← Back to Home

Privacy Policy

How we collect, use, and protect your information

Last Updated: March 3, 2026

This Privacy Policy explains how Good Humans Inc. (doing business as BabyMilu, "we," "us," or "our") collects, uses, processes, stores, and shares personal information when you use BabyMilu products and services, including the BabyMilu plush device, mobile applications, websites, voice services, and related features (collectively, the "Services").

Use of the Services requires AI processing as described below. By creating an account or using the Services, you consent to this processing.


1. Information We Collect

1.1 Information You Provide

We collect information you choose to provide, including:

  • Account information (name, email address, phone number)
  • Profile information (nickname, personalization preferences, character settings)
  • Messages and conversation content
  • Journal entries
  • Reminder content
  • Uploaded images
  • Voice recordings
  • Feedback and support communications
  • Payment and transaction information (processed by third-party payment providers)

1.2 Information Collected Automatically

We may automatically collect:

  • Device information (device type, operating system, app version)
  • IP address
  • Usage information (features used, interaction timestamps)
  • Diagnostic and crash data

2. How We Use Information

We use personal information to:

  • Provide and operate the Services
  • Generate AI-powered character responses
  • Personalize user experiences and memory features
  • Process reminders and journal functionality
  • Provide voice and image features
  • Improve, train, and develop our own AI systems
  • Provide customer support
  • Detect misuse and ensure platform safety
  • Comply with legal obligations

We do not sell personal information.


3. AI Processing and Third-Party Service Providers

BabyMilu relies on third-party AI and infrastructure providers to operate core functionality.

3.1 Data Transmitted to OpenAI

When you use AI-powered features, we transmit the following categories of data to OpenAI via secure API:

  • Messages you submit
  • Full conversation history necessary to generate contextual responses
  • Stored memory and personalization data associated with your account
  • Journal entries
  • Reminder content
  • Profile information used for personalization
  • Transcribed voice input
  • Raw voice recordings for speech-to-text processing
  • Uploaded images

This data is transmitted to our servers and then forwarded to OpenAI solely for the purpose of generating AI responses and related functionality.

Payment information is not transmitted to OpenAI.

OpenAI processes this data as a service provider on our behalf. Data sent through the OpenAI API is not used by OpenAI to train its models and is retained by OpenAI for a limited period (currently up to 30 days) for abuse monitoring purposes only.

3.2 Voice Synthesis (Text-to-Speech)

We use ElevenLabs to generate voice output.

Only AI-generated text is transmitted to ElevenLabs for text-to-speech processing. We do not transmit user voice recordings to ElevenLabs.

3.3 Cloud Hosting and Infrastructure

We use cloud infrastructure providers, including Google Cloud Platform (GCP), to host and store application data. These providers process personal information on our behalf and are contractually required to implement appropriate confidentiality and security safeguards.


4. Internal Use and Model Improvement

We may use user content, including conversations, journal entries, and related data, to improve, train, and develop our own AI systems and product features.

Such processing is conducted internally and subject to appropriate access controls and security safeguards.

OpenAI does not use data submitted through our API for model training.


5. Data Access and Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information.

Data is encrypted in transit using industry-standard encryption protocols.

Authorized personnel may access stored data solely for debugging, safety review, or customer support purposes. Access is limited to individuals with a legitimate business need.

No system can guarantee absolute security.


6. Data Retention

We retain personal information for as long as necessary to:

  • Provide the Services
  • Maintain user accounts and memory features
  • Improve and develop our systems
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

Retention periods vary depending on data type and operational needs.

Users may request deletion of their account and associated personal data through our support channels.


7. Sharing of Information

We may share personal information with:

  • OpenAI (AI processing)
  • ElevenLabs (text-to-speech)
  • Google Cloud Platform (hosting)
  • Payment processors
  • Analytics and infrastructure providers
  • Legal authorities if required by law
  • A successor entity in the event of merger or acquisition

All service providers are required to use personal information only for authorized purposes and to provide data protection safeguards consistent with industry standards.

We do not sell personal information.


8. International Transfers

Personal information may be transferred to and processed in the United States or other jurisdictions where our service providers operate.


9. Your Rights

Depending on your location, you may have rights to:

  • Access personal information
  • Request correction
  • Request deletion
  • Object to certain processing where applicable
  • Opt out of marketing communications

Requests may be submitted through official support channels.


10. Children's Privacy

The Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors.


11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Continued use of the Services after updates take effect constitutes acceptance of the revised policy.