Back to home
Your words stay yours

Privacy Policy

Last updated: June 13, 2026

The details you share to write a toast — and any optional voice sample you record — are used only to create and read back your toast. We never sell your personal information, and you can delete everything at any time.

This Privacy Policy explains how ToastAI(“ToastAI”, “we”, “us”) collects, uses, shares, and protects personal information when you use our mobile app (“the App”) and our website at toastai.app (“the Site”, together the “Service”). ToastAI helps you write and hear the perfect toast for a wedding, birthday, or other occasion — in your own voice and your own language.

ToastAI is operated by Aidin Bazarchi, an individual based in Türkiye, who is the controller responsible for personal data processed through the Service. You can reach us at toastaiai@gmail.com.

Please read it together with our Terms of Service.

1. The short version

  • We collect what you give us (your account, the memories and details you type to create a toast, and any voice sample you record) plus basic usage and device data.
  • We use it to run the Service — to generate, refine, save, read aloud, and (if you choose) share your toasts.
  • We use trusted processors (Google/Firebase, AI text and voice providers, and others listed below). We do not sell your personal information.
  • You can access, export, or delete your data at any time — the App has a one-tap Delete Account that erases your data across our systems.
  • Voice samples are used only to read your toasts in your own cloned voice; we do not use your data to train our own AI models, and a toast only appears on the public leaderboard if you choose to submit it.

2. Information we collect

Account & profile

Your email address, display name, and optional profile photo. You can sign in with email and password, Google, or Apple; if you use Apple's “Hide My Email”, we receive a private relay address instead of your real one.

Toast inputs you provide

To write a toast, you share details about the occasion and the people involved — for example the type of event (wedding, birthday, anniversary), the name or role of the person you're toasting, your relationship to them, the tone you want (heartfelt, funny, poetic), the language, and the memories, anecdotes, and notes you type or speak in. This text is the raw material the AI uses to generate your toast. You may include information about other people — see “Information about other people”.

Toasts we generate for you

The toasts the AI writes, along with your edits, refinements, and saved versions, are stored in your account so you can return to them, refine them, and share them.

Voice samples & audio (optional)

You can always hear a toast read aloud using your device's built-in text-to-speech voice, which is generated on your device and does not require us to process a recording. If you choose the premium cloned-voiceupgrade, you record short voice samples so a voice provider can create a model of your voice and read your toasts back in it. We use voice samples and any resulting voice model only to produce audio of your own toasts for you; we do not use them to train general-purpose models, and you can delete them at any time. Depending on where you live, voice data may be treated as sensitive or biometric information — we process it only with your explicit consent.

Couple co-write (optional)

If you co-write a couple's toast with a partner, the shared draft and the contributions each of you makes are visible to the other collaborator so you can write it together. Only invite someone you intend to share that draft with.

Leaderboard submissions (optional)

If you submit a toast to the day/week/month leaderboard, the toast text (and your chosen display name) becomes publicly visible and can be ranked and viewed by others. Submitting to the leaderboard is always your choice; toasts you don't submit stay private to your account.

Usage, device & diagnostics

Analytics about how the Service is used (features used, screens viewed, language), device and app information (operating system, app version), and crash diagnostics that help us fix problems.

Notifications

A push-notification token so we can deliver the notifications you enable.

Website & waitlist

If you join the waitlist on the Site, we collect your email address and preferred language to send you a welcome email and contact you about the launch. Signup is single opt-in (no confirmation step); the waitlist is stored with Supabase in the EU (Stockholm region) and the emails are sent through Twilio SendGrid. You can leave the waitlist at any time by emailing us. The Site also uses cookies and similar technologies — see Cookies.

3. How we use information

We use personal information to provide and personalize the Service; to generate, refine, and store toasts from the memories and details you provide; to read your toasts aloud with a device voice or, where you opt in, your cloned voice; to enable the couple co-write feature and (when you submit) the public leaderboard; to send the notifications you set up; to keep the Service secure and prevent abuse; to improve the Service; to communicate with you (including waitlist and product updates); and to comply with legal obligations.

Legal bases (EEA/UK).Where the GDPR or UK GDPR applies, we rely on: performance of our contract with you (to run the Service); your consent (voice cloning, marketing, and non-essential cookies/pixels — you can withdraw it at any time); our legitimate interests (security, abuse prevention, and improving the Service); and compliance with legal obligations.

4. AI processing

Toasts are generated through our secure backend using third-party AI language models. When you use the premium cloned-voice feature, audio is produced through a third-party voice provider. To protect privacy and integrity:

  • We send only the details needed to produce a result, and we treat the text you provide as data (not instructions) to reduce prompt-injection.
  • Voice samples are sent to the voice provider only to create and use your own voice model, and only after you opt in.
  • We do not use your data, your toasts, or your voice samples to train our own AI models.
  • AI providers process the inputs we send in order to return a result, under their own terms; we don't grant them rights to your data beyond providing the service.

