Your Privacy Matters: How Konsort Protects Your Data

Privacy Is a Feature, Not an Afterthought

At Konsort, we believe that intimate conversations deserve the highest level of privacy protection. Here's exactly how we protect your data.

Encryption

Your OpenRouter API key (if you use BYOK) is encrypted at rest using AES-256-GCM before being stored in our database. We never store API keys in plaintext. The encryption key is kept separate from the database in our environment variables.

All data in transit is protected by HTTPS (TLS 1.3) across every connection. There are no exceptions — every API call, every page load, every WebSocket connection is encrypted.

Row-Level Security

Every table in our database has Row-Level Security (RLS) enabled. This means that even if there were a database vulnerability, users can only access their own data. Your conversations, characters, memories, and images are invisible to other users at the database level — not just the application level.

GDPR Compliance

We take the European General Data Protection Regulation seriously, regardless of where you live:

• **Right to Access** — Export all your data anytime from Settings > Privacy
• **Right to Erasure** — Delete your account and all data from Profile > Danger Zone. Deletion is permanent and completed within 30 days.
• **Right to Portability** — Export your conversations and character data in standard formats
• **Right to Object** — Granular control over marketing and analytics in notification settings

Cookie Consent

Our cookie consent banner defaults to **all non-essential cookies OFF**. Only essential cookies (authentication, session management) are active by default. You choose whether to enable analytics, marketing, personalization, and third-party cookies. The "Reject All" button is equally prominent to "Accept All" — no dark patterns.

Content Safety

All characters must be 18+ (enforced by minimum age slider of 18). Content rules are comprehensive and strictly enforced. The safe/spicy toggle gives you control over content intensity per conversation.

What We Don't Do

• We don't sell your data to third parties
• We don't train AI models on your private conversations
• We don't show ads based on your chat content
• We don't share your identity with character creators

Your companions are yours. Your conversations are private. That's a promise.