Homii (“we”, “us”, “the app”) is a companion chat app where you can talk with AI characters. This policy explains what personal data we collect, how we use it, who we share it with, and your choices. By using Homii you agree to this policy.
The following stays on your device by default and is not sent to our servers unless you export it:
This data is stored in the app’s private storage. You can delete any entry — or wipe everything — from inside the app at any time (Settings → Privacy → Delete all data). You can also export a full copy as a ZIP file before deleting.
Homii does not require a named account. By default your data is tied to an anonymous customer ID generated locally on first launch.
You may optionally link a Google or Facebook account. We do this so that your Hearts (Tim) balance, subscription, and purchase history follow you across devices and reinstalls. When you link:
You can request deletion of the linked account from inside the app (Settings → Account → Delete account). This sends a confirmation email and, if confirmed, permanently deletes your account record after a 48-hour grace period.
Homii works on three tiers:
When a cloud message is sent, the following flow applies:
api.homii.chat.We do not persistently store your chat content on our servers. The proxy is stateless — messages pass through and are not logged to permanent storage. We retain only minimal request metadata (timestamp, anonymous customer ID, token count, Hearts debit) for quota enforcement, billing accuracy, and abuse prevention; this metadata is kept for at most 30 days, except billing-related ledger entries which are retained for tax/accounting purposes for up to 5 years.
Upstream AI providers may retain content temporarily per their own policies. See “Sub-processors” below.
When you tap the microphone in voice mode, audio captured by your device’s microphone is streamed in real time over an authenticated WebSocket connection to our proxy at api.homii.chat. The proxy forwards the audio stream to Google’s Gemini Live API, which transcribes the audio and generates a spoken reply. The reply audio streams back to your device.
We do not store voice audio on our servers. Audio passes through the proxy in transit only. Google’s Gemini Live API may process audio temporarily per its own policy.
Voice chat is metered per-token (~48 Hearts per minute of conversation, billed in real time). Free users with sufficient Hearts may use voice chat; subscription is not required, but Companion+ Premium subscribers receive priority voice quality and a larger Hearts grant.
If you attach an image to a chat, the image bytes are sent through our proxy to Gemini so the character can describe or react to it. Images are not stored on our servers and are not retained by us after the reply is streamed back.
When you create a custom character, your character traits (gender, age, occupation, relationship type, personality tags, optional reference photo if you upload one) and a generated text prompt are sent to our proxy and forwarded to Google’s Gemini Image API. The generated portrait images are returned and stored on your device. Reference photos you upload are sent only for that single generation request and are not retained.
Hearts are an in-app currency used to pay for AI features (chat, voice, image generation). We maintain a per-user ledger on our proxy that records:
This ledger does not contain chat content, voice transcripts, or images. It is kept for the lifetime of the account plus billing-record retention required by law.
If you submit a bug report through Settings → Help & feedback, the app:
Reports are stored in a small SQLite database on our proxy (/var/lib/homii/bug-reports.db). Backups are kept 30 days. Reports are reviewed only by SukiDesign engineering and are deleted once the bug is fixed.
