Melou Privacy Policy
Last updated: February 26, 2025 | Effective date: February 26, 2025
Introduction
Welcome to Melou. This service is provided by Lychee Intelligence Co., Ltd.(Tax ID: 52793299, Address: 8F-1, No. 259, Section 1, Fuxing S. Rd., Da’an District, Taipei, Taiwan).
Melou is an anonymous app focused on self-writing, helping you see the traces of your thinking, understand yourself, and witness your growth. We believe the conversation you have with yourself should belong, as much as possible, only to you.
We designed this service around the following principles:
- We do not collect personally identifiable information
- We do not store your journal entries or conversations on our servers
- We keep your data on your device whenever possible
- We only collect the anonymous technical data needed to keep the service running
This policy explains how we handle, use, and protect your data.
What we do not collect
First, to put you at ease — Melou does not collect or store any of the following:
- The journal entries, notes, tags, or other text you write in the app
- The full content of your conversations with the AI (inputs and replies)
- Your name, email, phone number, address, or any other directly identifying information
- Cookies or identifiers used for behavioral advertising or cross-site tracking
- Behavioral profiles or personalized ad targeting built for specific users
In short, we do not send what you write in Melou to our servers for long-term storage or analysis.
Anonymous use and account model
- Using Melou does not require an account, nor any third-party sign-in
- We will not ask for your real name, email, phone number, or similar personal information
- By default, content created in the app is tied to your device, not to a cloud account
In the current version, Melou is used anonymously and with local storage.
Data we may process (none of which includes your content)
To keep the service running reliably, prevent abuse, and understand overall usage, our servers only process anonymous technical data that does not include your content:
Automatically collected anonymous data
| Data type | Description | Purpose |
|---|---|---|
| API usage stats | Number and type of AI requests | Maintain service quality, prevent abuse |
| Timing information | API call time, response latency | Performance monitoring and debugging |
| Anonymous technical identifier | Randomly generated device or install ID | Distinguish devices, block malicious abuse |
| Subscription status | Your plan (Free/Lite/Plus) | Provide the corresponding feature entitlements |
This data will not include:
- The actual text you enter
- The text the AI replies to you
- Any information that could be traced back to your identity or to specific journal content
Device permissions
The app may request the following device permissions:
- Microphone: for voice input, transcribing your speech into text
- Notifications: for sending weekly/monthly report reminders
You can manage or revoke these permissions at any time in your device’s Settings.
Where your data lives
Local storage (your device)
Your journal entries, reflections, tags, and full AI conversations are stored only on your device.
This data lives in the app storage provided by your operating system and is not uploaded to our servers for long-term storage.
Important: If you delete the app or choose “clear data” inside the app, the data will be removed from your device, and we cannot recover it for you.
Server side
Our servers do not retain the full text of your journals or conversations. Only you can see them (along with anyone who has physical access to your device).
AI processing and third-party services
To provide AI features (conversations, suggestions, weekly/monthly reports, and so on), Melou uses the following services:
1. Our AI servers
Some AI requests are sent to our servers for processing:
- Our servers only handle the necessary content temporarily during processing, and do not write journal or conversation content to any long-term database
- After processing, the server only keeps anonymous usage statistics — not your original inputs or outputs
- All communication is encrypted over HTTPS
2. Third-party AI APIs
In some cases, we may send your input text to third-party AI services (such as OpenAI) to generate a response. These services may run on servers located in the United States or other regions. How we handle this:
- We use paid or enterprise API plans
- These plans are configured so that API inputs/outputs are not used to train general models
- We follow a “minimum transmission” principle: only the text required by the feature at that moment is sent
Important note: These third-party services each have their own privacy policies governing how they handle API logs. We operate according to their official documentation, but we cannot make guarantees on their behalf that no form of technical log will ever be retained.
3. Subscription management (RevenueCat)
- Purpose: subscription management and in-app purchase processing
- Data collected: anonymous user identifier, purchase records
- Privacy policy: https://www.revenuecat.com/privacy
4. Anonymous analytics (TelemetryDeck)
- Purpose: anonymous usage analytics (no journal content)
- Characteristics: does not track personal identity
- Privacy policy: https://telemetrydeck.com/privacy
We make sure all third-party providers offer data protection that meets or exceeds the standards of this privacy policy.
Model training and data use
We apply the following principles to your data:
- We do not upload your journal or conversation content to the cloud to train our own models
- We do not sell or share your content with third parties for marketing or advertising
- If we ever introduce a “voluntary anonymous data contribution” program to improve the service, we will clearly explain it and obtain your consent beforehand
Data security
Security measures
- Encryption in transit: all network traffic uses HTTPS/TLS encryption
- Device attestation: we use Apple App Attest to verify device authenticity
- Secure storage: sensitive data is stored securely in the iOS Keychain
Security recommendations
Because Melou does not store journal content on a central server, the risk of a large-scale breach is relatively low. Still, we recommend that you:
- Set a strong passcode, biometric lock, or other secure unlock method on your device
- Avoid writing highly sensitive content where others can see your screen
- Keep your operating system and the app up to date to receive the latest security patches
Data retention
Anonymous usage logs
- Retained for as long as needed to achieve operational and security purposes
- Afterwards aggregated into statistics that cannot be traced back to individual devices, or deleted
On-device data (your journals and conversations)
- Entirely under your control; retention depends on whether you keep the app installed
- When you delete the app or clear data inside the app, the data is removed from your device
Subscription data
- Retained for the periods required by Apple and applicable laws
Your rights
Because we do not create identifiable user accounts and do not store your journal content in the cloud:
What you can do
- Delete data: delete the app or use the in-app clear function to remove all local data at any time
- Revoke permissions: revoke microphone or notification permissions in your device settings
- Manage your subscription: visit Apple’s subscription management page to manage or cancel your subscription
What we cannot do
- We cannot export, download, or send you a specific user’s journal content (because we do not store it)
- We cannot query, modify, or delete a specific user’s server-side content (because we do not store it)
- We cannot recover data you have already deleted
If you have any questions about how your data is handled, you are still welcome to contact us.
Children and teens
Melou is rated 16+ in the App Store. It is not designed for children and does not intentionally identify or collect personal data from children. If you are a parent or guardian and have concerns about a child or teen using this app, please contact us and we will help address them.
Policy updates
We may update this privacy policy due to feature changes, regulatory changes, or security considerations.
If there are material changes, we will notify you by:
- Showing an update notice in the app
- Clearly indicating the update in the version release notes
- Updating the “last updated” date at the top of this page
Unless otherwise noted, the new privacy policy takes effect on the date of publication.
Contact us
If you have any questions, suggestions, or requests about this privacy policy, please contact:
- Email: hi@melou.app
Governing law
This privacy policy is established under the Personal Data Protection Act of Taiwan.
This privacy policy is written in Traditional Chinese. In case of any discrepancy between a translated version and the Chinese version, the Chinese version shall prevail.