Privacy Policy — Beam AI Companion Effective date: 03 October 2025 Beam AI Companion (“Beam AI”, “we”, “us”) provides an AI chat application. This Privacy Policy explains what we collect, how we use it, how we share it, and your choices. Quick summary - We use Firebase (Authentication, Remote Config, Functions, App Check, Firestore) and Google Cloud. We store your chats (encrypted at rest) in Firestore and locally in an encrypted database. - Local storage is encrypted with strong database encryption and protected by Android Keystore. - Cloud chat storage is encrypted in transit and at rest. Encryption keys are managed securely with Google Cloud’s Key Management Service (KMS). This is not end-to-end encryption, since our backend can decrypt when needed to sync across devices or restore your chat history if you reinstall the app. Deleted chats cannot be recovered. - We use App Check (Play Integrity in release) to reduce abuse; we also do basic emulator/install-source checks. - Ads monetize the free app. We use a consent flow and can request non-personalized ads when applicable. - We (Infernus Apps) act as the data controller for your personal data. Google generally acts as our processor/service provider (e.g., Firebase, Google Cloud). - We don’t make legally significant automated decisions about you; this is an AI chat experience. 1) Information we collect Account & profile data. Email address (when you sign in) and your saved “profiles/companions” (name + prompt) you create in the app. Chat content. Messages you send and receive. We store message text, timestamps, and token counters used for usage limits. Locally in Room; remotely in Firestore. Device & app signals (security/abuse). App Check verdicts and limited device signals to detect emulators and confirm Play Store installs. Advertising data. Ad SDKs may collect device identifiers and event data to show/measure ads, depending on your consent and platform settings. We do not collect passwords; Firebase Authentication handles credentials. 2) How we use data (and legal bases) - Provide the service. Show chats, generate responses, store histories, sync across devices. - Maintain profiles/companions. Save/update your custom prompts. - Enforce usage caps and reliability. Track token usage for limits and UX. - Security & abuse prevention. App Check, emulator/install-source checks. - Ads. Serve and measure advertising; honor your consent choices. We don’t make decisions that have legal or similarly significant effects on you under GDPR Article 22; AI responses are informational and user-prompted. 3) AI processing specifics We send your prompts (and necessary context) to our AI gateway, which routes to model providers via OpenRouter to generate a response. Provider retention varies by model; OpenRouter documents per-provider retention and offers zero-data-retention defaults where supported. Review model-specific policies if you’re concerned. Your chats are not used to train AI models. 4) Storage & Security On your device - Your chat history is stored in an encrypted local database. - Encryption keys are protected using Android’s secure key storage. In the cloud - Chats stored in Firestore are encrypted both in transit and at rest using strong, industry-standard encryption (AES-256). - Encryption keys are managed securely through Google Cloud’s Key Management Service (KMS). - This protects your data from unauthorized access, though it is not end-to-end encryption. Our backend can decrypt when needed to sync across devices or restore your chat history if you reinstall the app. Deleted chats cannot be recovered. Additional safeguards - We use Google Play Integrity and other safeguards to help ensure that only genuine, non-tampered versions of the app can access our services. No security measure is perfect, but we follow industry best practices for encryption and key management. 5) Data retention & deletion - Chats: Retained until you delete them or your account. App supports remote wipe of Firestore chat collections and local wipe of Room tables. - Token/accounting & operational logs: We track your token usage and related data in order to enforce usage caps, debug issues, and mitigate abuse. These records remain stored with your account and are deleted only if you delete your account. - Ads/SDK logs: Governed by partner policies per your consent. You can request deletion of your Firestore content; local data is removed when you uninstall or use in-app deletion. 6) Advertising & consent We show ads to keep the app free. Where required (e.g., EEA/UK), we use a consent flow for personalized advertising. When consent isn’t granted (or where required), we request non-personalized ads (Ad Manager/AdMob npa=1). 7) Sharing of information We don’t sell your personal information. We share only with: - Service providers / processors: Firebase + Google Cloud (hosting, auth, remote config, functions, App Check, Firestore). - AI providers via OpenRouter: To generate responses (see Section 3). - Legal/safety: If required by law or to protect rights, property, or safety. 8) International transfers Your data may be processed in countries other than yours. We rely on Google’s data processing terms and appropriate safeguards (e.g., SCCs) provided by our processors. 9) Your rights & choices Depending on your location, you may have rights to access, correct, delete, or port your data, and to object or restrict certain processing. You can: - Delete chats in-app (removes local and cloud copies as implemented). - Adjust ad consent via the platform consent dialog and device settings (see Section 6). Automated decision-making: You have the right not to be subject to decisions with legal/similarly significant effects based solely on automated processing; our app does not perform such decisions. California residents: We do not “sell” your data. If personalized ads are considered “sharing” under CPRA, we honor your opt-out through the consent flow and device settings. To exercise rights, contact: support@infernusapps.com 10) Children’s privacy Beam AI is for users 18+. We don’t knowingly collect data from minors; if we learn a minor has used the app, we’ll delete their data. 11) Changes We’ll update this Policy as needed and post the latest version in-app. 12) Contact Infernus Apps Email: support@infernusapps.com