Furcrush

Privacy Policy

Last updated: May 15, 2026

This document is provided in English only. The English version is legally controlling.

1. Who We Are

Furcrush is an independent adult AI companion platform operated from Portugal. We are the data controller for the personal data described in this policy.

Full legal entity details and physical contact information are not published on this page to protect the operator from spam and abuse, but are available on written request to any competent supervisory authority. To contact us about privacy or data requests, use the dedicated support channel linked from the website footer.

Scope of this Policy.Capitalised terms used here ("Website", "Bot(s)", "the Service", "Interactive actions") have the meanings defined in Section 3 of our Terms of Service. In short: the Website (furcrush.com) is a static marketing and legal presence; the Service — the AI companion experience — is provided exclusively by the Bot(s) on the Telegram platform. Personal data in the sense of GDPR is processed by us almost entirely in connection with the Service; the Website collects only anonymous traffic analytics and a local-storage age-gate flag on the visitor's own device.

1a. Legal Basis for Processing

We process your personal data under the following GDPR Article 6 grounds:

  • Contractual necessity (Art. 6(1)(b)) — processing chat messages, memory, and subscription data is necessary to provide the AI companion service you signed up for.
  • Legal obligation (Art. 6(1)(c)) — content safety screening to prevent illegal material, tax and billing record retention.
  • Legitimate interests (Art. 6(1)(f)) — abuse prevention and service security. You can object to processing based on legitimate interests at any time (see Section 8).
  • Explicit consent (Art. 9(2)(a))— because chat content may include sensitive personal data (Art. 9) introduced by you during free-form conversation with the Bot(s), you provide explicit consent to processing such data via the 18+ age-gate step inside the Bot's onboarding flow. The Website itself does not collect or process any Art. 9 data.

2. Data We Collect

Data you provide:

  • Telegram user ID — account identification
  • Display name — personalization (per character)
  • Language preference — localization (per character)
  • Chat messages — AI response generation
  • Subscription status — service delivery
  • Photos you send to the bot (Premium only) — an AI vision model generates a short text description for the chat context; the original image is not written to our database

Data generated by the service:

  • Conversation summaries — memory/context for AI
  • Memory facts (embeddings) — long-term AI memory
  • Achievement progress — gamification
  • Content safety flags + violation counters — moderation
  • Connection metadata (IP address, user agent) may be processed transiently by our hosting and CDN providers for fraud prevention and service delivery; we do not persist this data in our own database

Website data:

  • We use Cloudflare Web Analytics (privacy-friendly, anonymous)
  • No advertising cookies or tracking pixels
  • See our Cookie Policy

3. How We Use Your Data

  • Generating AI responses to your messages
  • Maintaining conversation memory and context
  • Content moderation and safety enforcement
  • Service notifications (changelog updates)
  • Complying with legal obligations

4. How We Do NOT Use Your Data

  • We do NOT sell your data to third parties
  • We do NOT share conversations with advertisers
  • We do NOT read your private conversations
  • We do NOT use your data for targeted advertising

5. Sub-processors (GDPR Art. 28)

We use a small number of named sub-processors to operate the service. Each processes your data under a Data Processing Agreement (DPA) and is contractually bound to the same confidentiality and security standards we apply to ourselves. We send each processor only the data strictly needed for its function.

ProcessorPurposeData sharedRegion
SupabaseManaged Postgres hostingAll account, chat, memory, and achievement data; encrypted at rest (AES-256) and in transit (TLS)EU
OpenRouterAI model routing (chat, summarization, vision, embeddings, content safety classifier)Text of your messages + conversation context needed to generate a reply or classify a safety verdict; no persistent user identifier attachedUS (SCCs apply)
CloudflareCDN, DDoS protection, static asset hosting (images), website deployment (Pages), privacy-friendly analyticsConnection metadata (IP, user agent) for website visits; image URLs fetched over CDN; cached static assetsGlobal edge (data processed near visitor)
RailwayBot runtime hostingProcess memory during request handling; no persistent DBUS (SCCs apply)
GPU image-gen infrastructure
(when enabled for Premium)		AI image generationImage prompt text (only after the prompt passes our content-safety classifier — see the Content Policy); no persistent user identifier attached; generated images then uploaded to Cloudflare R2US / EU (SCCs apply)
GPU text-to-speech infrastructure
(when enabled for Premium)		AI voice synthesisText of the bot's response to be voiced (only after it passes our content-safety classifier — see the Content Policy); no persistent user identifier attached; generated audio then uploaded to Cloudflare R2US / EU (SCCs apply)
TelegramMessage delivery platform and Premium subscription billing via Telegram StarsYour Telegram profile and all messages sent/received in the bot, handled under Telegram's own Privacy Policy. For Premium purchases, Telegram processes the Stars payment and shares with us the charge ID, Stars amount, and invoice payload — no card or banking details are ever transmitted to usOperated independently

Lawful disclosure requests: we disclose data only when compelled by a lawful binding request from a competent authority, and only what is specifically required by that request.

Non-EU transfers: where a processor is located outside the EU/EEA, transfers are protected by Standard Contractual Clauses (SCCs) or an applicable adequacy decision (e.g. the EU-US Data Privacy Framework).

