Privacy Policy
Effective July 6, 2026 · Version 2026-07-06
Who we are
Amorlina ("we", "us") provides AI relationship coaching at amorlina.com. During the current early phase, the service is operated by its founder as a private individual in the Netherlands, who is the data controller; an operating company will be announced here when incorporated. For anything in this policy, use the contact page and pick "Privacy or my data", or write to privacy@amorlina.com.
What Amorlina is, and is not
Amorlina is a relationship coaching product. It is not therapy, psychotherapy, medical or psychological treatment, diagnosis, or a medical device, and it is not a substitute for professional mental health care. If you are in immediate danger, contact your local emergency services.
You are talking to an AI
Transparency first, as the EU AI Act requires: your coach, the conversation analyzers, and the practice stand-ins are artificial intelligence systems, not humans, and the replies they produce are AI-generated. As part of coaching, the AI interprets the emotional tone of the text you choose to write to it; it does not analyze your voice, face, or any biometric data. Amorlina makes no decisions about you that produce legal or similarly significant effects: the AI offers perspective and suggestions, a subscription is never granted or refused by an algorithm, and the usage allowances that meter the service are simple prepaid budgets, not profiling. A human is always reachable through the contact page, and our team reviews safety events and can review any AI interaction on request.
The data we process, and why we may
Account data: your name, email address, password (hashed), language, region, settings, and an approximate location derived from your IP address at signup (city-level at best: region, city, postal area, and a city-center coordinate with its accuracy radius, never a precise position). Legal basis: performance of our contract with you (GDPR art. 6(1)(b)).
Relationship content you choose to share: your conversations with your coach, conversations you import for analysis, practice sessions, the people, relationships, moments, and memory your coach builds from what you tell it, and your questionnaire answers. This content can reveal sensitive aspects of your personal life, including emotional wellbeing and, where you choose to share it, matters such as health or sexual life; where it does, it is special category data. Legal basis: your explicit consent (art. 6(1)(a) and 9(2)(a)), given at signup and withdrawable at any time by deleting the relevant content or your account. We process this content only to provide the coaching service to you, never for advertising, and we never sell it.
Usage and billing data: AI usage metering (token counts and provider cost per request), subscription status, and payment records. Legal bases: performance of the contract, and legal obligations for tax and accounting records (art. 6(1)(c)). Card details are handled by Stripe and never touch our servers.
Abuse-prevention records: when you create an account or confirm an email change, we store one-way keyed hashes (HMAC-SHA256) of your email address, your first-party identifier cookie, and your IP address. They exist for a single purpose: granting the one-time starting allowance only once per person and preventing automated or repeat account abuse. These records contain no readable personal data, we cannot reverse them into your email or IP, and they are retained after account deletion for this sole purpose. Legal basis: our legitimate interest in preventing abuse (art. 6(1)(f)).
Visitor data: a first-party identifier cookie ("uid"), pages visited, device and browser type, approximate country from your IP address, and, where you arrived from an ad, campaign parameters. In jurisdictions that require consent, none of this analytics tracking runs until you opt in through the cookie banner (art. 6(1)(a)); strictly necessary processing such as security logging and abuse prevention relies on our legitimate interest in operating the service safely (art. 6(1)(f)). We use no third-party analytics or advertising scripts on our pages.
Contact messages: what you send through the contact page, used only to answer you. Legal basis: our legitimate interest in responding to you, or the contract where your message concerns it.
Cookies
We set a session cookie (sign-in), the "uid" identifier cookie (one year, first party, used for visit analytics and to connect what you did before signup to your account when you create one), and, if you arrive through a price experiment link, a "price_test" cookie (one year) that only ensures you keep seeing the same price. The cookie banner controls the optional ones; you can change your choice anytime via "Cookies" in the footer.
How the AI works with your data
When you talk to your coach, analyze a conversation, or use an AI tool, the relevant text is sent to our AI gateway provider, OpenRouter, which routes it to the selected model provider (for example Anthropic or OpenAI) to generate the response. These providers process the text solely to provide the service; we configure our integration not to allow training on your content wherever the provider offers that control. The coach can also search the conversations you imported to answer you with exact quotes; that search runs on our own systems and its results stay within your account.
Encryption and security
Traffic is encrypted in transit, and data is stored on infrastructure with encryption at rest. Access to production systems is restricted, and every administrative access to user content is recorded in an audit log.
Retention and deletion
You can delete individual people, moments, imported conversations, memory, and conversations at any time; deletion is immediate. When you delete your account, it is deactivated immediately and permanently deleted after 14 days. The permanent deletion can be delayed only for legitimate, documented reasons, such as an open payment dispute, chargeback, fraud investigation, or a legal or accounting obligation, and only for as long as that situation lasts; after it is resolved, deletion completes. Payment records are retained as required by tax and accounting law. Visitor analytics rows are deleted after 180 days. Operational prompt logs used to inspect AI behavior are deleted after 14 days.
Emails, notifications, and marketing
We send two kinds of email. Account email (payment receipts and problems, security notices, verification codes) is part of running your account and always arrives. Tips and offers (practical relationship guidance, feature news, comeback offers, and personal check-ins from your AI coach) are direct marketing for our own service.
We send tips and offers under the existing-customer rule of EU e-privacy law (Directive 2002/58/EC art. 13(2), as interpreted for freemium services by the Court of Justice in case C-654/23) and our legitimate interest in direct marketing (GDPR art. 6(1)(f), recital 47): you created an Amorlina account whose free welcome messages exist to introduce our paid plans, we told you about these emails when you signed up, and every single one contains a one-click unsubscribe. Unsubscribing is absolute (GDPR art. 21(2)): it works immediately, forever, and also lives as a switch in Settings. We measure only whether a link in an email was clicked; we do not use tracking pixels or sale of data, and the content of your conversations never appears in any email.
Browser notifications only exist if you grant them in your browser's own permission prompt, and they can be revoked there or in Settings at any time. Notification content never includes what you or your AI coach wrote, only that a message is waiting.
Your rights
Under the GDPR (and equivalent laws), you can access your data, receive a copy in a portable format, correct it, restrict or object to processing, delete it, and withdraw consent at any time without affecting past processing. Most of this works directly in the product: export everything from Settings, delete anything individually, or delete your whole account. For the rest, use the contact page; we respond within one month. You also have the right to complain to your data protection authority; in the Netherlands that is the Autoriteit Persoonsgegevens.
Processors we use
OpenRouter, Inc. (AI gateway) and the upstream model providers it routes to (including Anthropic and OpenAI); Stripe (payments); Amazon Web Services (email delivery); our hosting provider. Each processes data under a data processing agreement, with EU transfer safeguards (standard contractual clauses or an adequacy framework) where data leaves the EEA. A current list is always available on request.
Age
Amorlina is for adults. You must be at least 18 to use it.
Breach notification
If a personal data breach is likely to put your rights at risk, we will notify the supervisory authority within 72 hours of becoming aware and inform affected users without undue delay.
Changes
When this policy changes materially, we will notify you in the app and record the new version and effective date here. Earlier versions remain available on request.