Privacy Policy

Last updated: March 20, 2026

amingo is a product of Romangic Lab LLC, a Delaware limited liability company ("we", "our", "us"). We are committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights. By using amingo, you agree to the practices described here.

1. Information We Collect

1.1 Information You Provide Directly

1.2 Information We Collect Automatically

1.3 Information From Third Parties

• Sign in with Apple: user identifier and email (no password)
• Sign in with Google: user identifier and email (no password)
• We do not purchase or import data from data brokers

2. How We Use Your Information

We do NOT:

• Sell your data to advertisers, data brokers, or any third party
• Use your personal data to train AI models that benefit other users
• Share your voice recordings with any other user or third party

3. Voice Data and Biometric Information — Special Notice

This section requires your explicit, separate consent during onboarding.

Voice recordings submitted to create a Mini Me voice clone are considered biometric data under applicable laws including the Illinois Biometric Information Privacy Act (BIPA), Texas CUBI, and Washington My Health MY Data Act.

We handle voice data as follows:

• Used solely to generate your personal Mini Me voice profile
• Stored with AES-256 encryption at rest and TLS 1.3 in transit
• Never shared with other users, third parties, or used to train any shared AI model
• Not used to circumvent biometric authentication on any system
• Permanently deleted within 30 days of account deletion, or immediately upon your request in Settings → Mini Me → Delete Voice

You must provide a separate, affirmative consent before submitting any voice recordings. The in-app consent prompt will clearly state that your voice will be processed by ElevenLabs (ElevenLabs Inc.) for voice cloning purposes. You may withdraw this consent at any time by deleting your voice data; withdrawal does not affect prior lawful processing.

Retention by state:

• Illinois users: voice data is retained only for the duration stated at time of consent, and deleted within 3 years or when the purpose is fulfilled, whichever is earlier (BIPA § 15(a))
• Texas users: retained no longer than 1 year from collection or 3 years from last interaction, whichever is earlier

3a. Face and Avatar Data — Special Notice

Separate consent is requested before you upload a photo for avatar creation.

When you choose to create a Mini Me avatar, you may upload a photo of your face. This photo is:

• Processed by Google Gemini (Google LLC) to generate your avatar image
• Used solely to generate your personal Mini Me avatar
• Not shared with other users or third parties beyond the processing service
• Not used to train any shared AI model
• Permanently deleted from our servers within 30 days of account deletion, or immediately upon your request in Settings → Mini Me → Delete Avatar

Your photo is transmitted to Google's servers for processing under Google's Privacy Policy. We have a Data Processing Agreement with Google governing this use.

You must provide separate, affirmative consent before uploading any photo. You may delete your avatar and associated photo data at any time.

4. Mini Me Data

Your Mini Me is trained on data you voluntarily provide. This data:

• Powers only your personal Mini Me — not shared with other users
• Is not used to train any general or shared AI model
• Is not visible to other users (they see outputs, not your training data)
• Can be reset or deleted at any time: Settings → Mini Me → Reset

5. Data Sharing

We share data only in these limited circumstances:

All service providers are contractually prohibited from using your data for their own purposes.

Business Transfers: If amingo is acquired or merged, we will notify you before your data transfers to a different policy. You may request deletion before the transfer.

6. Your Rights

6.1 All Users

6.2 EU / EEA Users (GDPR)

In addition to the above:

• Data portability: receive your data in machine-readable format (JSON/CSV)
• Restriction of processing: request we limit processing in certain circumstances
• Object to processing: based on legitimate interest
• Lodge a complaint: with your national Data Protection Authority

Contact: privacy@amingo.app — we respond within 30 days.

6.3 California Users (CCPA / CPRA)

• Know what personal information we collect and how it's used
• Request deletion of your personal information
• Opt out of "sale" or "sharing" of personal information (we do not sell or share data for cross-context behavioral advertising)
• Limit use of sensitive personal information (including voice recordings)
• Non-discrimination for exercising your rights

Submit requests: privacy@amingo.app or via the in-app data request form.

