Skip to content

Privacy Policy




Privacy Policy

Last Updated: May 1, 2026

# Privacy Policy – Mia Project

**Last Updated: May 1, 2026**

## 1. Introduction

Mia Project (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI companion application and services.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.

## 2. Information We Collect

### 2.1 Information You Provide Directly

**Conversation Data:**
– All messages, communications, and interactions with your Mia agent
– Context, preferences, and behavioral patterns you share
– Feedback and responses to improve your agent

**Account Information:**
– Email address
– Name
– Phone number (if SMS enabled)
– Payment information (processed securely through Stripe)
– Communication preferences

**API Keys (if you use our managed service):**
– Your third-party API credentials (OpenAI, Anthropic, etc.) are encrypted and stored securely
– We do NOT store your unencrypted API keys

**Calendar & Email Integration:**
– If you enable these features, we access and store the data necessary to provide the service
– You retain full control and can disconnect at any time

### 2.2 Information Collected Automatically

**Usage Data:**
– How you interact with your agent
– Features you use most frequently
– Session duration and frequency
– Device information

**Technical Data:**
– IP address
– Browser type
– Operating system
– Timestamps

## 3. How We Use Your Information

We use collected information to:

– **Provide and improve the Service** — train your agent, improve responses, add features
– **Personalize your experience** — tailor agent behavior to your preferences
– **Process payments** — handle billing for your tier
– **Send SMS notifications** — medication reminders, appointment alerts, check-ins (only if you opted in)
– **Communicate with you** — send service updates, security alerts, support responses
– **Analytics and research** — understand usage patterns (anonymized)
– **The Mia Global Initiative** — use 20% of API fees from managed service users to provide free agents to underserved communities
– **Legal compliance** — fulfill legal obligations

## 4. Text Message (SMS) Consent & Opt-Out

### 4.1 SMS Opt-In
You provide consent to receive SMS messages during app registration by checking the opt-in box: “Yes, send me text message reminders for medications, appointments, and important notifications.”

**This opt-in is:**
– Voluntary and not required to use the app
– Separate from Terms of Service
– Unchecked by default

### 4.2 SMS Opt-Out
You can opt out of SMS messages at any time by:
– Replying **STOP** to any SMS message
– Replying **UNSUBSCRIBE** or **END** to any SMS message
– Changing your SMS preferences in your account settings
– Contacting support@miaproject.org

We will honor all opt-out requests within 48 hours.

### 4.3 Message & Data Rates
Message and data rates may apply, depending on your mobile phone service plan.

### 4.4 SMS Consent & Data Sharing (CTIA Compliance)
**All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.**

We do not sell, rent, lease, or trade your mobile phone number or SMS consent information to any third party.

## 5. Data Retention

**Conversation History:**
– Stored indefinitely by default (your persistent memory is the whole point)
– You can request data deletion at any time
– We will delete all conversation history within 30 days of your request

**SMS Consent Data:**
– Retained only to manage your SMS preferences
– Deleted when you opt out or delete your account
– Not shared with third parties

**Payment Information:**
– Retained for 7 years for accounting/tax purposes
– Not accessible to us — securely processed through Stripe

**Account Data:**
– Retained as long as your account is active
– Deleted 90 days after account termination

## 6. Data Security

We implement industry-standard security measures:

– **Encryption** — all data in transit uses TLS/SSL encryption
– **Encrypted storage** — sensitive data encrypted at rest
– **Access controls** — only authorized personnel can access your data
– **Regular audits** — security reviews and penetration testing
– **API key encryption** — your keys are encrypted separately from conversation data

However, no system is 100% secure. We cannot guarantee absolute security, and use of our Service is at your own risk.

## 7. Third-Party Integrations

**Your API Keys:**
If you use our managed API service or bring your own keys:
– You are responsible for the security of your API credentials
– We recommend regularly rotating your keys
– You can revoke access at any time

**Third-Party Services:**
– OpenAI, Anthropic, Google (Calendar/Drive), Twilio (SMS) — we share only the minimum data needed
– See their privacy policies for how they handle data

**Payment Processing:**
– Stripe handles all payment data (we never see full credit card numbers)

## 8. Your Rights

You have the right to:

– **Access** — request all data we have about you
– **Correct** — update inaccurate information
– **Delete** — request deletion of your data (we comply within 30 days)
– **Portability** — export your conversation history in standard formats
– **Opt-out** — disable SMS, email communications, features, etc.

To exercise these rights, contact: privacy@miaproject.org

## 9. The Mia Global Initiative

When you choose our managed API service (vs bringing your own key), 20% of your API spending goes to Mia Global Initiative — providing free agents to low-income and developing world communities.

This is transparent: youll see the percentage in your billing.

We publish quarterly reports on how these funds are used.

## 10. Childrens Privacy

We do not knowingly collect information from children under 13. If we discover we have collected information from a child under 13, we will delete it immediately.

If you are a parent/guardian and believe your child provided information, contact us at privacy@miaproject.org.

## 11. International Users

Our servers are located in the United States. If you access the Service from outside the US, you consent to the transfer and processing of your data in the US, which may have different privacy protections than your country.

EU/GDPR users: We comply with GDPR. You have additional rights including withdrawal of consent. Contact us for details.

## 12. Changes to This Policy

We may update this Privacy Policy occasionally. We will notify you of material changes via email or prominent notice on our website.

Continued use of the Service after changes constitutes acceptance of the updated policy.

## 13. Contact Us

For privacy questions, concerns, or to exercise your rights:

**Email:** privacy@miaproject.org
**Support:** support@miaproject.org