Privacy Policy

Last updated: 2026-07-03

1. Who we are

Agapi (the "App") is operated by TABA TASARIM İNŞAAT A.Ş., a Turkish joint-stock company, registered at Şehit Şekir Elkovan Cad., Ataşehir, İstanbul, Türkiye 34770, tax ID 7300363271 ("we", "us", "operator"). The user-facing brand is Graviti Labs. Contact: [email protected]. Data Protection Officer: [email protected].

2. What data we collect

Agapi does not serve advertising, does not use Apple's advertising identifier (IDFA), and does not track you across other companies' apps or websites.

3. Why we collect it

We do not use your data for advertising of any kind.

4. Data about other people

When you describe a partner, parent, friend, or anyone else, you are sharing data about a third party who hasn't consented to our processing. We mitigate this by defaulting to aliases and never sharing partner data with any third party. If the person you describe contacts us at [email protected] and requests deletion of data about them, we honor the request without requiring proof.

5. Where we store data

Postgres database, Redis cache, and MinIO object storage are all hosted on Hetzner servers in Frankfurt, Germany (EU). Google Gemini API requests (for AI text generation and Agapi Live voice) traverse Google's region. During an Agapi Live call, your microphone audio is routed in real time through LiveKit's media servers and processed by Google Gemini to generate replies, while the on-screen AI avatar video is generated by Beyond Presence; this audio is transient — it is not written to disk or retained after the session. Apple App Store events traverse Apple's infrastructure under their published privacy practices. We maintain a Data Processing Agreement with every vendor.

6. Who we share with

We do not sell your data, ever. We do not use your conversation content — text or voice — to train AI models. Every vendor above acts as our processor under a Data Processing Agreement.

7. Your rights

Under GDPR (EU) and KVKK (Turkey), you have the right to:

8. Account access history

If any member of our team views your conversation content from our internal admin panel, we record that access and surface it to you in Settings → Privacy → Account access history. This is a transparency commitment we make voluntarily, beyond what GDPR and KVKK strictly require.

9. How long we keep data

10. Children

Agapi is for adults 18+ only. We enforce an age gate at signup. If you self-disclose during a conversation that you are under 18, we pause the conversation and surface youth-appropriate resources. We do not knowingly collect data from anyone under 18.

11. Changes to this policy

We will notify you in-app and via email at least 30 days before any material change takes effect. The "last updated" date at the top of this page reflects the current version.

12. Contact

General privacy: [email protected] · DPO: [email protected] · KVKK contact: [email protected]