top of page
TwinlyAI,-Inc.-logo
KEEP ME UPDATED

TwinlyAI
Privacy Policy

Effective Date: April 02, 2026

TwinlyAI, Inc., a Delaware corporation, including when operating under the DBA, trade name, or brand CoolnessAI, respects privacy and is committed to protecting personal information. This Privacy Policy explains how TwinlyAI, Inc. (“Company,” “we,” “us,” or “our”) collects, uses, discloses, stores, and protects personal information in connection with our Services.

The terms “you,” “your,” “User,” or “Customer” refer to any individual, business, organization, entity, or other person that accesses, accepts, purchases, subscribes to, receives, or uses the Services. “Services” refers, individually and collectively, to Company websites, products, services, software, applications, platforms, APIs, tools, technologies, content, features, accounts, and related offerings, including, but not limited to, free, preview, trial, beta, paid, subscription-based, one-time, usage-based, application-based, or otherwise made available by Company. This Privacy Policy applies to information collected through or in connection with the Services, including twinlyai.com, coolness.ai, Company-operated websites, accounts, applications, communications with us, and other interactions with Company.

This Privacy Policy should be read together with our Universal Terms of Service (“UTOS”) and any other Company-provided terms that apply to particular Services. If you do not agree with this Privacy Policy, you should not use the Services.

1. Jurisdiction-Specific Rights and Applicable Law

Certain rights, choices, notices, disclosures, limitations, and protections described in this Privacy Policy apply only to residents of particular jurisdictions or only where required by applicable law. Where applicable law requires a different or additional privacy right, notice, choice, restriction, or protection, we will comply with that law to the extent required.

Nothing in this Privacy Policy is intended to limit rights that cannot be limited under applicable law. Unless expressly stated otherwise, this Privacy Policy is not intended to provide rights beyond those required by applicable law.

If any provision of this Privacy Policy is found to be inconsistent with applicable law, that provision will apply only to the maximum extent permitted by law, and the remaining provisions will remain in effect.

2. California Notice at Collection

This section is intended to serve as our California Notice at Collection where required by California law. It provides a categorical summary and should be read together with the rest of this Privacy Policy. The examples below are illustrative and not exhaustive. The personal information we collect, use, disclose, retain, sell, or share may vary depending on the Services used, Customer choices, account settings, integrations, applicable law, and our relationship with Customer.

We may collect categories of personal information that include, but are not limited to, identifiers; account, billing, commercial, and transaction information; device, internet, network, usage, log, diagnostic, analytics, and security information; Customer Content and Service data; approximate location information; communications and media; preferences, settings, inferences, and similar information; and sensitive personal information where submitted by Customer, authorized by Customer, permitted by the applicable Service, or otherwise allowed by law.

We may use these categories of personal information for the business, commercial, operational, security, compliance, legal, product-development, service-improvement, analytics, safety, fraud-prevention, account-administration, payment, communication, support, personalization, artificial-intelligence, automation, and other purposes described throughout this Privacy Policy.

We may disclose these categories of personal information to the categories of recipients described in this Privacy Policy, including, but not limited to, service providers, contractors, vendors, payment processors, hosting providers, analytics providers, security providers, support providers, professional advisors, account administrators, third-party integrations authorized by Customer, legal or governmental recipients, successors, affiliates, and other recipients permitted by law.

We do not sell personal information for money. Certain analytics, advertising, measurement, partner, or similar activities may be considered a “sale,” “sharing,” “targeted advertising,” or similar processing where applicable law defines those terms broadly. Where required by applicable law, we will provide required notices and choices.

We retain personal information based on the criteria described in the “Retention of Personal Information” section, including, but not limited to, the type of information, Services used, Customer settings, legal requirements, security needs, business needs, operational requirements, deletion controls, backup processes, and lawful purposes for continued retention.

We do not knowingly collect categories of personal information for purposes that are incompatible with the disclosed purposes without providing additional notice where required by law.

3. Personal Information We Collect

We may collect personal information directly from you, automatically when you use the Services, from third parties, or from integrations, devices, platforms, or services that you choose to connect to or use with the Services.

“Personal Information” means information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be linked to an individual or household. Depending on applicable law, similar terms such as “personal data” may have the same or a similar meaning.

3.1 Information You Provide

We may collect information you provide to us. This may include, but is not limited to, account, contact, business, billing, transaction, subscription, purchase, payment, support, preference, consent, permission, configuration, verification, and similar information. It may also include Customer Content, such as prompts, files, uploads, messages, communications, instructions, data, feedback, and other materials submitted to or processed through the Services.

