Privacy Policy
Effective date: 25 April 2025 Last updated: 25 April 2025
Dopplyn is a product operated by Spell Shield Pty Ltd (ABN 47 684 472 759), a company registered in South Australia, Australia. This Privacy Policy explains how we collect, use, store, and disclose personal information when you use the Dopplyn platform at dopplyn.com and any associated services (the "Platform").
We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in that Act. We are committed to handling your personal information in accordance with those principles.
References to "we", "us", and "our" mean Spell Shield Pty Ltd operating as Dopplyn. References to "you" mean you as an individual user of the Platform.
For privacy enquiries or to exercise your rights, contact us at privacy@dopplyn.com.
1. What Personal Information We Collect
From all users
When you create an account, we collect:
- Display name
- Email address
- Date of birth (used to verify that you are 18 years of age or older)
- IP address and approximate geolocation derived from it
- Device type, browser type, and operating system
- Usage data, including interactions with the Platform, session duration, and pages visited
From creators additionally
- Any content you upload to build your AI Persona, including text, images, audio, and other media
- Payment and payout information, which is collected and held directly by our payment processing partners — we do not store your full banking or card details on our systems
From fans additionally
- Subscription and transaction history (amounts, dates, creator subscribed to)
- Credit purchase history
- Conversation metadata (timestamps, credit usage) — we do not share the content of your conversations with creators or third parties
Automatically collected information
We collect certain information automatically when you use the Platform, including log data, cookies, and similar tracking technologies. This information is used to operate and improve the Platform, detect abuse, and ensure security. Please refer to our cookie notice below for further detail.
2. How We Use Your Personal Information
We use your personal information for the following purposes:
To provide and operate the Platform: Including creating and managing your account, processing subscriptions and credit purchases, operating AI Persona interactions, and processing creator payouts.
To verify eligibility: We use your date of birth to confirm that you meet the minimum age requirement of 18 years.
To process payments: Subscription and credit purchase transactions are processed by our payment processing partners. We share only the information necessary to process and reconcile your transactions. We do not sell or rent your payment data to any third party.
To communicate with you: Including sending account notifications, billing confirmations, policy updates, and responses to your enquiries.
To ensure safety and integrity: Including detecting and preventing fraud, abuse, prohibited content, and violations of our Terms of Service. This includes reviewing flagged content and, where required, cooperating with law enforcement.
To improve the Platform: We use aggregated and de-identified data to understand how the Platform is used and to develop new features and services. This data cannot reasonably be used to identify you.
To comply with legal obligations: Including obligations under Australian law and applicable international law where relevant.
3. AI Systems and Your Data
How AI Personas work
Creator Personas on the Platform are operated using third-party AI inference providers. When a fan interacts with a Persona, the conversation is processed by these AI systems in order to generate responses.
We do not use creator-uploaded content or fan conversation content to train any general-purpose AI model. Creator content is used exclusively to configure and operate the individual Persona it was uploaded for. Fan conversation content is used only to generate responses within that session and to maintain conversation history accessible to the fan.
Our AI inference providers are contractually configured to not retain or use content passed through their systems for model training purposes. These providers may process data on infrastructure located outside Australia, including in the United States. Please see clause 7 (Cross-Border Disclosure) for further information.
Conversation storage
Conversation data is stored on our platform infrastructure, which is operated by a third-party cloud infrastructure provider with servers located in Singapore. Conversations are accessible only to the fan who participated in them. Creators do not have access to individual fan conversation content.
We retain conversation data for as long as your account is active. If you delete your account, your conversation data will be deleted within 30 days, except where we are required to retain it for legal or safety reasons.
4. How We Disclose Your Personal Information
We do not sell your personal information to third parties.
We may disclose your personal information to:
Payment processing partners: To process transactions, manage subscriptions, and disburse creator payouts. These partners are subject to their own privacy policies and operate under applicable financial services regulations.
Cloud infrastructure providers: Our Platform is hosted on cloud infrastructure. Data is stored on servers that may be located outside Australia. See clause 7 for details.
AI inference providers: Conversation data is processed by our AI inference providers to generate Persona responses. These providers are contractually restricted from using this data for any purpose beyond providing the inference service.
Law enforcement and regulatory authorities: We will disclose personal information to Australian or international law enforcement where required by law, by court order, or where we have a good faith belief that disclosure is necessary to prevent serious harm, including harm to children.
