to our support team.
1.2 Information Collected Automatically
When you use the Lyra app, we automatically collect:
Usage data: features accessed, session duration, and interaction patterns (e.g. how often you use voice messages).
Location data: approximate location (city-level) to provide contextually relevant responses, only when you grant permission.
Crash & performance data: anonymised diagnostic reports via Firebase Crashlytics to help us fix bugs.
Analytics events: anonymised feature-usage events via Firebase Analytics to improve the product.
1.3 Information from Third Parties
If you sign in using Google or Apple, we receive a token and basic profile information (name, email) as permitted by those services. We do not receive passwords or payment details from them.
2. How We Use Your Information
We use your information for the following purposes:
Providing the service: powering conversations with your AI companions, syncing your history across devices, and enabling voice messaging.
Personalisation: the memory system relies on your conversation history to make your companion feel consistent and personal.
Improving Lyra: aggregated, anonymised analytics help us understand which features are valuable and where to focus development.
Safety & abuse prevention: detecting and acting on harmful, illegal, or policy-violating content.
Customer support: responding to your questions and resolving issues.
Legal compliance: meeting our obligations under applicable law.
Push notifications: sending reminders, streak alerts, and product updates (you can opt out at any time in Settings).
We do not sell your personal data or use your conversation content to train general-purpose AI models without your explicit consent.
3. How We Share Your Information
We do not sell, rent, or trade your personal information. We may share it only in the following limited circumstances:
Service providers: trusted third parties that help us operate Lyra (e.g. cloud hosting, AI inference APIs). They are contractually bound to process data only on our behalf and in accordance with this policy.
Legal requirements: when required by law, subpoena, or government request, or to protect the rights, safety, or property of Lyra, our users, or the public.
Business transfers: if Lyra is acquired or merges with another company, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.
With your consent: in any other circumstance, only with your explicit consent.
4. Data Retention
We retain your data for as long as your account is active or as needed to provide services. Specifically:
Conversation history: retained for the lifetime of your account to power the memory system. You can delete individual conversations or your entire history at any time from the app.
Account data: deleted within 30 days of account deletion.
Anonymised analytics: may be retained indefinitely as they cannot be linked back to you.
Legal & compliance data: retained for the period required by applicable law.
5. Data Security
We take security seriously and implement industry-standard measures including:
TLS 1.3 encryption for all data in transit.
AES-256 encryption for data at rest.
Salted bcrypt hashing for passwords.
Role-based access controls — only personnel who need access to specific data can access it.
Regular security audits and vulnerability assessments.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
Access: request a copy of the personal data we hold about you.
Correction: request that we correct inaccurate or incomplete data.
Deletion: request deletion of your personal data ("right to be forgotten").
Portability: receive your data in a structured, machine-readable format.
Objection: object to certain processing activities, including profiling.
Restriction: request that we limit how we process your data.
Withdraw consent: where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at privacy@lyraapp.com. We will respond within 30 days. Verified requests are free of charge.
You can also delete your account and all associated data directly within the app: Settings → Account → Delete Account.
7. Children's Privacy
Lyra is intended for users aged 13 and older (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children under 13. If we become aware that a child under 13 has provided personal information, we will delete it promptly. If you believe a child under 13 has used Lyra, please contact us at privacy@lyraapp.com.
8. Third-Party Services
Lyra uses the following third-party services, each with their own privacy policies:
Firebase (Google): analytics, crash reporting, push notifications, and authentication.
Apple App Store / Google Play: payment processing for in-app purchases and subscriptions.
AI Inference Providers: conversation processing. Content is processed under strict data processing agreements.
We encourage you to review the privacy policies of these services. We are not responsible for their practices.
9. Cookies & Tracking
The Lyra mobile app does not use browser cookies. We use mobile analytics SDKs (Firebase Analytics) to collect anonymised usage data.
This website (lyraapp.com) may use minimal first-party cookies for session management and analytics. We do not use third-party advertising cookies. You can manage cookie preferences through your browser settings.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
Update the "Last updated" date at the top of this page.
Send a push notification or in-app message to active users.
For significant changes, request renewed consent where required by law.
Your continued use of Lyra after changes take effect constitutes your acceptance of the updated policy.
11. Contact Us
If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us: