NariYume (the “App”) is an AI companion app published by Koro Interactive (“we,” “us”). This policy explains what we collect, why, and the choices you have. NariYume’s characters are generative AI — not real people.
Minors, up front. NariYume asks your age. If you are under our minimum age you are blocked from the App. If you tell us you are a minor (under 18), we do not collect any analytics or crash-diagnostic data from you, and romance-style content is disabled. Analytics and diagnostics are off by default and enabled only after an adult age is confirmed.
1. Information we collect
Account & identity
Sign-in (optional): if you sign in with Google or Apple, we receive your email and a user identifier via Firebase Authentication. You can use much of the App without signing in.
Age: a birthdate you enter once, used only to classify your access tier (blocked / minor / adult). We store the resulting tier, not a public profile.
Conversations & voice
Chat content: messages you send are transmitted through our server (a Cloudflare Worker proxy) to large-language-model providers (OpenRouter, and DeepSeek as a fallback) to generate the character’s reply. Your chats are also stored in your own account so they sync across your devices. We do not sell your conversations or use them to train models.
Voice: during voice conversations, audio is converted to text using Apple’s on-device speech recognition. We use the transcript to generate replies; we do not retain raw audio recordings on our servers.
Photos you choose to send: if you attach a photo, it is sent inline with that one request to the AI provider. We do not browse or upload your photo library.
Optional device features (only with your permission)
Each is off until you enable it, used only for the stated feature, and read-only where noted: calendar (anticipate your day), approximate location (local weather context), Health (sleep/activity context), motion (ambient presence), reminders, notifications, microphone, and camera.
Analytics & diagnostics — adults only
Usage analytics (Google Firebase Analytics): app opens, screens viewed, features used, and similar product-interaction events, plus a Google-assigned app-instance identifier and general device/OS information — used to improve the App in aggregate. We do not use this for advertising and do not track you across other apps or websites.
Crash diagnostics (Firebase Crashlytics): if the App crashes, a crash report with device state is sent so we can fix it.
Both are disabled by default and enabled only for users confirmed to be adults. Minors and unclassified users are never measured.
Cost attribution
Chat requests carry a random, per-installation token (header x-nariyume-user) so we can group and manage AI-usage costs at our proxy. This token is not your name, email, or account ID, and is not linked to your identity.
2. How we use information
To provide the companion experience (generate replies, voice, memory, personalization).
To keep your account and chat history in sync across your devices.
To keep the service safe and reliable, prevent abuse, and manage costs.
For adults only: to understand aggregate usage and fix crashes.
3. Children & teens
NariYume is not directed to children under our minimum age, and they are blocked at the age gate. For known minors we (a) collect no analytics or crash data, (b) disable romance-coded content, and (c) periodically remind you that you are talking to generative AI. If you believe a child has provided us personal information, contact us and we will delete it.
4. How information is shared
We share data only with service providers that operate the App, under their terms — never sold:
Google Firebase — authentication, database/sync, analytics, crash reporting.
OpenRouter / DeepSeek — large-language-model inference for replies (reached through our Cloudflare proxy).
Cloudflare — our request proxy and hosting/edge.
Apple — sign-in, on-device speech, and App Store services.
5. Retention & your choices
Chat history is kept until you delete it or delete your account (available in the App). Deleting your account removes your synced data.
You can revoke any device permission (calendar, location, mic, etc.) at any time in iOS Settings.
You may request access to or deletion of your data by contacting us.
6. Security
Provider API keys are never stored in the App — all AI calls are made server-side. Local sensitive data is file-protected on your device, and requests are attested to confirm they come from the genuine App.
7. AI disclosure
NariYume’s characters are generative AI and not real people, and will tell you so if asked. They are for companionship and entertainment, not professional (medical, legal, or financial) advice.
8. Changes
We may update this policy; we’ll revise the “Last updated” date above and, for material changes, surface a notice in the App.