6. Data Retention

  • Active account data — duration of account
  • Chat messages — until the user erases them (per character) or the account is deleted
  • Messages that trigger a safety flag — not stored in our conversation history; our moderation layer drops them before any write to the database
  • Post-ban conversation history — retained so that automated bans can be reviewed under GDPR Art. 22 if you appeal. Banned users can request full cross-character erasure at any time via the /erase command (the dedicated banned-account escape hatch) or the support channel
  • Banned user records — indefinite (Telegram user ID, ban reason, violation counters, and a metadata-only violation log with category / direction / timestamp — never the message text) to prevent re-registration and to respond to lawful binding requests from competent authorities

7. Data Erasure

Per-character erasure (/reset command). Each of our characters is an independent relationship. The /resetcommand (or the equivalent "Erase Memory" button in that character's /set menu) deletes your conversation history, memories, summaries, and identity with that one character only. Your data with any other character is left intact. Achievements are preserved by default and have a separate "Reset achievements" button inside the achievements screen.

Full-account erasure. To erase everything across every character at once, you can either run /reset on each bot you have used, or contact the support channel linked from the website footer with a short request. We will process support requests within 30 days as required by GDPR Art. 12(3). We retain only the minimum ban metadata (block status, ban reason, violation counters) as permitted under Art. 17(3)(b) and (e).

Retention after a ban. When an account is permanently banned for policy violations, we do not automatically purge the prior conversation history. Bans are automated and you have the right under GDPR Art. 22 to contest them; keeping the history allows a human reviewer to examine the context of the decision during an appeal. Banned users can still request full cross-character erasure at any time with the /erase command — it is the dedicated escape hatch for banned accounts so you can exercise your right of erasure (Art. 17). The regular per-character /reset command is silently disabled while a ban is active. We retain only the minimum ban metadata listed in Section 6.

8. Your Rights

The rights below are granted to residents of the European Union, the European Economic Area, and the United Kingdom under GDPR (and UK GDPR for UK residents). If you reside elsewhere, your data-protection rights are governed by the laws of your jurisdiction.

(EU/EEA/UK residents.) As a data subject, you have the right to:

  • Access (Art. 15) — request a copy of your personal data
  • Rectification (Art. 16) — correct inaccurate data
  • Erasure (Art. 17) — delete your data ("right to be forgotten")
  • Restriction (Art. 18) — restrict processing
  • Portability (Art. 20) — receive data in machine-readable format
  • Object (Art. 21) — object to processing of your personal data that is based on our legitimate interests (such as fraud prevention via the violation log, or internal service analytics). On objection, we will either stop the specific processing or demonstrate compelling legitimate grounds that override your interests. This right does NOT apply to processing that is necessary to deliver the service you requested (chat handling, account state, payment records) — for those, your remedy is account erasure via the bot's /erase command (Art. 17), which ends your use of the Service.
  • Withdraw consent — at any time, without affecting processing carried out before the withdrawal
  • Human review of automated decisions (Art. 22) — content safety bans are issued automatically when the violation threshold is reached. You may appeal any such decision and have it reviewed by the operator (a human) via the support channel.

To exercise any of these rights, contact us via the support channel linked from the website footer. We respond within 30 days as required by GDPR Art. 12(3).

Right to lodge a complaint (Art. 77, EU/EEA residents)

If you reside in the EU or EEA and believe your data rights have been violated, you have the right to lodge a complaint with a supervisory authority in your member state of residence, place of work, or the place of the alleged infringement. In Portugal the competent authority is the Comissão Nacional de Protecção de Dados (CNPD), www.cnpd.pt. A list of all EU authorities is available at edpb.europa.eu.

9. Data Security

  • In transit: TLS 1.2+ for every connection between the bot, the website, the database, and all sub-processors
  • At rest: AES-256 encryption on the managed Postgres instance; image and audio assets stored in Cloudflare R2
  • Access control: the database is reachable only by the bot runtime over an authenticated, SSL-enforced connection
  • Moderation: content-safety classification is automated; no human routinely reads private conversations
  • Operator access: the platform operator has admin-level database access strictly for service operation (debugging, troubleshooting, processing data-rights requests, and human review of automated decisions under GDPR Art. 22). Such access is not used for reading private conversations outside of those specific, legally-grounded purposes

10. Children's Privacy

Our service is strictly for users 18+. We do not knowingly collect data from anyone under 18. Underage accounts are immediately deleted upon discovery.

11. Automated Decision-Making

Our content safety layer automatically flags — and in some cases bans — users whose messages violate the Content Policy. There are two paths, both within the scope of GDPR Art. 22:

  • Counter-based bans. A classifier violation in one of the acting categories increments a counter; once the threshold of 5 violations is reached, the account is permanently banned.
  • Second-strike CSAM bans. The child-safety category runs a stricter parallel counter: a single detection issues a warning that explicitly names the one-more-strike rule, and a second detection results in an immediate permanent ban. Because this decision has significant effects on the user and is taken solely by automated means, it falls squarely within GDPR Art. 22.

You have the right to obtain human intervention on the part of the controller, to express your point of view, and to contest any such decision. Appeals are reviewed by the operator personally within 14 days. Contact the support channel linked from the footer to initiate an appeal; your account remains in its post-ban state during the review.

12. Changes

We may update this policy from time to time. Material changes will be notified via in-app or in-website announcement before they take effect. The "last updated" date at the top of this page reflects the most recent revision.