We use the following third parties to operate the service. Each processes data only as described below:
| Processor | Role | Data processed |
|---|---|---|
| Google LLC — Gemini API (terms) | AI model inference (chat, voice, vision, image generation) | Chat content, voice audio (live), attached images, character persona, recent turns. Google’s paid Gemini API does not use your prompts to train its models. |
| OpenRouter, Inc. (privacy) | AI inference fallback gateway | Same as Gemini, only when the direct path is unavailable. |
| Google Sign-In (privacy) | Optional account login | Verified email, Google user ID. Used only when you tap “Sign in with Google”. |
| Meta Platforms (Facebook Login) (privacy) | Optional account login | Verified email, Facebook user ID. Used only when you tap “Sign in with Facebook”. |
| RevenueCat, Inc. (privacy) | Subscription & purchase management | Anonymous customer ID, Google Play subscription receipts, purchase events. No chat content. |
| Google Firebase — Analytics & Crashlytics (privacy) | Product analytics + crash reporting | Non-PII events (onboarding_completed, first_chat_sent, paywall_shown, purchase_started, etc.); device model, OS version, app version, crash stack traces. No chat content, no name, no email. |
| Cloudflare, Inc. (privacy) | Edge proxy (TLS, DDoS), Pages hosting (homii.chat), R2 storage (voice samples at cdn.homii.chat) |
IP address, TLS metadata. Cloudflare retains access logs for up to 7 days. R2 serves static voice sample files only. |
| Vultr Holdings (privacy) | Server hosting (Singapore region) | Server processes data transiently; no persistent chat storage. |
| Google AdMob (ads policy) | Rewarded video ads (free tier earns Hearts) | Advertising ID, approximate device info, ad interaction events. Can be reset or opted out via Android Settings → Privacy → Ads. |
| Gmail SMTP | Transactional email (account deletion confirmation, security alerts) | Your email address (Google / Facebook OAuth) and the deletion-confirmation token. Used only when you initiate account deletion. |
| Google Play Billing | Subscription & pack payments | Handled entirely by Google. We never see your card or bank details. |
Homii uses Firebase Analytics to measure funnel events without personally-identifying parameters. Examples include:
onboarding_completed — first-time setup finishedfirst_chat_sent — first message sent (no content)paywall_shown — subscription gate appeared (with non-PII trigger key)purchase_started / purchase_completed — purchase events with product IDcharacter_created — custom character created (no traits)voice_session_started — voice chat openedHomii uses Firebase Crashlytics to collect crash stack traces, device model, OS version, and app version when the app crashes. We do not attach user identifiers to crash reports and we do not log chat content, names, or free-text you typed.
You can stop analytics by toggling “Share usage data” off in Settings → Privacy. You can also opt out at the OS level via Android Settings → Google → Ads → Opt out of Ads Personalization.
Subscriptions and one-time Hearts packs are processed by Google Play Billing. We receive only the subscription status (active / expired / in-trial) via RevenueCat and the purchase confirmation for packs — never your payment details.
You can cancel subscriptions at any time in Google Play → Subscriptions. Cancelling stops renewal; access remains until the end of the paid period. Hearts packs are non-refundable consumables once delivered, per Google Play’s policy.
Homii is rated for users 18 years and older. The app is not directed at children. If you are under 18, please do not use Homii. We do not knowingly collect data from children under 13. If you believe a child has used the app, contact us at contact@homii.chat and we will delete associated data.
You have the right to:
You can also request deletion from the web. We respond within 30 days.
Our primary proxy region is Singapore (Vultr). Cloud AI providers (Google, OpenRouter) may process your requests in the United States or the EU depending on routing. Firebase servers are in the United States. By using Homii you consent to these transfers. We rely on Google’s Standard Contractual Clauses (SCCs) and equivalent safeguards for transfers outside your country.
We use TLS 1.2+ for all network traffic, JWT authentication between the app and our proxy with short-lived (1-hour) access tokens, and HMAC-signed RevenueCat webhooks. Proxy servers are kept in a private network behind Cloudflare. We do not store API keys for upstream AI providers in the mobile app — they live only on our proxy server. SSH access to the proxy is restricted to a non-default port and a single admin user; brute-force attempts are blocked by fail2ban.
No system is perfectly secure. If you believe you’ve found a vulnerability, please report it to contact@homii.chat.
Homii’s characters are AI personas generated by large language models. Replies are fictional and may be inaccurate, biased, or inappropriate. Homii is not a substitute for licensed mental-health care, medical advice, legal advice, or professional counselling. If you are in crisis, please contact a local hotline (the app shows hotlines when it detects crisis keywords) or call your country’s emergency number.
For questions, data requests, or complaints, contact: contact@homii.chat
Mailing address: SukiDesign, Vietnam. (Specific mailing address provided on request.)
We may update this policy as Homii evolves. The “Last updated” date at the top reflects the latest revision. Material changes will be noted in-app and, where required, require your re-consent before continued use.