3.2 Information Collected Automatically

When you access or use the Services, we may automatically collect information about your device, browser, network, interactions, configuration, connections, and usage. This may include, but is not limited to, IP address, device identifiers, browser and operating-system information, application version, language settings, approximate location, logs, access times, pages or features viewed, links clicked, actions taken, usage data, performance data, diagnostic data, crash reports, security logs, analytics data, cookie identifiers, advertising identifiers, local storage data, pixels, SDK data, and similar technical or interaction information.

3.3 Information From Third Parties and Connected Services

We may receive information from third parties or connected services. This may include, but is not limited to, information from service providers, vendors, analytics providers, hosting providers, security providers, payment processors, app stores, identity providers, support providers, business partners, integration partners, referral sources, public sources, commercially available sources, other users, fraud-prevention services, compliance services, verification services, and third-party applications, accounts, APIs, platforms, or services that you connect to or authorize for use with the Services.

3.4 Sensitive or Regulated Information

The Services are not intended for the submission of sensitive, restricted, or regulated information unless the applicable Service expressly permits it or a separate written agreement with Company allows it. You should not submit sensitive personal information, protected health information, payment-card data outside approved payment flows, government identifiers, biometric information, children’s information, or other regulated information unless you are authorized to do so and such use is permitted by the applicable Service, this Privacy Policy, the UTOS, and applicable law.

Where applicable law requires consent or a specific right regarding sensitive personal information, we will seek consent or provide the required right to the extent required by that law. If you submit personal information about another person, you are responsible for having all rights, permissions, notices, consents, and lawful bases necessary to provide that information to us and to allow us to process it as described in this Privacy Policy.

4. How We Use Personal Information

We may use personal information for legitimate business, commercial, operational, security, compliance, legal, product-development, and service-improvement purposes. These purposes may include, but are not limited to:

providing, operating, maintaining, supporting, securing, personalizing, and improving the Services; any other purpose disclosed at the time of collection, authorized by you, reasonably necessary and proportionate to the disclosed purpose where required by law, or otherwise permitted by applicable law.

marketing, promoting, or providing information about Company, the Services, features, offers, events, or other matters that may be of interest, where permitted by law and subject to available choices; and

conducting audits, internal controls, recordkeeping, accounting, legal, compliance, and business-administration functions;

protecting the rights, safety, security, property, operations, reputation, and interests of Company, users, third parties, and the public;

enforcing our UTOS, policies, agreements, rights, and remedies;

  1. creating, managing, authenticating, verifying, supporting, and administering accounts;
  2. processing purchases, subscriptions, payments, billing, refunds, chargebacks, taxes, and related transactions;
  3. processing, responding to, generating, displaying, transmitting, storing, or otherwise handling Customer Content and Generated Content as part of the Services;
  4. configuring Services, settings, features, recommendations, integrations, workflows, automations, or user experiences;
  5. communicating with you about the Services, accounts, updates, security issues, support, transactions, policy changes, and other service-related matters;
  6. analyzing usage, performance, errors, reliability, functionality, safety, and quality;
  7. developing, testing, evaluating, monitoring, improving, and operating Services, features, tools, technologies, artificial intelligence systems, machine learning systems, automation, safety systems, security systems, abuse-prevention systems, and related or future offerings;
  8. preventing, detecting, investigating, responding to, and mitigating fraud, spam, abuse, security incidents, unauthorized access, unlawful activity, violations of the UTOS, and risks to Company, users, the Services, or third parties;
  9. complying with law, legal process, regulatory obligations, contractual obligations, and enforceable governmental requests;
5. Artificial Intelligence, Automation, Model Improvement, and Customer Controls

Some Services may use artificial intelligence, machine learning, automation, or similar technologies. When you use those Services, we may process Customer Content, usage information, account information, technical information, Generated Content, and other personal information to provide, operate, secure, evaluate, improve, troubleshoot, and support the Services.

We may use information processed through, submitted to, or generated by the Services to provide requested functionality, maintain and secure the Services, troubleshoot issues, provide support, prevent abuse, comply with law, enforce the UTOS, protect Company and others, develop and improve Services, create new or improved products and offerings, and improve solutions across Services or applications where permitted by applicable law, applicable settings, customer controls, and applicable terms.

