This policy explains how within uses information to make STAY feel continuous, personal, respectful, and safely routed across web, email, SMS, and voice. The goal is to preserve presence and memory without losing user control.
Effective date: May 2, 2026
This policy applies to within, STAY, the website, the app, onboarding, preferences, web chat, email replies, SMS replies, voice messages, billing-related account flows, and future media or attachment features connected to the companion experience.
We may store your name, email address, phone number, timezone, sign-in status, session records, membership plan, billing identifiers, communication preference, quiet settings, pause settings, and security or routing tokens needed to operate your account.
We may store onboarding answers, why you want a companion, what has been on your mind, preferred tone, presence level, sensitive times, boundaries, companion traits, custom personality notes, selected voice type, and other settings you provide to shape STAY.
We may store messages you send and messages STAY sends through web, email, SMS, and voice-related flows. This may include timestamps, channel used, thread identifiers, delivery status, reply status, and metadata needed to prevent conversations from mixing.
STAY may create memory summaries, thread summaries, relationship state, key moments, preference summaries, and emotional context summaries. These are used so the relationship does not reset every time you return and so proactive messages do not feel awkwardly out of context.
When voice is enabled, we may process companion text, voice settings, voice identifiers, generated audio files, playback links, usage counts, and delivery logs. If voice input or uploaded audio is supported, transcripts or audio metadata may be used to respond and maintain continuity.
If you upload or request media, we may process files, captions, descriptions, generated outputs, file metadata, storage keys, thumbnails, signed links, and analysis summaries. Media may be used as conversation context if the feature or setting allows it.
For email replies, within may use unique reply addresses and verification signatures to route messages to the correct user and thread. For SMS, within may use phone numbers, provider message IDs, STOP logs, delivery receipts, and opt-out status to deliver messages and prevent unwanted SMS.
We may collect technical data such as browser type, device information, approximate timestamps, session activity, feature usage, message counts, quota usage, errors, latency, provider responses, delivery failures, and logs needed for security, debugging, abuse prevention, and reliability.
Payment details are processed by payment providers. within may store payment status, plan, renewal state, customer identifiers, subscription identifiers, invoice metadata, cancellation state, trial state, and billing portal references needed to manage membership and quotas.
We use information to operate STAY, generate replies, preserve continuity, personalize tone, respect boundaries, route messages, provide voice, enforce quotas, manage plans, prevent duplicates, handle opt-outs, improve reliability, secure accounts, process deletion or export requests, and support the service.
We may share information with service providers that help deliver the product, including AI generation providers, voice providers, email and SMS providers, payment processors, hosting and storage providers, analytics or reliability tools, and security services. We do not sell your conversations to advertisers.
STAY uses automated systems to generate replies, summarize memory, route messages, detect mode, create voice, and personalize the experience. Automated output may be imperfect. You can edit preferences, boundaries, channels, and pause settings to shape how the system responds.
Service communications may be sent by email, SMS, web, or voice according to your preferences and recent activity. Commercial or account-related messages may include required identification or unsubscribe mechanisms. SMS opt-out keywords such as STOP, STOPALL, UNSUBSCRIBE, CANCEL, END, QUIT, REVOKE, or OPTOUT may be logged and used to stop SMS delivery.
within may check whether you recently interacted with STAY before sending daily or proactive messages. This is used to skip, delay, or adapt messages so the companion does not interrupt an active conversation or restart the emotional context awkwardly.
Preferences may allow you to update profile information, communication preference, phone number, tone, presence level, personality traits, boundaries, voice type, auto-speak settings, proactive presence, quiet hours, pause settings, and membership controls.
You may request an export of account and conversation data through the product controls when available. Exports may include profile information, preferences, messages, summaries, interaction metadata, and references to media or attachments where technically available.
You may request deletion through the product controls when available. Deletion is intended to remove or anonymize account-related records, messages, memories, summaries, media references, and stored objects where technically available, except where retention is required for billing, security, legal, abuse prevention, opt-out compliance, or operational records.
We keep information for as long as needed to provide continuity, operate the service, maintain records, respect opt-outs, enforce terms, secure the platform, comply with law, resolve disputes, and support export or deletion workflows. Some logs and backups may persist for a limited period before deletion or rotation.
within uses technical and organizational measures designed to protect account access, route replies to the correct user, prevent cross-user mixing, limit unauthorized access, and reduce abuse. No system is perfectly secure, and you should protect your email, phone, devices, and sign-in links.
Some providers may process or store information in countries other than where you live. Data handled by those providers may be subject to the laws of those jurisdictions. within uses providers only as needed to operate, deliver, secure, and improve the service.
within and STAY are not intended for children. You must be at least 18 years old, or the age of majority where you live if that age is higher, to use the service.
This policy may be updated as the product evolves. If changes are material, within may provide notice through the app, email, SMS, or account area. Continuing to use the service after an update means the updated policy applies.
Questions about privacy, export, deletion, communication preferences, or data controls can be sent through the contact method available in your account or by replying to the service email used for your companion communications.