Privacy Policy
Sation — AI Small Talk Coach
Last updated: 7 April 2026
Effective date: 7 April 2026
1. About This Policy
RMRJT Pty Ltd (“we”, “us”, “our”) operates the Sation mobile application (“the App”). The App is an AI-powered small talk coaching platform that helps users practise casual conversation skills through voice-based interactions with AI characters.
This Privacy Policy explains how we collect, use, disclose, and protect your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
By creating an account and using the App, you consent to the practices described in this policy. If you do not agree, please do not use the App.
Minimum age: The App is intended for users aged 16 and over. We do not knowingly collect personal information from persons under 16. If we become aware that a user is under 16, we will close their account and delete their data.
2. What Information We Collect
2.1 Information You Provide Directly
- Account information: name, email address, and an authentication identifier from your chosen sign-in method (Google OAuth, Apple Sign-In, or an anonymous guest session). We do not store your password — authentication is handled by our managed authentication provider or by Apple/Google directly.
- Practice preferences: comfort level, practice goals, preferred scenario types, dating character gender preference
- Session data: conversation transcripts (text only — see Section 2.3 on audio)
2.2 Information Collected Automatically
When you use the App, we may collect:
- Device information: device type, operating system, app version
- Usage data: features accessed, sessions completed, session duration
- Product analytics events: see Section 2.5 for details on what is and is not captured
- Log data: timestamps, error reports, crash data
- Push notification tokens (mobile only)
2.3 Voice and Audio Data — Privacy by Design
Audio stays on your device. The App uses on-device speech recognition (Whisper) to transcribe your voice into text. Your raw audio is never transmitted to our servers or any third party.
What we do receive:
- Transcripts: The text transcription of your conversation is sent to our servers for AI response generation and post-session scoring
- Speech metrics: Aggregated delivery statistics derived on-device from your speech (words per minute, pause timing, filler word counts) — not raw audio
- AI-generated responses: The text of AI character responses during your session
Transcripts and speech metrics are used solely for session scoring and your personal progress tracking. They are not shared with other users or used for advertising.
2.4 AI Conversation and Scoring
During a session, and again after a session ends, we process your conversation text through third-party AI services to generate the character’s responses and to produce your delivery and connection scores. The AI providers receive:
- Your conversation transcript (text only)
- Scenario context (setting, character description, difficulty level)
- Aggregated delivery metrics (words per minute, filler frequency, response latency)
The AI providers do not receive your name, email, or any other directly identifying information — your conversation is processed under an anonymised session identifier. See Section 4.2 for details on each provider and their data handling commitments.
Text-to-speech (the voice you hear from AI characters) is generated from the AI character’s own dialogue — not from your speech. See Section 4.2.
2.5 Product Analytics
We use a third-party product analytics service to understand how users move through onboarding, which scenarios are most used, and where users encounter difficulty. This helps us prioritise improvements.
What is captured:
- Event name and timestamp (e.g.
onboarding_step_viewed,session_completed) - Anonymised user identifier (a random UUID generated by our authentication provider — not your email or name)
- Scenario code, character code, difficulty level
- Aggregated numeric properties: session duration, turn count, delivery score, connection score, total score
- Platform (iOS / Android) and app version
What is NOT captured:
- Your conversation transcripts
- Your voice or any audio
- Your email address, name, date of birth, or other profile fields
- Any content you type or say
- Advertising identifiers (IDFA / AAID)
Analytics events are not shared with advertising networks, data brokers, or any third party other than the analytics provider listed in Section 4.1. We do not use this data for cross-app or cross-site tracking.
Your choice: You can turn off analytics at any time in Settings → Privacy & Data → Share anonymous usage data. When disabled, no further events are sent from your device. Already-collected events remain subject to the retention schedule in Section 7.
The legal basis for this processing is our legitimate interest in improving the App (GDPR Art. 6(1)(f) for users in the EU/EEA); you may object at any time via the in-app toggle.
