Privacy Policy
1. Privacy Overview
At Quibit, Inc. ("Quibit," "we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use QuiTalk (the "Service"), our AI-powered chat application.
QuiTalk is a messaging app built around AI-assisted conversations, channels with intelligent AI brains, offline-first messaging, international phone calling, and rich user profiles. This policy covers all features of QuiTalk on mobile, web, and desktop platforms.
You have rights regarding your personal data, including the right to access, correct, delete, and control how we use your information. See the "Your Privacy Rights" section for details.
1.1 Key Points
Here are the most important things you should know about how QuiTalk handles your data:
AI conversations are stored for your history but are NOT used to train third-party AI models
Your messages are stored locally on your device for offline access and synced securely when online
Phone call audio is NOT recorded — only metadata (duration, time, numbers) is stored
Channel brain content (FAQ, tone, topics) is used solely to customize AI responses within that channel
We do NOT sell your personal information to third parties
You can download, correct, or delete your data at any time
Offline-cached data on your device is encrypted and only accessible by the QuiTalk app
Different rules apply for users under 18 (COPPA/GDPR-K compliance)
We protect your data with industry-standard encryption and security measures
2. Information We Collect
We collect several types of information to provide and improve QuiTalk. Here is what we collect and why:
2.1 Information You Provide Directly
- Username and display name
- Email address or phone number
- Password (encrypted, never stored in plaintext)
- Date of birth (for age verification)
- Profile picture and bio
- Language and location preferences
- Direct messages with other users
- Group chat messages
- Channel messages and thread replies
- Town chat messages
- Media files you send (photos, videos, documents)
- Reactions, replies, and message interactions
- Messages you send to Qui AI (personal AI assistant)
- AI-generated responses stored in your conversation history
- AI business agent chat interactions
- Channel brain content you configure (FAQ, tone, topics) as a channel owner
- Rich profile information you choose to share with Qui AI for personalized responses
- Feedback you provide on AI responses (helpful/not helpful)
- Channels you create, subscribe to, or interact with
- Channel posts, announcements, and thread replies
- Channel brain configuration (for channel owners)
- Business information published through channels (products, services, job listings)
- Call logs: numbers dialed, call duration, timestamps
- Wallet transaction history (top-ups, call charges)
- Bank transfer receipts uploaded for wallet top-up verification
- Contact information you import for calling (with your permission)
- NOTE: We do NOT record phone call audio content
- Bank transfer details for wallet top-ups
- Prepaid wallet balance and transaction history
- Subscription payment details (processed by secure third-party providers — we never store full card numbers)
- Billing address (if applicable)
2.2 Information Collected Automatically
When you use QuiTalk, we automatically collect:
- Features you use and how often (chat, AI, channels, calling)
- Time, frequency, and duration of activities
- Channels and groups you participate in
- Search queries within the app
- Accounts you follow, block, or interact with
- Device type, model, and operating system
- Unique device identifiers
- Mobile network information and carrier
- Browser type and version (web)
- Screen resolution and device settings
- App version installed
- Available storage space (for offline data management)
- IP address and general location (city/region)
- Precise GPS location (only with your explicit permission, used for town chats)
- Time zone
- Last sync timestamp
- Sync conflict resolution data
- Device connectivity status changes
- Pending message queue metadata
- Session cookies to keep you logged in
- Preference cookies for settings
- Analytics cookies to understand usage patterns
- Security cookies for fraud prevention
3. How We Use Your Information
We use your information for the following purposes:
3.1 Provide and Improve QuiTalk
Create and maintain your account
