Ekko Privacy Policy

Last Updated: June 14 2025 

IMPORTANT NOTICE – PLEASE READ CAREFULLY

BY ACCESSING OR USING EKKO, YOU AGREE TO BE BOUND BY THIS PRIVACY POLICY AND OUR TERMS OF SERVICE. THIS INCLUDES CONSENT TO THE COLLECTION AND USE OF YOUR INFORMATION AS DESCRIBED BELOW, INCLUDING AUDIO RECORDINGS, TRANSCRIPTS, LOCATION INFORMATION, AND AI-GENERATED INSIGHTS.

THIS POLICY ALSO CONTAINS A BINDING ARBITRATION CLAUSE AND CLASS ACTION WAIVER THAT AFFECT YOUR LEGAL RIGHTS. IF YOU DO NOT AGREE TO THESE TERMS, PLEASE DO NOT USE THE SERVICE.

Welcome to Ekko, the AI-powered dating coach app by echoEQ.ai LLC. We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use and share it, and your rights. It applies to all Ekko users in the United States and any use of our iOS application and related services (“Ekko” or “the Service”). By using Ekko, you agree to the practices described in this Policy. If you do not agree, please do not use the app.

1. Information We Collect and How We Use It

We collect personal information and user content that you provide, as well as data automatically generated by your use of Ekko, for the following purposes:

• Account Information: When you register or subscribe to Ekko, we collect information such as your name, email address, and authentication credentials. This is used to create your account, manage subscriptions, and communicate with you. If you sign in via Apple or other providers, we receive basic profile info (like name, email) as permitted by that login method.
• Voice Recordings (Audio Data): Ekko’s core feature is analyzing your real-life dating conversations. If you choose to record a conversation through Ekko, the app will access your device microphone (with your permission) to capture the audio. Important: These voice recordings are not stored on our servers beyond the short time needed for analysis – once processed, the raw audio is deleted. We use the audio only to generate a transcription and insights for you, and do not retain the actual voice file . The text transcript (and Ekko’s analysis of it) will be stored in your account as part of your coaching history, unless you delete it (see Data Retention below).
• Screenshots and Text Messages: You may also upload screenshots of chats or input text of conversations with your dating prospects for analysis. These user-provided content items are used to provide personalized insights (for example, analyzing tone or detecting red flags in messages). The content of these uploads is treated confidentially and is stored in your account so you can review the AI’s advice. Similar to voice data, you can delete any uploaded screenshots or text transcripts at any time.
• Location Information: With your permission, we may collect location data (such as GPS  location) at the time of a recorded or analyzed conversation. This information is used solely to enhance the AI-generated memory experience—for example, by incorporating contextual details like whether your date took place at a restaurant, bar, park, or beach. This helps Ekko create more compelling and personalized visual memories. Location data is never used for advertising or continuous tracking.
• Derived Insights and Recommendations: Ekko generates tips, compatibility assessments, conversation feedback, and other coaching outputs (“insights”) based on the content you share. We store these insights for your reference and to track your progress. Insights may also help us improve Ekko’s algorithms (e.g. understanding common dating issues), but in such cases we use de-identified data only – we remove or anonymize personal details before using conversation data to refine our AI models. No personal information is used in training our AI unless it has been anonymized, and no human reviewer ever sees your raw conversation content without your consent .
• Usage Data and Device Info: Like most apps, Ekko automatically collects certain technical data when you use it. This includes your device type, operating system version, app version, and general usage metrics (such as which features you use, and timestamps of logins or analyses). We collect IP address and general location (e.g. city, state derived from IP) for security and analytics. This usage data helps us ensure the service is working correctly, analyze trends to improve Ekko’s features, and debug issues. For example, we may track how often users utilize the “voice analysis” feature to plan improvements.
• Cookies and Similar Technologies: Since Ekko is primarily a mobile app, we do not use cookies in the app. However, if you visit our website or help center, we may use cookies for functionality and analytics. You can set your browser to refuse cookies if desired. (This is more relevant to our web presence than the app itself.)
• Communication Data: If you contact us for support or feedback, we will receive whatever contact method you use (email address, phone number, etc.) and any information you choose to provide in your message. We only use this to assist you and improve our services.

