← Înapoi

Privacy Policy

Last updated: 24 April 2026

1. Data controller

The controller of your personal data (the “Operator”) is:

GREGMAR Grzegorz Czudowski

ul. Sienkiewicza 22B

64-000 Kościan, Poland

Tax ID (NIP): 4970074627

REGON: 302229980

E-mail: contact@gregmarapps.com

This Privacy Policy describes how the Operator collects, uses, and protects your personal data when you use the Xadya online service available at xadya.com.

Xadya is a service offering interactive conversations with fictional characters powered by artificial intelligence. None of the characters represents real people.

2. Data we collect

a. Data you provide directly

  • E-mail and name (when registering via Google)
  • Content of messages sent to AI characters
  • Account preferences (display name, gender)

b. Data collected automatically

  • IP address, browser type, and operating system
  • Activity in the service (visited pages, session duration)
  • Session identifier (essential session cookie)

3. Purpose and legal basis for processing

We process your data in order to:

  • provide and improve the Service,
  • personalise interactions with AI characters,
  • operate the virtual currency system (Diamonds),
  • prevent abuse and protect security,
  • comply with legal obligations.

The legal basis for processing is the performance of a contract for the provision of services, the Operator's legitimate interest (security, abuse prevention) and, where applicable, statutory obligations.

We do not sell your personal data.

4. Sharing of data

We may share data with the following entities:

  • cloud infrastructure providers (hosting, databases),
  • AI model providers (conversation content processed by external APIs),
  • Google LLC (Google OAuth sign-in).

All partners operate under data-processing agreements and apply appropriate safeguards.

5. Data retention

We retain your data for as long as necessary to provide the service or as required by law. After account deletion, personal data is permanently removed. For security purposes (preventing repeated abuse) only anonymous cryptographic hashes are retained — these cannot be used to identify a person.

6. Your rights (GDPR)

You have the right to:

  • access your data,
  • rectify your data,
  • erase your data (the “right to be forgotten”),
  • restrict processing,
  • data portability,
  • withdraw consent at any time.

To exercise these rights, please contact us at: contact@gregmarapps.com.

7. Cookies

The Service uses only an essential session cookie to maintain a logged-in state. We do not use tracking or marketing cookies.

8. Security

We apply appropriate technical and organisational measures to protect your data. No method of transmission over the Internet is 100% secure, but we make every effort to protect your information responsibly.

9. Minors

The Service is intended only for adults (18+).

We do not knowingly collect personal data from persons under 18.

10. Changes to this Privacy Policy

We reserve the right to amend this Policy. We will notify you of material changes via a notice in the service or by e-mail. Continued use of the service after the changes take effect constitutes acceptance of the amended Policy.

11. Contact

For matters relating to the protection of personal data:

E-mail: contact@gregmarapps.com

GREGMAR Grzegorz Czudowski, ul. Sienkiewicza 22B, 64-000 Kościan, Poland