6.4 Illinois Users (BIPA)

You have the right to:

• Know what biometric data we collect and how long we retain it
• Prohibit the sale or profit from your biometric data (we do not sell biometric data)
• Sue in Illinois state court for BIPA violations

7. Data Retention

8. Data Security

• In transit: TLS 1.3
• At rest: AES-256 encryption for all sensitive data
• Access controls: Least-privilege; employee access logged and audited
• Third-party audits: Periodic security reviews
• Incident response: GDPR breach notification within 72 hours; US state law notifications as required

Note on chat message storage: Chat messages are transmitted via TLS encryption but are stored in plaintext on Stream (StreamChat) servers, governed by Stream's security practices and privacy policy. We recommend users exercise discretion when sharing sensitive personal information in chat.

If you believe your account has been compromised: support@amingo.app

9. Third-Party SDKs

Our app includes third-party code that may independently collect data. Each SDK has its own privacy practices:

9a. AI Model Training

We do not use your personal data to train any AI models.

This means:

• Your voice recordings, photos, messages, and personality data are never used to train any AI model — ours or anyone else's
• Your Mini Me is powered by third-party AI models (including Google Gemini and ElevenLabs) applied to your data in real time; your data is not retained by those services for training purposes beyond what is stated in their own privacy policies
• We do not sell, license, or share your data for AI training purposes with any third party

9b. Content Reporting

amingo allows users to report individual messages and content for violations of our Community Guidelines. When you submit a report:

• The reported message content is retained for up to 90 days for review purposes, even if the original message is deleted
• Reports are reviewed by our Trust & Safety team and, where required by law, may be shared with law enforcement
• The identity of the person submitting a report is kept confidential from the reported user
• You can report any individual message by long-pressing on it and selecting "Report"
• We will notify you of the outcome of your report where technically feasible

10. Children's Privacy

amingo is not intended for users under 13. We do not knowingly collect personal information from anyone under 13. If we discover an account was created by a user under 13, we will:

• Immediately suspend the account
• Delete all personal data associated with the account within 30 days
• Notify a parent or guardian if we have contact information

If you believe a minor has created an account: privacy@amingo.app

10a. Cookies and Similar Technologies

amingo's mobile app does not use browser cookies. However, our website (amingo.app) and certain in-app web views may use cookies and similar technologies (such as local storage and device identifiers) for the following purposes:

We do not use cookies for targeted advertising. You can manage cookie preferences in your device settings or by contacting us.

11. International Data Transfers

amingo operates from the United States. Data from EU/EEA users is transferred under Standard Contractual Clauses (SCCs) approved by the European Commission. Data from UK users is transferred under the UK International Data Transfer Agreement (IDTA).

12. Sensitive Information Warning

When using amingo, you may interact with your Mini Me or other users in ways that involve sharing personal details. We strongly advise you not to share sensitive personal information such as:

• Government ID numbers, Social Security numbers, or financial account details
• Health, medical, or mental health information beyond what you voluntarily choose to share
• Information about third parties who have not consented to use of amingo

amingo does not require any of the above to operate. If you choose to include sensitive information in your Mini Me setup or conversations, it is processed as described in this Policy, but doing so is entirely at your own discretion.

12a. Crisis and Safety Response

amingo's systems are designed to recognize expressions of distress, self-harm, or crisis in conversations (including Mini Me interactions). If such content is detected:

• Your Mini Me may pause and display safety resources
• You may be shown contact information for crisis support services (e.g., 988 Suicide & Crisis Lifeline in the US)
• In cases of credible, imminent threat to life, we may contact relevant emergency services

This processing is done to protect your safety and the safety of others, and constitutes a legitimate interest under applicable privacy law.

12b. Do Not Track

amingo does not respond to "Do Not Track" browser signals. For choices about data use, see Section 6 (Your Rights).

13. Changes to This Policy

For material changes, we will notify you via in-app notification or email at least 30 days before the change takes effect. Continued use after the effective date constitutes acceptance.

14. Contact Us

Mailing Address: 6081 Meridian Avenue STE. 70-284, San Jose, CA 95120, United States

Website: https://amingo.app/privacy

Last updated: March 20, 2026