Where permitted by applicable law and applicable service-specific terms, settings, permissions, customer controls, or agreements, these uses may include, but are not limited to, developing, testing, training, fine-tuning, evaluating, monitoring, improving, or operating models, systems, features, safety tools, security tools, abuse-prevention tools, and related or future products, services, applications, and offerings.

We may use aggregated, de-identified, pseudonymized, anonymized, or otherwise privacy-protective information for analytics, research, development, product improvement, service improvement, safety, security, abuse prevention, and business purposes where permitted by law.

If a Service provides settings, controls, opt-outs, enterprise commitments, or service-specific terms regarding model improvement, model training, retention, or use of Customer Content, we will handle applicable information in accordance with those controls or terms. Certain business, enterprise, API, or separately contracted Services may be subject to additional data-use restrictions, privacy commitments, or data-processing terms.

Generated Content may be inaccurate, incomplete, unreliable, inappropriate, non-exclusive, or unsuitable for your intended purpose. Privacy practices related to Generated Content may depend on the Service, your settings, applicable service-specific terms, and applicable law.

6. Automated Decisionmaking and Profiling

The Services may use automated systems to provide, personalize, secure, support, analyze, or improve the Services. We do not use automated decisionmaking technology to make decisions that produce legal or similarly significant effects about individuals unless disclosed through the applicable Service, applicable notice, or applicable terms.

Where applicable law provides rights related to automated decisionmaking, profiling, or similar processing, we will provide required notices, rights, and choices to the extent required by that law.

7. Cookies, Online Tracking, Analytics, and Similar Technologies

We and our service providers may use cookies, pixels, local storage, SDKs, analytics tools, device identifiers, and similar technologies to operate, secure, improve, measure, personalize, and understand the Services.

These technologies may help us, including, but not limited to:

remember preferences and settings;

deliver or measure communications, marketing, or advertising where permitted by law.

improve or personalize the Services; and

  1. maintain sessions and account security;
  2. understand how the Services are used;
  3. detect errors, abuse, fraud, and security issues;
  4. measure performance and effectiveness;

You may be able to control cookies and similar technologies through your browser, device, application, account settings, consent tools, or other controls we provide. Blocking or disabling certain technologies may affect the functionality, availability, or security of the Services.

Some browsers or devices may transmit “Do Not Track” signals. Because there is no uniform industry standard for responding to Do Not Track signals, we do not respond to all such signals unless required by law. Where applicable law requires us to recognize Global Privacy Control or other legally recognized opt-out preference signals, we will honor those signals to the extent required by law and technically feasible.

Third parties may collect information about your online activities over time and across different websites or online services when you use the Services, including through analytics, advertising, embedded content, integrations, or similar technologies, subject to their own terms and privacy policies.

8. How We Disclose Personal Information

We may disclose personal information as described in this Privacy Policy, as disclosed at the time of collection, as authorized by you, or as permitted by applicable law.

8.1 Service Providers, Contractors, and Vendors

We may disclose personal information to service providers, contractors, vendors, consultants, and other parties that help us operate, provide, secure, support, analyze, improve, market, or administer the Services. These parties may provide services including, but not limited to, hosting, cloud infrastructure, analytics, communications, customer support, security, fraud prevention, payment processing, identity verification, data storage, development, debugging, legal, compliance, and business operations.

8.2 Third-Party Services and Integrations

If you choose to connect, authorize, access, or use third-party services, integrations, applications, platforms, APIs, or accounts with the Services, we may disclose information as necessary to enable that connection or functionality. Third-party services may process personal information under their own terms and privacy policies.

8.3 Other Users, Organizations, and Account Administrators

If you use the Services through an organization, business account, team, shared workspace, administrator-managed account, or other multi-user arrangement, information associated with your account or use of the Services may be visible to, controlled by, or disclosed to the relevant organization, account owner, administrator, or authorized users, depending on the Service and account configuration.

8.4 Legal, Safety, Security, and Enforcement

We may disclose personal information if we believe disclosure is necessary or appropriate to comply with law, legal process, regulatory obligations, court orders, subpoenas, governmental requests, or law-enforcement requests; to enforce the UTOS or other applicable terms; to investigate or prevent fraud, abuse, security incidents, unlawful conduct, or violations of our policies; to protect the rights, safety, property, operations, or security of Company, users, third parties, or the public; or to protect against legal liability.

8.5 Business Transfers

We may disclose or transfer personal information in connection with an actual or proposed merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of assets, transition of service, corporate transaction, or change of control.