2.6 Information We Do Not Collect
- Raw audio or voice recordings
- Payment card details (in-app purchases are processed by Apple and Google — see Section 4.1)
- Precise location data
- Contacts, photos, or other device data unrelated to the App
- Advertising identifiers (IDFA / AAID)
3. How We Use Your Information
We use your personal information for the following purposes:
| Purpose | Legal basis (APPs / GDPR) |
|---|---|
| Providing the App and its features | Performance of contract; legitimate interests |
| Generating AI conversation responses during sessions | Performance of contract |
| Scoring your conversation performance | Performance of contract |
| Tracking your progress over time (trends, achievements) | Performance of contract; legitimate interests |
| Sending transactional notifications (session reminders, achievements) | Legitimate interests |
| Sending product and feature updates (opt-in) | Consent |
| Product analytics for improving the App | Legitimate interests (opt-out in Settings) |
| Subscription management and entitlement verification | Performance of contract |
| Improving and debugging the App | Legitimate interests |
| Complying with legal obligations | Legal obligation |
| Fraud prevention and security | Legitimate interests |
4. How We Share Your Information
We do not sell your personal information to third parties.
We may disclose your information in the following circumstances:
4.1 Service Providers (Sub-processors)
We engage trusted third-party service providers to operate the App. These providers are contractually bound to handle your data securely and only for the purposes we specify. The full list of providers that process user data on our behalf:
| Provider | Purpose | Data processed | Location |
|---|---|---|---|
| Supabase | Authentication, database hosting, transactional email | Profile, preferences, session records, scores, achievements | United States (East) |
| Cloudflare (Workers + Durable Objects) | Real-time session orchestration; text-to-speech audio proxy | Conversation transcripts in transit (not persisted beyond session lifetime); TTS audio in transit | Global edge network |
| Anthropic (Claude API) | AI conversation generation and post-session scoring | Conversation transcript text, scenario context, aggregated speech metrics | United States |
| InWorld AI | Text-to-speech (voice generation for AI characters) | AI character dialogue text only — never your transcripts or your voice | United States |
| PostHog | Product analytics (funnel, retention, feature usage) | Event names, timestamps, anonymised user ID, aggregated numeric properties (see Section 2.5) | United States |
| OneSignal | Mobile push notifications | Push subscription ID, device ID, notification content at time of send | United States |
| RevenueCat | Subscription management and entitlement verification | Anonymised user ID, App Store / Play Store transaction identifiers, subscription state. No payment card data, transcripts, or scores. | United States |
| Apple (App Store) / Google (Play Store) | App distribution and in-app purchase processing | Account identifiers, purchase records, payment details (held by Apple/Google, never by us) | Global |
| Expo (EAS) | Mobile app build and over-the-air update distribution | App binary metadata, update delivery telemetry | United States |
Push notifications delivered via OneSignal may contain message content (e.g. an achievement unlocked). OneSignal retains notification content and delivery metadata in accordance with their own privacy policy.
4.2 AI Processing — Anthropic and InWorld
When we send your conversation transcript to Anthropic (Claude) for real-time response generation and post-session scoring, Anthropic processes the data in accordance with their commercial data usage policy. As of this policy’s effective date, Anthropic does not use API inputs and outputs to train their models. We do not share your name, email, or account details with Anthropic — conversations are processed under an anonymised session identifier.
InWorld AI receives only the text of the AI character’s own dialogue so it can generate the voice you hear during a session. InWorld does not receive your transcripts, your voice, or any of your personal information.
4.3 Analytics Processing — PostHog
PostHog receives the product analytics events described in Section 2.5, identified by an anonymised user UUID. PostHog is used solely for product analytics and is not a data broker. You can disable analytics entirely in Settings → Privacy & Data.
4.4 Legal Requirements
We may disclose your information if required by law, court order, or government authority, or to protect the rights, property, or safety of Sation, our users, or the public.
4.5 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice in the App before your information is transferred and becomes subject to a different privacy policy.
5. Cross-Border Data Disclosure
Our authentication and database infrastructure is hosted in the United States (Supabase’s East US region). Our session orchestration runs on Cloudflare’s global edge network, meaning your conversation transcripts may be routed through the Cloudflare data centre nearest to you. Other service providers listed in Section 4.1 are primarily located in the United States. Where we disclose personal information to overseas recipients, we take reasonable steps to ensure those recipients handle the information consistently with the APPs (APP 8.1), including through contractual commitments and selecting providers with robust privacy and security practices.
