Privacy Notice
Adults only. All profiles and media are AI-generated.
This page explains how Duorella uses information to run adult-only AI companion accounts, chats, AI-generated media, subscriptions, support, and safety controls.
Last updated May 20, 2026
Controller
Tryfta Digital UG (haftungsbeschränkt)
c/o Design Offices Highlight Towers
Mies-van-der-Rohe-Straße 6
80807 München, Germany
Email: [email protected]
Privacy data matrix
This matrix explains the main types of personal information Duorella handles. Exact data can vary by feature, country, device, account state, and whether you use Premium, credits, AI-generated media, support, or billing.
| Data category | Examples | Purposes | Legal bases | Retention | Recipients |
|---|---|---|---|---|---|
| Account, profile, and consent records | Name, gender, email address, password hash, language, settings, age attestation, AI disclosure acceptance, Terms and Privacy Notice versions, country signal, and account security records. | Create and secure your account, remember settings, record required adult-only and AI-generated disclosures, and administer Duorella. | Contract, legal obligation, and legitimate interests in account security, compliance, and abuse prevention. | For the life of the account. After deletion, most account fields are deleted or anonymized within 30 to 90 days unless legal, billing, security, or dispute records must be kept longer. | Hosting, database/storage, email, support, security, observability, professional advisors, and authorities when required. |
| Discovery, match, chat, and memory activity | Profile views, likes, rewinds, superlikes, matches, chat messages, companion memory, relationship stage, prompts, AI outputs, and content preference signals. | Provide Discover, match, chat, memory, personalization, quality checks, safety controls, and abuse investigation. | Contract, legitimate interests in service quality and safety, and consent where a feature specifically asks for it. | Usually kept while your account is active or until you delete the relevant chat or account. Safety excerpts, moderation records, and backups may remain for limited periods when needed for safety, legal, or dispute reasons. | AI generation, moderation/safety, hosting, database/storage, analytics/observability, support, fraud/security, professional advisors, and authorities when required. |
| AI-generated media, uploads, and media requests | Media prompts, generated photos, reference images you choose to upload, review status, moderation signals, provider metadata, file paths, and credit-spend records tied to media actions. | Create and deliver AI-generated media, keep approved profile visuals consistent, moderate uploads and outputs, troubleshoot failed generations, and manage paid media access. | Contract, legitimate interests in safety and service reliability, consent for optional uploads where required, and legal obligation for billing or rights complaints. | Kept while needed for the feature, review, account, or paid record. Deleted-account media is generally removed from active systems within 30 to 90 days unless retained for billing, safety, legal, or rights-review reasons. | AI generation, moderation/safety, hosting, database/storage, support, payments/tax when tied to paid actions, professional advisors, and authorities when required. |
| Billing, credits, tax, and payment records | Subscription status, credit balances, credit ledger entries, checkout sessions, invoices, receipts, tax location, payment-provider identifiers, refunds, disputes, and chargeback records. Duorella does not store full card numbers. | Process Premium, credit purchases, renewals, cancellation, tax, receipts, refunds, disputes, fraud checks, and billing support. | Contract, legal obligation, and legitimate interests in payment security, accounting, fraud prevention, and dispute handling. | Billing, tax, and accounting records are usually kept for 6 to 10 years where law requires. Dispute, fraud, and chargeback records may be kept while claims can be raised or defended. | Payments/tax providers, fraud/security providers, hosting, database/storage, support, professional advisors, banks, card networks, authorities, and courts when required. |
| Support, privacy, safety, and legal requests | Emails, request details, support notes, attachments you send, identity-verification details for rights requests, copyright or content-removal reports, and case history. | Answer questions, verify and handle privacy rights, support billing or account issues, investigate safety reports, and manage legal or rights complaints. | Contract, legal obligation, legitimate interests in support and legal defense, and consent when you choose to send optional details. | Support records are usually kept for up to 3 years after the issue closes. Legal, rights-removal, safety, or dispute records may be kept longer when needed to preserve evidence or comply with law. | Email, support tools, hosting, database/storage, moderation/safety, professional advisors, authorities, courts, and affected users when a notice process requires it. |
| Technical, cookie, security, and fraud data | IP address, device and browser details, session cookies, CSRF cookies, preference storage, server logs, error reports, performance signals, rate-limit events, and fraud-prevention signals. | Keep you signed in, protect sessions, secure checkout, prevent abuse, measure reliability, fix bugs, and protect Duorella, users, and payment operations. | Contract, legitimate interests in security and reliability, legal obligation, and consent for optional analytics or marketing cookies. | Session cookies last for the session or configured login period. Security and server logs are usually kept from 30 days to 18 months unless an incident, fraud, legal, or safety review needs longer retention. | Hosting, database/storage, analytics/observability, fraud/security, payments/tax during checkout, support, professional advisors, and authorities when required. |
| Analytics and product quality data | Event names, app-local IDs, page or feature usage, funnel steps, reliability metrics, approximate country or locale, and hashed provider or checkout identifiers where needed. Product analytics should not include raw chat text, raw media prompts, full IP addresses, full card data, or complete payment objects. | Understand whether the service works, improve reliability, measure paid activation, debug broken flows, and decide what to build without pretending AI companions are real people. | Legitimate interests in product quality and business measurement, and consent where local law requires consent for optional analytics. | Event-level analytics are usually kept for 13 to 25 months. Aggregated metrics that no longer identify a user may be kept longer. | Analytics/observability, hosting, database/storage, support, professional advisors, and authorities when required. |
AI generation, provider posture, and automated moderation
Duorella uses AI systems and related providers to generate companion messages, media, memory summaries, and safety signals. Prompts, chats, profile context, media requests, uploaded reference images, moderation signals, and AI outputs may be processed for those purposes.
