Your privacy genuinely matters to us. This policy explains what personal data we process at Mochi, why, for how long, and how to exercise your rights. It's aligned with the General Data Protection Regulation (GDPR), Spain's LOPDGDD, and the equivalent laws in Mexico (LFPDPPP), Argentina (Law 25.326), Colombia (Law 1581), Chile (Law 19.628) and the rest of Latin America where we operate.
Who's the controller. Studiosso S.L., based in Spain, is the data controller. For any privacy matter you can write to privacy@heymochi.app or to our data protection officer at dpo@heymochi.app.
What data we collect. To make Mochi work we process: (1) account data — your Apple or Google identifier, your email (which may be an anonymous Apple relay address) and the display name you choose; (2) your conversations with each specialist (Mochi, Yumi, Pip, Tama, Halo) and any attachments you upload; (3) the memory little things you or the system add to the Diary; (4) the photos you upload to Yumi or Halo, processed ephemerally and deleted within 30 days at most; (5) subscription data — active plan, mocha-bean balance, purchase history via Apple/RevenueCat; (6) anonymized usage metrics — which specialist you use, how many messages you send, which screens you tap — to improve the app; (7) minimal technical data — device model, iOS version, system language, IP address truncated in security logs.
What we do NOT collect. We don't read your contacts, don't track your location, don't use advertising identifiers (IDFA), don't perform cross-app or cross-device tracking, don't store passwords, and don't share anything with ad networks. Mochi shows no ads.
Legal basis (GDPR art. 6). We process your account data and conversations because they're necessary to perform the contract you accepted when registering (art. 6(1)(b)). Aggregated usage metrics rely on our legitimate interest in improving the app (art. 6(1)(f)), an interest we've balanced against your rights. Payment-related data and tax-required retention are processed under legal obligation (art. 6(1)(c)). Your consent (art. 6(1)(a)) is requested only for explicit optional uses, such as saving generated photos to your Diary or receiving push notifications.
Who processes your data on our behalf (sub-processors). To run Mochi we rely on these providers, each chosen for their privacy stance: Anthropic PBC (Claude models for chat, writing and study), Google LLC (Gemini models for image and headshots, including Nano Banana), OpenAI Inc. (text-embedding-3-small for semantic search), Supabase Inc. (database and auth, hosted in the Frankfurt EU region), Cloudflare Inc. (Workers, edge and content delivery network), Apple Inc. (authentication and payment processing via the App Store), Google LLC (OAuth authentication) and RevenueCat Inc. (subscription management). We have signed data processing agreements with each one and all of them contractually guarantee they do NOT use your data to train models.
International transfers. Anthropic, OpenAI, Cloudflare, Apple, Google and RevenueCat are headquartered in the United States. When your data travels there it's covered by the Standard Contractual Clauses approved by the European Commission (decision 2021/914) and, where applicable, the EU-US Data Privacy Framework. Supabase hosts your data on servers in Frankfurt, Germany.
How long we keep each thing. Messages and memory little things are kept as long as you keep your account — they're yours, you delete them whenever you want. Photos uploaded to Yumi and Halo are ephemeral: processed, response returned, and automatically deleted within 30 days at most unless you choose to save the result to the Diary. Security and audit logs are kept for 90 days. Billing information is kept for as long as Spanish tax law requires (up to 6 years). When you delete your account from Settings → Delete account, we run a full server-side purge that completes within 30 days.
Your rights. At any time you can exercise your rights of access, rectification, erasure, objection, restriction of processing, and portability. Most of them are built into the app: Settings → Export conversations (access and portability, .txt format), edit your name and memory (rectification), Diary → Forget (partial erasure), Settings → Delete account (full erasure). You can also write to privacy@heymochi.app with any request and we'll respond within 30 days at most. If you're not satisfied with our response, you have the right to lodge a complaint with the Spanish Data Protection Agency (aepd.es) or with the supervisory authority of your country.
Children. Mochi is not directed at children under 13 and we don't knowingly collect data from minors. Between 13 and 14 in Spain (16 in some other EU countries) we require consent from a parent or legal guardian. If you believe a minor has provided us with data without permission, please let us know at privacy@heymochi.app and we'll delete it.
Security. We encrypt your data in transit (TLS 1.3) and at rest (AES-256). Internal access is limited to the people who need to resolve incidents and is logged. If a security breach affects your data, we'll notify the competent authority within 72 hours and you directly without undue delay when it poses a high risk.
Cookies. The Mochi mobile app uses no cookies. Our website (heymochi.app) uses only strictly necessary technical cookies for authentication flows; we don't use analytics, advertising or social-media cookies.
Changes. If we update this policy we'll notify you in the app before it takes effect. Prior versions remain available on request.
Contact. Privacy: privacy@heymochi.app · Data protection officer: dpo@heymochi.app · General: hola@heymochi.app.
Last updated · 30 Apr 2026