8.6 Aggregated or De-Identified Information

We may disclose aggregated, de-identified, pseudonymized, anonymized, or otherwise privacy-protective information where permitted by law. We will not attempt to re-identify de-identified information except as permitted by law, including to test, maintain, audit, or validate our de-identification processes.

9. Sale, Sharing, Targeted Advertising, and Privacy Choices

We do not sell personal information for money. However, some privacy laws define “sale,” “sharing,” “targeted advertising,” or similar terms broadly, and certain analytics, advertising, measurement, or partner activities may be considered a sale, sharing, targeted advertising, or similar processing under those laws.

Where required by applicable law, we will provide applicable notices and choices, which may include the ability to opt out of sale, sharing, targeted advertising, or certain uses of personal information. If required by law and applicable to our practices, we may provide a “Your Privacy Choices” link, a “Do Not Sell or Share My Personal Information” link, recognition of legally required opt-out preference signals, or another legally permitted method for exercising choices.

You may unsubscribe from promotional emails by following the instructions in those emails. Even if you opt out of marketing communications, we may still send non-promotional, transactional, security, legal, account, and service-related communications.

If we use text messages, phone calls, push notifications, or similar communications for marketing or promotional purposes, we will do so subject to applicable consent and opt-out requirements.

10. Retention of Personal Information

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including, but not limited to, providing, operating, securing, supporting, improving, and administering the Services; maintaining accounts; processing transactions; complying with legal, tax, accounting, reporting, and regulatory obligations; resolving disputes; enforcing agreements; preventing fraud, abuse, and security incidents; protecting Company, users, and third parties; and supporting product-development, service-improvement, analytics, safety, security, and business purposes where permitted by law.

Retention periods and criteria may vary depending on the type of information, the Services used, account settings, Customer choices, deletion controls, legal requirements, security needs, business needs, operational requirements, and whether information has been aggregated, de-identified, anonymized, backed up, archived, or otherwise retained in accordance with lawful purposes.

As a general matter, account, contact, transaction, Customer Content, usage, diagnostic, security, marketing, communication, aggregated, de-identified, anonymized, and similar information is retained based on the purpose collected, the Services used, Customer settings, legal and compliance requirements, security and fraud-prevention needs, support and operational needs, applicable terms, and Company’s legitimate business purposes where permitted by law.

If you request deletion of personal information, we will process the request as required by applicable law. We may retain information where permitted or required by law, including, but not limited to, for security, fraud prevention, legal compliance, dispute resolution, financial recordkeeping, backup, audit, or enforcement purposes.

11. Data Security

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect personal information from unauthorized access, disclosure, alteration, destruction, loss, misuse, and other security risks.

No method of transmission, storage, processing, or electronic communication is completely secure. We cannot guarantee that personal information will be completely secure, error-free, or protected from all unauthorized access or use. You are responsible for using appropriate safeguards when using the Services, including protecting account credentials, devices, networks, systems, and third-party integrations.

12. Your Privacy Rights and Requests

Depending on where you live and the Services you use, you may have rights regarding your personal information, including, but not limited to, rights to access, know, confirm processing, correct, delete, restrict, object to, opt out of certain processing, withdraw consent, receive a copy of your information, appeal certain decisions, or limit certain uses or disclosures of sensitive personal information.

You may exercise available rights by contacting us at privacy@twinlyai.com or through any privacy request method we make available. We may need to verify your identity, authority, account ownership, or request details before fulfilling a request. We may deny or limit requests where permitted by law, including where we cannot verify the request, where an exception applies, or where compliance would adversely affect the rights and freedoms of others.

We will respond to verified privacy requests within the time required by applicable law. Where applicable law allows an extension, we may extend the response period as permitted and will provide notice where required. If we deny a request and applicable law requires an appeal process, we will provide instructions for submitting an appeal.

You may be able to manage certain information directly through your account, device, browser, application, Service settings, or available controls. If you use the Services through an organization, administrator, or business account, privacy requests relating to information controlled by that organization may need to be directed to that organization.

Where applicable law permits authorized agents to submit requests on your behalf, we may require proof of authorization and may require you to verify your identity directly with us.

We will not discriminate against you for exercising privacy rights protected by applicable law.

13. California Privacy Rights

This section applies to California residents only to the extent required by California law.

California residents may have rights to:

know what personal information we collect, use, disclose, sell, or share;

not be discriminated against for exercising California privacy rights.