Duorella does not permit AI providers to train public models on Duorella prompts, chats, uploads, or media requests where we control that setting. We use provider settings and reviews to limit that use before sending user content. Some providers may still keep limited logs for abuse monitoring, security, debugging, billing, or legal compliance, and retention can differ by provider or feature.
Chats and prompts may include sensitive personal information if you choose to share it. Duorella does not need highly sensitive details for companion entertainment, and you should keep them out of chats. We do not try to infer protected traits unless a limited safety, compliance, abuse-prevention, or support reason requires review.
Automated and human-assisted moderation may scan prompts, chats, uploads, generated media, accounts, and paid actions. These systems can block a request, limit a feature, flag content for review, return credits according to the billing record, or help us investigate abuse. Where law requires meaningful human review for a decision that significantly affects you, contact us and we will review the decision.
Payments
Payment details are handled by payment providers such as Stripe. Duorella stores subscription, invoice, tax, credit, and billing identifiers needed to manage access, receipts, disputes, and support, not full card numbers.
Sharing
We share personal information only when needed for Duorella, billing, safety, operations, support, or legal compliance. Recipient categories include hosting, database/storage, email, payments/tax, analytics/observability, AI generation, moderation/safety, fraud/security, support, professional advisors, corporate transaction reviewers, authorities, and courts when required.
International transfers
Duorella is operated from Germany, and providers may process information in the EU/EEA, the United Kingdom, the United States, Brazil, Mexico, and other countries where our service providers operate. When required, we use safeguards such as adequacy decisions, the EU Standard Contractual Clauses, the UK addendum or IDTA, certification frameworks where valid, processor contracts, and subprocessor review.
Cookies
Duorella uses necessary cookies and similar storage for login sessions, security, CSRF protection, preferences, checkout, language choices, and service reliability. With your consent, we may use analytics or marketing cookies to measure visits, signups, and checkout performance. You can change cookie choices from the footer. Payment providers may use their own cookies during checkout or billing management.
Your privacy rights
You can update account details in settings, delete your account where settings allow it, manage paid access from billing settings when available, and contact us for privacy or account questions. We may need to verify your identity before acting on a rights request, and some rights have exceptions for safety, legal, billing, tax, fraud, or dispute records.
- EU/EEA and United Kingdom: you may have rights to be informed, access, rectification, erasure, restriction, portability, objection, withdrawal of consent, complaint to a supervisory authority, and rights related to automated decision-making and profiling.
- United States: depending on the state privacy law that applies, you may have rights to know or access personal information, correct it, delete it, receive a portable copy, opt out of sale, sharing, targeted advertising, or certain profiling, limit certain sensitive-data uses, appeal a decision, and not be discriminated against for exercising privacy rights. Duorella does not sell personal information. We use cross-context behavioral advertising cookies only if you consent where the consent banner is available.
- Brazil: where the LGPD applies, you may have rights to confirmation, access, correction, anonymization, blocking, deletion, portability, information about sharing, withdrawal of consent, review of solely automated decisions, and complaint to the ANPD.
- Mexico: where Mexican privacy law applies, you may have ARCO rights to access, rectification, cancellation, and opposition, plus rights to revoke consent and limit the use or disclosure of personal data.
- Other countries: contact us and we will handle your request under the privacy law that applies to your location and account.
Retention and deletion
Duorella keeps information for as long as needed to provide the service, maintain records, comply with legal obligations, resolve disputes, enforce safety rules, and protect the product. The matrix above gives ordinary ranges, but a specific record may be kept longer if required for billing, tax, fraud, chargebacks, legal claims, copyright or rights complaints, security incidents, sanctions screening, or account-safety reviews.
Security
We use technical and organizational safeguards designed to protect account information, including access limits, hashed passwords, transport security, private default storage where appropriate, logging, backups, and provider review. No online service can promise perfect security, so use a strong password and keep private information out of companion chats unless you are comfortable sharing it with the systems needed to run Duorella.
Complaints
You can contact us first at [email protected]. You may also complain to a privacy supervisory authority. For private-sector companies based in Bavaria, the likely authority is the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany, https://www.lda.bayern.de/.
Contact
For privacy questions, email [email protected]. If your question is about an account, write from the email address connected to that account when possible.