Professional advisers: Including lawyers, accountants, and auditors, subject to confidentiality obligations.
In the event of a business transfer: If Spell Shield Pty Ltd is involved in a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction. We will notify you of any such change.
We will not disclose your personal information for any other purpose without your consent, except as required or permitted by law.
5. Security
We implement reasonable technical and organisational measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction. These measures include encryption of data in transit using TLS, access controls limiting internal access to personal data, and security monitoring of our platform infrastructure.
No method of transmission over the internet or method of electronic storage is completely secure. While we take reasonable precautions, we cannot guarantee absolute security.
If we become aware of a data breach that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner as required under the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth).
6. Data Retention
We retain your personal information for as long as your account is active and for a reasonable period thereafter to allow for dispute resolution, legal compliance, and account recovery.
Specific retention periods:
- Account information: Retained for the duration of your account and for up to 2 years after account closure
- Transaction records: Retained for 7 years as required under Australian tax and financial record-keeping obligations
- Conversation data: Retained for the duration of your account and deleted within 30 days of account closure, unless retention is required for legal or safety reasons
- Creator-uploaded content: Retained for the duration of the creator's account and deleted within 30 days of account closure
We will delete or de-identify personal information when it is no longer required for the purpose for which it was collected, subject to the exceptions above.
7. Cross-Border Disclosure
We are an Australian company and our primary operations are based in South Australia. However, some of the third-party providers we use to operate the Platform are located outside Australia. Personal information you provide to us may be stored or processed in:
- Singapore: Our cloud infrastructure provider stores Platform data, including account information and conversation data, on servers located in Singapore.
- United States: Our AI inference providers and payment processing partners are primarily based in the United States.
- European Union: Some payment processing partners operate infrastructure within the European Union.
We take reasonable steps to ensure that overseas recipients of your personal information are subject to privacy protections that are substantially similar to the Australian Privacy Principles. We do this through contractual arrangements with our service providers.
You acknowledge that by using the Platform, your information may be transferred to and processed in countries outside Australia. Australian Privacy Principle 8 may not prevent these transfers where you have consented or where we have taken the steps described above.
8. Cookies and Tracking Technologies
We use cookies and similar technologies to operate the Platform, remember your preferences, maintain your session, and analyse usage patterns. The types of cookies we use include:
Essential cookies: Required for the Platform to function. These cannot be disabled without affecting core functionality.
Analytics cookies: Used to understand how the Platform is used, including which features are most used and where errors occur. This data is aggregated and de-identified where possible.
Session cookies: Used to maintain your logged-in state during a session.
You can manage cookie preferences through your browser settings. Disabling certain cookies may affect your ability to use some features of the Platform.
9. Your Rights
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the following rights:
Access: You may request access to the personal information we hold about you by contacting privacy@dopplyn.com. We will respond within a reasonable time and in any event within 30 days.
Correction: If you believe personal information we hold about you is inaccurate, incomplete, or out of date, you may request that we correct it.
Complaints: If you believe we have breached the Australian Privacy Principles, you may make a complaint to us at privacy@dopplyn.com. We will respond within 30 days. If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner at www.oaic.gov.au.
Deletion: You may request deletion of your account and personal information at any time. We will process your request subject to our retention obligations described in clause 6.
If you are located in a jurisdiction with additional privacy rights, such as the European Union or the United Kingdom, you may have additional rights under applicable local law. Please contact us at privacy@dopplyn.com and we will make reasonable efforts to accommodate your request.
10. Children
The Platform is not directed to persons under 18 years of age. We do not knowingly collect personal information from persons under 18. If you believe a person under 18 has registered on the Platform or provided us with personal information, please contact us immediately at privacy@dopplyn.com and we will take steps to remove that information and close the relevant account.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this document. If changes are material, we will notify you by email or by a prominent notice on the Platform. We encourage you to review this Policy periodically.
12. Contact Us
For any privacy-related questions, access requests, correction requests, or complaints:
Email: privacy@dopplyn.com
For general enquiries: hello@dopplyn.com
Spell Shield Pty Ltd, Adelaide, South Australia, Australia.
Office of the Australian Information Commissioner: www.oaic.gov.au | 1300 363 992
This Privacy Policy was last updated on 25 April 2025.