Privacy Policy

The Red Flag Club ("we", "us", "our") is a product of MYARAH AI TECHNOLOGIES PRIVATE LIMITED, a company incorporated in India. We operate the website theredflag.club and the associated mobile-installable application. If you have questions about this policy, email us at info@theredflag.club.

Account data

When you sign up (via Google OAuth or a magic-link email), we receive and store your email address, and optionally your display name and profile photo (from Google). You may also provide a short "about me" note and your gender during onboarding. This information is stored in our authentication and database provider, Supabase.

Chat messages

Conversations you have with our AI companions are stored locally in your browser (localStorage) and are not uploaded to our servers unless explicitly stated. We do send messages to OpenAI to generate replies. See Section 4 for details on sub-processors.

AI memory

Every third message, we extract key facts from your conversation (e.g. your name, interests, things you've shared) and save them as a short memory summary linked to your user ID in our database. This lets the AI remember context across sessions. You can delete all memories at any time by clearing your conversation.

Subscription data

If you purchase a premium plan, payment is processed by Razorpay. We receive a subscription record (plan type, expiry date) but never your card number or full payment details. Those stay with Razorpay.

Usage data

We track how many messages you send per day to enforce daily limits. We may also log basic server events (errors, rate-limit triggers) for debugging. We do not use third-party analytics trackers or advertising pixels.

Marketing leads

When you create an account, your email address and sign-up method are recorded in a separate, restricted table we use for product updates and re-engagement. You can opt out at any time by emailing us.

• To authenticate you and keep your account secure.
• To generate AI companion responses personalised to you.
• To enforce daily message limits and manage your subscription tier.
• To send you transactional emails (magic links, subscription receipts).
• To send occasional product update emails if you have opted in.
• To detect abuse, enforce rate limits, and maintain service security.
• To improve the product, we may analyse aggregated, anonymised usage patterns.

We do not sell your personal data to third parties. We do not use your conversations to train AI models.

We use a single session cookie managed by Supabase to keep you logged in. We do not use advertising or tracking cookies. Your conversation history and app preferences are stored in your browser's localStorage, so this data never leaves your device unless your messages are sent to OpenAI for reply generation.

Your account and associated data (memories, subscription records) are kept for as long as your account exists. If you delete your account, we permanently delete your auth record, memories, and subscription data within 30 days. Your email address in the marketing leads table is soft-deleted (anonymised) so we can honour suppression requests. Conversation history stored in localStorage is erased immediately when you clear your chat or uninstall the app.

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data. You can:

• Delete your entire account from the in-app settings menu at any time.
• Clear your conversation history (and all AI memories) from the chat screen.
• Email us at info@theredflag.club for a data export or to ask any privacy question.

The Red Flag Club is intended for users who are 18 years of age or older. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, please contact us immediately and we will delete it.

We apply industry-standard security measures: HTTPS everywhere, Row Level Security on our database, Content Security Policy headers, and rate limiting on all API endpoints. No system is perfectly secure, and we cannot guarantee absolute security of your data. Passwords are never stored. We use magic links and OAuth only.

We may update this policy as the product evolves. We'll notify you by updating the date at the top of this page. Continued use of the service after changes constitutes acceptance of the revised policy.

For privacy-related questions or requests, contact us at info@theredflag.club.