Legal Bases (for CCPA and analogous laws): We collect and use these categories of information for the business and commercial purposes described above, which include providing the service you requested, maintaining and improving the app, and security/fraud prevention. This is generally based on your consent (e.g. you choose to provide a voice recording for analysis), our obligation to fulfill our contract with you (providing the paid coaching service), and our legitimate interests in running a safe and effective service. We do not collect sensitive personal information like government IDs, financial account numbers, or biometric identifiers. While our analysis may touch on personal matters (like relationship insights), we handle all user content as described with care and confidentiality.

2. Third-Party Data and Consent Obligations

Because Ekko deals with personal conversations, you might provide us information about third parties (for example, the person you went on a date with, whose voice is in a recording or whose messages appear in a screenshot). It is your responsibility to ensure you have the legal right to record or share such content. Before recording a conversation with someone or uploading their messages, please make sure you have their permission to do so Unauthorized recording of private communications may be illegal in certain states (for example, California requires consent from all parties to record a conversation).

Ekko is intended for personal use to reflect on your own dating life. You should not upload or record content involving others unless you have obtained all necessary consents. By providing any third-party personal data to Ekko, you represent that you have the authority and permission to do so. We will treat any third-party data you share with the same security and privacy safeguards as your own data, as outlined in this Policy.

3. How We Use Third-Party Services (Subprocessors)

Ekko uses reputable third-party services to operate its technology, and we share user data with these providers only to the extent necessary for the purposes below. All third-party processors are bound by contracts to protect your information and use it solely for providing services to Ekko – they cannot use your data for their own purposes (such as marketing or training their models) without your consent

The key service providers we engage include:

AI Processing Services: Ekko integrates with advanced AI platforms to transcribe audio and generate coaching insights. For example, we send audio clips to AssemblyAI for speech-to-text transcription, and text (transcribed or typed chat) to OpenAI or AWS Bedrock to analyze conversation tone, suggest responses, etc. These AI API providers receive the data (audio or text) in real-time to process your request and send back the result. They do not store these inputs or outputs on their servers after completing the request, and they do not incorporate your content into their general AI model training . We have ensured via our agreements or their policies that your data remains confidential and is not used to improve their services for others.  

Cloud Storage and Hosting: Ekko’s backend is hosted on secure cloud infrastructure (such as AWS). Any personal account information and conversation insights we store are kept on cloud servers with robust security. Cloud providers act as data storage subprocessors – e.g., storing your transcripts/ insights in a database – under strict confidentiality. Raw voice recordings are not permanently stored; however, short-term buffering of audio may occur on cloud servers during the live analysis process. Our storage providers implement strong encryption at rest and in transit to safeguard your data .

Analytics and Crash Reporting: We may use third-party analytics tools (for example, a service like Amplitude or Firebase) to collect aggregated app usage statistics and crash reports. These tools might automatically collect device identifiers and technical data about your app sessions to help us fix bugs and understand usage patterns. No voice content or personal conversation data is included in these analytics. You can opt out of analytics collection in the app settings if you prefer.

Payment Processing: If Ekko offers in-app purchases or subscriptions through the Apple App Store, those transactions are handled by Apple. We do not directly collect or store your credit card information; any payment details are processed securely by the App Store under Apple’s privacy policy. We receive confirmation of your subscription status from Apple but no sensitive payment data.

We maintain an updated list of significant subprocessors upon request. Rest assured, we do not share any user data with advertisers or social media companies, and we will never sell your personal information .

4. Data Sharing and Disclosure

Ekko does not sell, rent, or trade your personal information to outside parties for their own marketing or profit . We only share information in the following circumstances:

Service Providers: As described above, we share necessary data with vendors who help us run Ekko (AI processing, cloud hosting, analytics, customer support). They are service providers acting on our behalf, and they are contractually obligated to keep your information confidential and secure . They may only use it to provide services to us and not for any other purpose.

Legal Requirements: If we are compelled by law enforcement or regulators to disclose data, we will comply with applicable law. This might include responding to a lawful subpoena, court order, or similar legal process. Our policy is to fight overly broad or invalid requests and to notify you of any legal demand for your information before we disclose it, whenever we are legally permitted to do so. We will only release the minimum data necessary to comply with the law.

Protection of Rights and Safety: We may disclose information if we believe it’s necessary to enforce our Terms of Service, to investigate or stop illegal activities (such as misuse of Ekko for harassment or recording illegal content), or to protect the rights, property, and safety of Ekko’s users, our company, or others. For example, if someone reports an incident indicating danger or self-harm, we might review and share relevant data with authorities to the extent allowed by law, in order to prevent harm.