  1. access personal information;
  2. delete personal information;
  3. correct inaccurate personal information;
  4. opt out of sale or sharing of personal information where applicable;
  5. limit certain uses or disclosures of sensitive personal information where applicable;
  6. obtain information about our privacy practices; and

We do not sell personal information for money. If our use of analytics, advertising, measurement, or partner technologies is considered a sale or sharing under California law, we will provide required opt-out methods. Where required, we will honor legally recognized opt-out preference signals, such as Global Privacy Control, to the extent required by law and technically feasible.

We do not use or disclose sensitive personal information for purposes that require a right to limit under California law unless we provide that right or an exception applies.

California residents may submit privacy requests by contacting privacy@twinlyai.com or through any privacy request method we make available. Authorized agents may submit requests where permitted by law, subject to verification and proof of authorization.

14. Other U.S. State Privacy Rights and Appeals

Residents of certain U.S. states may have privacy rights under applicable state privacy laws, including, but not limited to, rights to confirm processing, access, correct, delete, obtain a copy of personal information, opt out of sale, opt out of targeted advertising, opt out of certain profiling, restrict certain sensitive-data processing, and appeal denied requests.

Where required by applicable law, we will provide a process to appeal a denied privacy request. If your appeal is denied and applicable law requires additional information, we will provide the information required by that law.

State privacy rights vary by jurisdiction and may not apply to all Customers, all personal information, or all Services. We will provide rights and choices to the extent required by applicable law.

15. International Users and Data Transfers

Company is based in the United States. If you access or use the Services from outside the United States, your personal information may be collected, processed, stored, transferred, or disclosed in the United States and other jurisdictions where Company, its service providers, vendors, partners, or infrastructure providers operate.

Privacy laws in those jurisdictions may differ from the laws where you live. Where required by applicable law, we will use appropriate safeguards for international transfers of personal information.

16. Children’s Privacy

The Services are not directed to children under thirteen (13), and we do not knowingly collect personal information from children under thirteen. If you believe a child under thirteen has provided personal information to us, please contact us at privacy@twinlyai.com.

Unless a specific Service expressly permits otherwise and applicable law allows it, the Services are intended only for users who are at least eighteen (18) years old or the age of legal majority in their jurisdiction.

17. Third-Party Websites and Services

The Services may link to, integrate with, depend on, or enable access to third-party websites, applications, platforms, services, content, or technologies. We do not control and are not responsible for the privacy practices, security practices, content, terms, policies, or conduct of third parties. You should review the privacy policies and terms of third-party services before using them or providing information to them.

18. Business and Organization Accounts; Data Processing Terms

If you use the Services on behalf of an organization, or through an account provided or controlled by an organization, that organization may control or access information associated with your use of the Services, including account information, Customer Content, usage data, settings, logs, and other information associated with the organization’s account or Services.

Where Company processes personal information on behalf of a business or organization under a separate written agreement, data-processing addendum, service agreement, or similar terms, that agreement may govern the processing of that information. The organization is responsible for providing required privacy notices, obtaining required consents, establishing any required legal basis, and responding to privacy requests relating to personal information it controls.

Company may make additional data-processing terms, privacy commitments, administrative controls, or Service-specific privacy terms available for particular Services or Customers.

19. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated Privacy Policy will be effective when posted or otherwise made available, unless a later effective date is stated.

If we make material changes to this Privacy Policy, we will provide notice as required by applicable law. Your continued use of the Services after an updated Privacy Policy becomes effective means that you acknowledge the updated Privacy Policy.

We will not use personal information collected under a prior version of this Privacy Policy in a materially different way without providing any notice or obtaining any consent required by applicable law.

If we materially expand our use of Customer Content for model training, fine-tuning, automated decisionmaking, targeted advertising, sale, sharing, or other materially different processing, we will provide any notice, choice, consent, or control required by applicable law.

20. Contact Us

If you have questions, comments, or requests about this Privacy Policy or our privacy practices, you may contact us at:

TwinlyAI, Inc.
Attn: Privacy
1592 Union St, #427
San Francisco, CA 94123
United States

Privacy inquiries: privacy@twinlyai.com
Legal inquiries: legal@twinlyai.com
Primary website: twinlyai.com

TwinlyAI, Inc. may operate certain Services under DBAs, trade names, brands, or domains, including, but not limited to, CoolnessAI and coolness.ai.

bottom of page