Deliver and store your chat messages in real time
Enable offline messaging — store messages locally and sync when you reconnect
Process AI conversations and provide intelligent, personalized responses through Qui AI
Operate AI-enhanced channels with channel brain customization
Facilitate AI business agent conversations
Connect international phone calls to Myanmar and process wallet transactions
Manage groups, channels, and town chats
Provide customer support in English and Myanmar
Develop new features and improve existing ones
3.2 Personalize Your Experience
Improve AI response relevance based on your conversation context and profile
Recommend channels and groups you might be interested in
Customize channel AI behavior based on channel brain settings
Remember your preferences, settings, and recent contacts
Surface relevant town chat conversations near you
3.3 Safety and Security
Verify your identity and prevent fraud
Detect and prevent spam, abuse, and illegal activity in chats and channels
Enforce our Terms of Service and Community Guidelines
Monitor AI conversations for policy violations and harmful content
Detect fraudulent wallet transactions and unauthorized access
Apply AI safety filters to prevent harmful content generation
Protect against security threats and vulnerabilities
3.4 Phone Calls and Wallet
Route international calls to Myanmar through VoIP providers
Process wallet top-ups and deduct call charges
Verify bank transfer receipts for wallet funding
Provide call quality analytics and troubleshooting
Generate call history and transaction statements
4. AI Data Usage
AI is central to the QuiTalk experience. Here is exactly how your data is used in our AI features:
4.1 How AI Conversations Are Processed
When you send a message to Qui AI or interact with an AI-enhanced channel:
Your message is sent to our servers, which forward it to third-party AI providers (such as Google Gemini and Anthropic Claude) to generate a response
Conversation history from your current session is included for context, so the AI understands the flow of your conversation
Your profile data (name, bio, interests, preferences, activity) may be included to personalize AI responses
For channel conversations, the channel brain content (FAQ, tone, topics set by the channel owner) is injected to customize responses
AI responses are sent back to you in real time via streaming
The full conversation is stored on our servers so you can access your history
4.2 Third-Party AI Providers
We use third-party AI providers including Google (Gemini) for Burmese language processing and Anthropic (Claude) for classification and reasoning
We use VoyageAI for text embeddings that power knowledge search and recommendations
We use Qdrant for vector storage that enables semantic search across knowledge bases
These providers are contractually obligated to protect your data under strict data processing agreements
Only conversation content necessary for generating responses is shared — personal identifiers are stripped where possible
We regularly audit our AI providers for compliance with our security and privacy standards
4.3 Your Data Is NOT Used for AI Training
We want to be absolutely clear about this:
Your conversations are NOT used to train third-party AI models
Your messages are NOT added to any general AI training datasets
We may analyze anonymized, aggregated conversation patterns to improve our own AI quality and safety filters
Channel brain content is used only within that specific channel — it is not shared across channels or used for general AI training
You can delete your AI conversation history at any time in QuiTalk Settings. Once deleted, conversations cannot be recovered.
4.4 Profile Data Shared with Qui AI
To provide personalized assistance, Qui AI may access the following profile information you have provided:
Your display name and bio
Your stated interests and preferences
Your recent activity patterns (e.g., channels you follow, topics you discuss)
Your language preferences
Business information you have published through channels
You can control what profile information is shared with Qui AI in Settings > Privacy > AI Data Sharing.
6. Offline Data & Local Storage
QuiTalk is designed to work fully offline. This means we store data on your device to ensure you can access your messages, channels, and conversations even without an internet connection.