Business Transfers: If EchoEQ.ai LLC is involved in a merger, acquisition, financing due diligence, or sale of all or part of its business, user information may be transferred to a new owner or entity as part of that transaction. If such a transfer occurs, we will ensure the successor honors the commitments we have made in this Privacy Policy. We will notify you (for example, via email or a notice in the app) if your data will be handled under a different privacy policy as a result of a business change .

Apart from the above, no one else gets access to your personal conversations or data. Even within our company, we restrict access: Ekko’s team members will only access user data on a “need-to-know” basis. For instance, customer support may see your account email or subscription status to assist you, but we do not read or listen to your conversation content unless you explicitly ask us to for troubleshooting. In rare cases, with your permission, we might review a snippet of a transcript to debug an analysis issue, but this 20 

will be opt-in (you’d have to send it to us or check a consent box for support) .

5. Data Retention and Deletion

How long do we keep your data? We retain personal data only as long as needed to fulfill the purposes described in this Policy, or as required by law. This means:

Account information (like your email, profile info) is kept as long as you have an Ekko account. If you delete your account or request deletion, we will remove this information from our active databases (with backups purged in the next backup cycle), except as needed to comply with legal obligations.

Voice recordings are deleted immediately after processing. The audio of your conversations is not stored on our servers beyond the transient period needed to analyze it and generate results. Once processed (usually within seconds to a couple of minutes of ending a recording), the raw audio file is permanently deleted from our systems.

Transcripts and Insights (derived from your voice or chat inputs) are stored in your account so you can review them. These are retained by default to provide you ongoing coaching value. You can delete any specific conversation transcript or insight at any time via the app. If you do so, the data will be expunged from our production database and will no longer be accessible to you. We may retain server logs or encrypted backups for a limited period thereafter, but we will not restore or use deleted content except if required for legal reasons (e.g., to comply with a valid preservation order).

General Usage Data is kept in aggregate form. Analytics data may be retained to help us observe long-term trends, but this data is usually not identifiable to you personally. If we do store any usage logs tied to your account (for security auditing, etc.), we keep them for no more than necessary – typically they are rotated or anonymized after 12 months. In determining retention periods, we consider factors like the nature of the data, why it is collected, and the 25 

sensitivity of it, as well as any legal requirements for retention . For example, we may retain records of customer support communications or subscription payments for a longer period if required for accounting or legal compliance.

Account Deletion: You have the right to delete your account (and all personal data associated with it) at any time. You can initiate account deletion in the app settings or by contacting us at our support email. Once we verify your request, we will deactivate your Ekko account and delete your personal data. Note that conversations or insights you had deleted before may not be part of any export since they’re already gone. Also, if you were part of some beta test or feedback program, we might retain non-personal aggregated info from that (but nothing identifiable to you). After account deletion, if you ever wish to use Ekko again, you would need to sign up afresh as we won’t retain your old credentials or data.

6. Your Privacy Rights

As an Ekko user, especially if you are a California resident, you have certain rights regarding your personal information:

Right to Know and Access: You can ask us to confirm what personal information we have collected about you and to provide a copy of that information. This includes the categories of personal info, our purposes for collecting it, the categories of sources, and the categories of third parties with whom we share it (which this Policy already outlines). We will provide this information in a portable format, to the extent required by law.

Right to Deletion: You can request that we delete personal information we have collected from you (subject to some exceptions). As described above, you are also able to delete content and even your whole account on your own. If you send us a verified deletion request, we will delete your account info and any remaining data (aside from information we may legally need to retain) . Exceptions: We might retain data needed to complete an ongoing transaction you initiated, to detect fraud or security issues, to comply with a legal obligation, or other such exceptions permitted by the CCPA (California Consumer Privacy Act) and similar laws . We will let you know if any such exception applies when fulfilling your request.

Right to Correct: If any of your information is inaccurate or outdated, you have the right to correct or update it. Most basic profile info can be updated directly in-app. For other corrections, contact our support.

Right to Opt-Out of “Sale” or Sharing: Ekko does not sell your personal data to third parties . We also do not share it for cross-context behavioral advertising. Therefore, there is no need to opt out of sale – we don’t engage in that practice. If in the future we ever considered personal data sharing that could be deemed a “sale” under CCPA, we would update this Policy and provide a clear opt-out mechanism.

