Privacy Policy
Last updated: March 2, 2026
FazeAI ("we", "our", "us") operates the FazeAI mobile application and website (faze-ai.com). This policy explains how we collect, use, store, and protect your personal data in full compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act (Loi Informatique et Libertés). FazeAI is a European company based in France, and your data is primarily hosted within the European Union.
1. Data Controller
- FazeAI: FazeAI
- Founder & DPO: Jules Galian
- Address: 6 rue de la Barralerie, 34000 Montpellier, France
- Email: contact@faze-ai.com
- Phone: +33 7 58 90 34 58
2. Data We Collect
We collect the following categories of personal data:
- Account information: Email address, name, and profile details you provide during registration.
- Chat data: Messages you send to our AI coaches to provide personalized guidance.
- Voice data (microphone): When you use voice input, audio is processed in real-time for speech-to-text conversion. We do not store raw audio recordings. Only the transcribed text is saved.
- Health & wellness data: Sleep logs, nutrition entries, journal entries, habits, goals, and assessment results you voluntarily input.
- Location data: Only when you explicitly use the Nomad map/travel feature. Never tracked in the background.
- Device information: Device type, operating system, and app version for debugging purposes.
- Assessment results: Personality test scores (STEN), NLP analysis of open-ended responses, and body-map profiles.
3. Legal Basis for Processing (Art. 6 GDPR)
We process your data based on the following legal grounds:
Consent (Art. 6(1)(a))
For microphone access, location access, push notifications, and optional health data collection. You can withdraw consent at any time.
Contract performance (Art. 6(1)(b))
For providing the AI coaching service, processing subscriptions, and managing your account.
Legitimate interest (Art. 6(1)(f))
Exclusively for improving the app, fixing bugs, ensuring security, and fraud prevention. We never invoke legitimate interest for direct marketing, advertising, or user profiling.
4. Device Permissions
FazeAI requests the following device permissions. All are optional unless stated otherwise:
| Permission | Description |
|---|---|
| Microphone (RECORD_AUDIO) | Voice-to-text input for AI coaching. Audio is processed via Google Speech-to-Text or locally. No raw audio is stored, sold, or shared. Entirely optional. |
| Location (ACCESS_FINE_LOCATION) | Nomad travel feature: shows nearby points of interest on a map. Not tracked in the background. Never shared with third parties. |
| Bluetooth (BLUETOOTH_CONNECT) | Enables audio output through Bluetooth headphones or speakers for voice features (TTS/STT). |
| Notifications (POST_NOTIFICATIONS) | Sends reminders for habits, missions, and goals. Includes vibration. Automatically re-scheduled after device reboot. |
| In-App Billing | Processes Premium subscription payments via Google Play Billing or Apple App Store. No payment card data is stored on our servers. |
| Internet & Network | Required for the app to communicate with our servers. Used for all features. |
5. How We Use Your Data
Your data is used exclusively for providing and improving the FazeAI service. Specifically:
- Provide and personalize your AI coaching experience
- Track your habits, goals, sleep, nutrition, and wellness progress
- Calculate and display personality assessment results (STEN scoring + NLP)
- Send notifications and reminders you have opted into
- Process subscription payments
- Improve the app, fix bugs, and monitor performance
- Detect crisis situations and display emergency resources
No Advertising — Ever
FazeAI does not and will never use your personal data for advertising, targeted marketing, behavioral profiling for third parties, or data brokerage. We do not sell or rent your data. We do not display ads in the app. We do not share your data with advertisers. Our sole revenue model is the optional Premium subscription. In the future, your data may only be used in aggregated, anonymized form to improve the FazeAI service itself — never to serve ads or build marketing profiles.
No Automated Decision-Making (Art. 22 GDPR)
FazeAI does not make any automated decisions that produce legal or similarly significant effects on you. AI coaching suggestions are informational only and do not constitute professional medical or psychological advice. Assessment scores are indicative tools for self-reflection, not diagnostic instruments.
6. Data Storage & Security
Your data is stored on secure servers hosted on Amazon Web Services (AWS) in the EU (eu-north-1, Stockholm). We use:
- TLS/HTTPS encryption for all data in transit
- Encrypted database storage (PostgreSQL on Supabase)
- JWT-based authentication with token rotation
- Role-based access control — only the founder has server access
7. Third-Party Services & International Transfers
We use the following third-party services. Some involve data transfers outside the EU, covered by Standard Contractual Clauses (SCCs):
| Service | Description |
|---|---|
| Google Speech-to-Text | Voice input processing. No audio stored by us. Transfer: USA (SCCs). |
| Google Play Billing / Apple App Store | Subscription payment processing. No card data on our servers. |
| Google Maps | Nomad travel feature only. Transfer: USA (SCCs). |
| OpenAI / Anthropic / Mistral APIs | Powers AI coaching conversations. Messages are sent for processing but are not used to train their models. Transfer: USA/EU (SCCs where applicable). |
| ElevenLabs | Text-to-speech voice generation for AI coach voices. Text only, no personal data sent. |
| Amazon Web Services (AWS) | Infrastructure hosting in EU (Stockholm, eu-north-1). |
| Supabase | PostgreSQL database hosting. EU region. |
9. Data Retention
We retain your data only as long as necessary:
| Data | Retention |
|---|---|
| Account data | Until you delete your account |
| Chat history | Until you delete your account |
| Assessment results | Until you delete your account |
| Voice recordings | Not stored — processed in real-time only |
| Location data | Not stored persistently — used only during active session |
| Technical logs | 30 days maximum |
10. Your Rights (GDPR)
Under the GDPR, you have the following rights regarding your personal data:
Right of access (Art. 15)
Request a copy of all personal data we hold about you.
Right to rectification (Art. 16)
Correct inaccurate or incomplete personal data.
Right to erasure (Art. 17)
Delete your account and all associated data. Available in app settings.
Right to data portability (Art. 20)
Receive your data in a structured, machine-readable format.
Right to restriction (Art. 18)
Restrict processing of your data in certain circumstances.
Right to object (Art. 21)
Object to processing based on legitimate interests.
Right to withdraw consent
Withdraw consent at any time without affecting prior processing.
To exercise any of these rights, contact us at: contact@faze-ai.com
You also have the right to lodge a complaint with your local data protection authority. In France:
CNIL (Commission Nationale de l'Informatique et des Libertés)
12. Children's Privacy
FazeAI is not intended for children under 16 years of age, in accordance with Article 8 of the GDPR. We do not knowingly collect personal data from minors under 16. If we learn that we have collected data from a child under 16, we will delete it promptly. If you are a parent or guardian and believe your child has provided data to FazeAI, please contact us immediately.
13. Changes to This Policy
We may update this privacy policy from time to time. Material changes will be notified via the app or email. The updated date at the top of this page reflects the latest revision.
14. Contact & DPO
For any questions about this privacy policy or to exercise your data rights, contact our Data Protection Officer:
- Data Protection Officer: Jules Galian
- Email: contact@faze-ai.com
- Address: 6 rue de la Barralerie, 34000 Montpellier, France
- Phone: +33 7 58 90 34 58