EU/EEA users: If you access the App from the EU/EEA, the transfer of your data outside the EEA will be subject to appropriate safeguards such as Standard Contractual Clauses.
6. Data Security
We implement reasonable technical and organisational measures to protect your personal information against unauthorised access, loss, destruction, or alteration. These include:
- Encryption of data in transit (TLS) and at rest
- Managed authentication via industry-standard identity providers (Google, Apple) or our managed auth provider — we never handle your password
- Access controls limiting staff access to personal data
- On-device audio processing (audio never leaves your device)
- Real-time session orchestration runs on Cloudflare Durable Objects, which hold conversation state in memory only for the duration of the session. No conversation data is written to Cloudflare’s storage — final transcripts and scores are persisted to our primary database (see Section 7 on retention)
- Row-level security on our database ensuring users can only access their own data
No method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we will notify you and the relevant authority if a data breach occurs that is likely to result in serious harm, as required by the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act).
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the App. When you close your account:
- Account and profile data, session transcripts, scores, conversation preferences, and achievements are deleted immediately when you close your account
- Product analytics events associated with your anonymised ID are deleted from PostHog within minutes of account closure (we trigger PostHog’s person-delete API as part of the account deletion flow)
- Transaction and billing records (held by Apple, Google, and RevenueCat) may be retained for 7 years for tax and legal compliance
- Aggregate, anonymised analytics data (which cannot identify you) may be retained indefinitely
- A minimal device-level fraud-prevention record — a salted hash of your device identifier and a timestamp — is retained for up to 7 days after a free demo session is used, to prevent abuse of the free demo via repeated account creation. This record is not associated with any account, contains no personal information, and is automatically purged once the cooldown expires. It is the only piece of data we deliberately preserve across account deletion.
Deleted data may persist in encrypted backup systems for a period consistent with our standard backup retention schedule before being fully purged.
8. Your Rights
Under the Australian Privacy Principles
You have the right to:
- Access personal information we hold about you (APP 12)
- Correct inaccurate or out-of-date information (APP 13)
- Make a complaint about how we handle your information (see Section 10)
To exercise these rights, contact us at privacy@sation.app. We will respond within 30 days.
Additional Rights for EU/EEA Residents (GDPR)
If you are located in the EU/EEA, you additionally have the right to:
- Erasure (“right to be forgotten”) — request deletion of your personal data
- Data portability — receive your data in a structured, machine-readable format
- Restriction of processing — request we limit how we use your data
- Object to processing — object to processing based on legitimate interests (including product analytics, which you can also opt out of directly in Settings → Privacy & Data)
- Withdraw consent at any time without affecting prior lawful processing
- Lodge a complaint with your local supervisory authority
9. Analytics and Tracking
The App does not use cookies (it is a native mobile application, not a website).
We use PostHog for first-party product analytics, as described in Section 2.5. PostHog identifies you by an anonymised user UUID issued by our authentication provider — not by your email, name, or any advertising identifier.
We do not use third-party advertising trackers. We do not share any data with advertising networks or data brokers. We do not track you across apps or websites owned by other companies. We do not collect IDFA (iOS) or AAID (Android).
Opt-out: You can disable product analytics at any time in Settings → Privacy & Data → Share anonymous usage data. When disabled, no further events are sent from your device.
10. Complaints
If you have a concern about how we handle your personal information, please contact us first:
Privacy contact: privacy@sation.app
Response time: We will acknowledge within 5 business days and resolve within 30 days.
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
- Website: www.oaic.gov.au
- Phone: 1300 363 992
EU/EEA residents may also lodge a complaint with their local data protection authority.
11. Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you by email and/or a prominent notice in the App at least 14 days before the changes take effect. Your continued use of the App after that date constitutes acceptance of the updated policy.
12. Contact Us
RMRJT Pty Ltd
Melbourne, Victoria, Australia
Email: privacy@sation.app
© 2026 Sation. All rights reserved.