Right to Non-Discrimination: We will never penalize you for exercising your privacy rights. If you choose to delete data or opt out of certain processing, we will not deny you the Ekko service or provide a lesser experience, beyond what is a direct consequence of not having that data. (For instance, if you don’t allow us to use any conversation data, obviously some Ekko features might not function – but we won’t otherwise restrict features or change your pricing).

How to Exercise Your Rights: To make any privacy requests, you can contact us at •  

[email protected]. For California residents, you may also use the dedicated request methods listed in our “California Privacy Notice” (if provided separately). We will need to verify your identity for security (for example, by having you email from your registered email or providing some information we have on file) before fulfilling certain requests. Authorized agents: If you have an authorized agent make a request on your behalf, we will require proof of their authority and your identity, as per CCPA regulations.

7. Children’s Privacy

Ekko is not intended for anyone under the age of 18. We do not knowingly solicit or collect personal information from children or minors. By using our service, you represent that you are at least 18 years old. This age restriction aligns with the nature of our service (dating advice) and is in place to protect younger users.

We also do not target or market Ekko to children. In compliance with the Children’s Online Privacy Protection Act (COPPA) and other laws, if we ever learn that we have inadvertently collected personal data from an individual under 13 (or under 18, in California’s case for certain data types), we will promptly delete that information. If you are a parent or guardian and discover that your underage teen or child has created an Ekko account or provided us with personal information, please contact us immediately so we can take appropriate action to remove the data.

8. Data Security Measures

We take security very seriously and employ administrative, technical, and physical safeguards to protect your personal information against unauthorized access or disclosure:

Encryption: All communication between the Ekko app and our servers (and between our servers and third-party AI services) is encrypted in transit via HTTPS (TLS). Additionally, personal data stored in our databases or cloud storage is encrypted at rest. For example, our cloud provider uses AES-256 13 server-side encryption for stored data . This means that even if someone were to obtain the storage drives, the data would be unreadable without the encryption keys.

Access Controls: Access to production databases and servers is limited to authorized personnel who require it for their job (engineers or administrators on a need-to-know basis). We use authentication, access logs, and, where possible, role-based access to ensure only the minimum necessary access is given. Our team is trained on privacy and security practices, and all employees with access to sensitive data sign confidentiality agreements .

Device and Network Security: EchoEQ.ai’s internal systems are protected by firewalls and regular security audits. We keep our software and third-party libraries updated to address security vulnerabilities. We also periodically run security assessments; for cloud infrastructure, we rely on providers with strong security certifications (like SOC 2, ISO 27001) .

Testing and Monitoring: We utilize tools to monitor for suspicious activities or unauthorized access attempts. Any unusual login to our systems or patterns of data access triggers alerts for investigation. We may also employ third-party security testing (penetration tests) to probe our system for weaknesses and fix them proactively.

No Guarantee: Despite all these measures, please understand that no app or website can be 100% secure. The transmission of data over the internet and the electronic storage of data carry inherent risks. We cannot guarantee absolute security . However, we continuously update our security practices in line with industry standards to minimize risk. In the unlikely event of a data breach affecting your personal information, we will notify you and relevant authorities as required by law, and we will take immediate steps to mitigate the impact.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by appropriate means – for example, by emailing you (using the email address tied to your account) or by displaying a prominent notice in the app . The “Last Updated” date at the top will always indicate when the latest changes were made. We encourage you to review this Policy periodically so you are aware of any updates.  

If you continue to use Ekko after a Privacy Policy update, that constitutes acceptance of the revised terms. If you do not agree with any changes, you should stop using the service and can request deletion of your data as described.

10. Dispute Resolution

For any disputes, claims, or concerns arising from this Privacy Policy or our handling of your personal data, please refer to the Dispute Resolution and Arbitration terms in Section 12 of our Terms of Service (see https://echoEQ.ai/terms),  which are incorporated by reference into this Privacy Policy.

These Terms include a binding arbitration agreement, class action waiver, and an opt-out right, all of which apply to disputes regarding data privacy to the fullest extent permitted by law.

11. Contact Us

If you have any questions, concerns, or feedback about this Privacy Policy or Ekko’s data practices, please contact us:

echoEQ.ai LLC (Ekko Support)

Email: [email protected] (support inquiries & privacy requests)

We are here to help and will respond to your inquiries as soon as possible, typically within 30 days. Your trust is extremely important to us, and we welcome your questions or comments regarding privacy.

By using Ekko, you acknowledge that you have read and understood this Privacy Policy. Thank you for entrusting us with your dating journey – we are committed to safeguarding your data every step of the way.