6.1 What Is Stored on Your Device
Your chat messages (direct, group, channel, town chat)
AI conversation history
Channel metadata and recent posts
Your contacts and user profiles you interact with
Media files you have viewed or downloaded (cached)
Your preferences, settings, and draft messages
Authentication tokens for secure session management
6.2 Local Database (WatermelonDB)
QuiTalk uses WatermelonDB, an offline-first database, to store your data locally on your device:
All messages and conversations are stored in a local SQLite database managed by WatermelonDB
This allows you to read and compose messages even when you have no internet connection
The local database is sandboxed within the QuiTalk app — other apps on your device cannot access it
Data is encrypted at rest on supported devices using the operating system's encryption capabilities
The database size grows with your usage; you can clear cached media in Settings to free space
6.3 Sync Behavior
When your device reconnects to the internet:
Messages you composed offline are sent to their recipients
New messages from others are downloaded to your device
Sync conflicts (e.g., simultaneous edits) are resolved automatically with server data taking priority
Sync happens in the background — it does not block you from using the app
Only incremental changes are synced, not the entire database, to minimize data usage
Failed syncs are retried automatically with exponential backoff
6.4 Local Data Encryption
On iOS, local data is protected by the device's Data Protection encryption (requires passcode/biometrics)
On Android, local data is encrypted via Android's file-based encryption on supported devices
Authentication tokens are stored in the device's secure keychain/keystore
Clearing the app's data or uninstalling QuiTalk removes all locally stored data
7. Your Privacy Rights and Choices
You have significant control over your personal information in QuiTalk:
7.1 Access and Download Your Data
Go to Settings > Privacy > Download Your Data
Includes: messages, AI conversations, profile info, call history, channel data
Delivered as a downloadable file within 48 hours
Available in JSON or CSV format
7.2 Delete Your Account and Data
You can delete your account at any time:
Go to Settings > Account > Delete Account
This deletes your QuiTalk account and all associated data across Quibit, Inc. apps
We delete your data from our servers within 90 days of account deletion
Wallet balance is forfeited upon account deletion (request a refund first)
Locally stored data is removed when you uninstall the app
Some data may be retained for legal or safety reasons (see Data Retention section)
Before deleting, download your data and request any wallet refunds. Account deletion is permanent and cannot be undone.
7.3 AI Data Controls
You have specific controls over your AI conversation data:
Delete individual AI conversations at any time
Delete all AI conversation history in Settings > AI > Clear History
Control what profile information is shared with Qui AI in Settings > Privacy > AI Data Sharing
Opt out of anonymized AI conversation analysis for quality improvement
Request a copy of all your AI conversation data
AI data deletion is permanent and cannot be recovered
7.4 Phone Call Data Controls
View your complete call history in the Calls tab
Call logs are retained for 90 days, then automatically deleted
Top-up and transaction records are retained for 3 years (legal requirement)
Request deletion of call logs (subject to legal retention requirements)
Download your call history and transaction statements
7.5 Channel Data Controls
Leave any channel at any time — your messages remain but your membership is removed
Delete your own messages from channels
As a channel owner, manage or delete channel brain content at any time
As a channel owner, export your channel data
Control channel visibility (public, private, invite-only)
7.6 Privacy Settings
Control who can message you (everyone, contacts only, nobody)
Control who can call you (everyone, contacts only, nobody)
Show or hide your online/last seen status
Control read receipt visibility
Manage blocked users
Control channel visibility and discoverability
Manage AI data sharing preferences
Manage notification preferences
7.7 Marketing Communications
Unsubscribe from marketing emails (link in every email)
Adjust notification preferences in Settings > Notifications
Opt out of promotional push notifications
Note: You will still receive essential service-related messages (e.g., security alerts, wallet transactions)
8. Additional Rights by Region
8.1 European Union (GDPR)
If you are in the EU/EEA/UK, you have additional rights under GDPR:
Right to access your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing
Right to withdraw consent at any time
Right to lodge a complaint with a supervisory authority
To exercise these rights, contact [email protected] with subject line "GDPR Request — QuiTalk".
8.2 California (CCPA/CPRA)
California residents have the following additional rights:
Right to know what personal information is collected
Right to know if personal information is sold or shared
Right to opt out of sale of personal information (we do not sell your data)
Right to delete personal information
Right to correct inaccurate information
Right to non-discrimination for exercising rights
8.3 South Korea (PIPA)
Users in South Korea have rights under the Personal Information Protection Act:
Right to access and request copies of personal information
Right to correct or delete personal information
Right to suspend processing of personal information
Right to be informed of data breaches within 72 hours
Data is stored on servers with appropriate security measures
9. Children's Privacy
Protecting children's privacy is extremely important to us.
QuiTalk requires all users to be 13 years of age or older. Users between 13 and 17 require parental consent and are subject to enhanced protections.