5. How we share information

We share personal information only with service providers that process it on our behalf to run the Service, with other users where you choose to share (couple co-write and the public leaderboard), and as required by law. We do not sell your personal information. Our providers include:

  • Google Firebase — authentication, database, file storage, cloud functions, push notifications, analytics, and crash reporting
  • AI text providers — generating and refining toast text
  • AI voice provider — creating and using your cloned voice for audio playback (premium, opt-in only)
  • Vercel — hosting for the Site and admin tools
  • Supabase (EU region) and Twilio SendGrid — the website waitlist and its welcome email
  • Advertising & analytics networks (Google, Meta, TikTok) — on the Site only, and only after you consent to non-essential cookies

We may also disclose information to comply with the law or a valid legal request, to protect our rights and the safety of users, or in connection with a merger, acquisition, or sale of assets (in which case we'll require the recipient to honor this Policy).

6. Information about other people

The memories and details you write into a toast may mention other people — the couple, the birthday guest of honor, friends, and family. You are responsible for ensuring you have an appropriate basis to include another person's information, and we ask that you add only what you need and avoid sensitive details. We use that information solely to generate your toast — we do not contact the people you mention, and we do not build advertising profiles of them. Remember that if you submit a toast to the public leaderboard, anything you wrote in it becomes publicly visible.

If you are someone mentioned in a ToastAI user's toast and you wish to access or remove information about you, contact us at toastaiai@gmail.com and we will act on verified requests as required by law.

7. International transfers

We and our providers may process information in the United States and other countries that may have different data-protection laws than yours. Our processors are primarily US-based companies — including Google (Firebase) and Vercel — while Supabaseprocesses the waitlist in the EU region. Where the GDPR or UK GDPR requires, we rely on appropriate safeguards for these transfers, such as the European Commission's Standard Contractual Clauses (with the UK Addendum where applicable). Where Türkiye's KVKK applies, cross-border transfers rely on the mechanisms in Article 9 of the KVKK, including your explicit consent where no other safeguard is available.

8. Data retention

We keep your account, your saved toasts, and the inputs you provide for as long as your account is active. Voice samples and any voice model are kept while the cloned-voice feature is active for you and are deleted when you remove them or close your account. Cached AI responses expire automatically. When you delete your account (in the App under Settings, or by emailing us), we erase your data across our database, file storage, and authentication systems; residual copies in routine backups age out on our normal backup cycle. Toasts you submitted to the public leaderboard may remain visible until removed on request or in the ordinary course. Waitlist emails are kept until you ask to be removed, and at the latest are deleted within 6 months after the app launches. We may retain limited information where the law requires.

9. Your rights & choices

Depending on where you live, you may have the right to:

  • access the personal information we hold about you;
  • correct inaccurate information;
  • delete your account and associated data;
  • export your data in a portable format;
  • object to or restrict certain processing;
  • withdraw consent (e.g. for voice cloning, marketing, or pixels) at any time; and
  • opt out of marketing communications.

You can delete everything yourself with Delete Account in the App, or email toastaiai@gmail.com. We respond to verified privacy requests within one month (GDPR) or 30 days (KVKK); we may ask for enough information to verify your identity before acting on a request. If you are in the EEA or UK, you may also lodge a complaint with your local data- protection authority.

Türkiye (KVKK).Because the operator is based in Türkiye, processing is subject to the Personal Data Protection Law No. 6698 (“KVKK”). If you are in Türkiye, you have the rights in Article 11 of the KVKK — including to learn whether your data is processed, request information, correction, or deletion, and object to outcomes produced solely by automated analysis. Contact us using the email below; if unsatisfied, you may complain to the Turkish Personal Data Protection Authority.

California.We do not sell personal information and do not knowingly “share” it for cross-context behavioral advertising in the App. On the Site, advertising cookies load only with your consent, and you can signal your choice using your browser's privacy controls (including Global Privacy Control). California residents may exercise the rights to know, delete, and correct, and we will not discriminate against you for doing so.

10. Children's privacy

ToastAI is not directed to children under 13 (or under 16 where applicable), and we do not knowingly collect personal information from children to create an account. Because a toast you write could mention a minor, please do not add sensitive information about children. If you believe a child's information has been provided to us, contact us and we will remove it.

11. Security

We protect information with encryption in transit and at rest, access controls, and rate limiting and abuse protections on our backend. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security, but we work to protect your information and to respond promptly to any incident.

12. Cookies

The Site's only essential storage is local: your language preference and the record of your cookie choice itself (stored in your browser as toastai-cookie-consent). Non-essential trackers are split into two categories you consent to separately: Analytics (Google Analytics) and Marketing(Google Ads, Meta, and TikTok pixels). Neither loads until you allow it in the cookie banner, and you can change your choice at any time by clearing the Site's data in your browser (the banner will ask again). The App itself does not use advertising cookies.

13. Changes to this Policy

We may update this Policy from time to time. We'll post the new version here, update the “Last updated” date, and, for material changes, provide a more prominent notice (such as an email or in-app message).

14. Contact us

toastaiai@gmail.com is our single contact channel for all privacy and data-protection matters — GDPR, UK GDPR, KVKK, and California requests, questions about this Policy, and requests from people whose information a user has mentioned in a toast. Other addresses you may see on the Site (press, careers) are not monitored for privacy requests. The Service is operated by Aidin Bazarchi, an individual based in Türkiye, who is the data controller. If the Service is directed to users in the EEA or UK, an Article 27 representative may be required and will be identified here once designated.