9.1 COPPA Compliance
We do not knowingly collect data from children under 13
We require date of birth during registration
We immediately delete accounts found to belong to children under 13
If you believe a child under 13 has created an account, contact us immediately
9.2 Teen Account Protections (13-17)
Accounts are private by default
Enhanced content filtering in chats and channels
Restricted who can message or call them
No targeted advertising based on activity
Limited data collection
AI conversations have stricter safety filters that prevent generation of harmful, explicit, or age-inappropriate content
Phone calling features may be restricted without parental consent
Parental control tools available
10. Data Security
We implement industry-standard security measures to protect your data:
10.1 Technical Security Measures
Encryption in transit (TLS 1.3) for all data sent between your device and our servers
Encryption at rest (AES-256) for all data stored on our servers
Secure password hashing (bcrypt) — we never store your password in plaintext
WebSocket connections (Socket.IO) are encrypted and authenticated with JWT tokens
AI conversation data encrypted at rest on our servers
Phone call metadata encrypted in transit and at rest
Wallet and payment data processed by PCI-compliant providers
Local device data protected by OS-level encryption (see Offline Data section)
Regular security audits and penetration testing
Intrusion detection and prevention systems
Automated threat monitoring and DDoS protection
Redis session management with device-level token isolation
10.2 Data Breach Notification
We will notify you within 72 hours of discovering a breach affecting your data
Notification via email and in-app message
Details of what information was affected
Steps we are taking to address the breach
Recommendations for protecting yourself
See our Data Security Policy for comprehensive security details.
11. Data Retention
We retain your data only as long as necessary for the purposes described in this policy:
11.1 Retention Periods by Data Type
- Active accounts: retained for the duration of your account
- Deleted accounts: data removed from servers within 90 days
- Backups: up to 180 days after deletion
- Retained until deleted by you or your account is closed
- Messages in group/channel chats remain after you leave (your profile is disassociated)
- Reported messages: retained during investigation, then handled per policy
- Retained until deleted by you or your account is closed
- Anonymized analytics from AI conversations: up to 2 years
- Safety-flagged AI conversations: retained during investigation
- Channel content: retained while the channel exists
- Channel brain content: retained until deleted by the channel owner
- Deleted channels: data removed within 90 days
- Call logs: 90 days from call date
- Wallet transaction records: 3 years (legal requirement)
- Bank transfer receipts: 3 years (legal requirement)
- Call audio: NOT recorded — no retention
- Stored on your device until you clear app data or uninstall QuiTalk
- Not subject to our server retention schedules — you control local data
- Cached media can be cleared manually in Settings > Storage
12. International Data Transfers
Quibit, Inc. operates globally, serving the Myanmar diaspora in Korea, Japan, Thailand, Vietnam, Malaysia, and worldwide. Your data may be transferred to and processed in countries other than your own.
12.1 Transfer Safeguards
Standard Contractual Clauses (SCCs) for EU data transfers
Adequacy decisions by regulatory authorities
Data processing agreements with all third-party AI service providers
Data processing agreements with VoIP calling providers
Same privacy protections regardless of where data is processed
12.2 Where Data May Be Stored
United States (primary data centers, AI providers)
South Korea (for Korean users, payment processing)
European Union (for EU users)
Other countries where we have infrastructure or service providers
13. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, legal requirements, or new features in QuiTalk.
13.1 How We Notify You
Email notification at your registered email address
In-app notification within QuiTalk
Notice on our website
At least 30 days before material changes take effect
13.2 Your Acceptance
Continued use of QuiTalk after the effective date constitutes acceptance of the updated Privacy Policy. If you do not agree, you may delete your account.
14. Contact Us
If you have questions about this Privacy Policy or how QuiTalk handles your data:
14.1 Mailing Address
Quibit, Inc.
Attn: Privacy Department
Seoul, South Korea
For questions about this policy, contact [email protected]
© 2026 Quibit, Inc. · Version 1.0· Last updated 2026-03-13