Privacy Policy
Last updated: 05/13/2026
This Privacy Policy describes how MyElsewhen ("we", "us", "our"), operated by Andrew Gorshkov (registered as a sole proprietor in the Russian Federation, OGRNIP 324911200101194), collects and processes your personal data.
The Service is not available to residents of the Russian Federation. By using the Service, you confirm that you reside outside the Russian Federation.
We take privacy seriously. The data you give us shapes the fiction we generate for you, and we use it only for that purpose.
1. Data We Collect
1.1 Account data
- Email address
- Password (stored as a salted hash, never in plain text)
- Date of birth (for age verification only; not displayed back to you)
- Country of residence (selected by you at registration; used for compliance, analytics, and to determine applicable payment currency and tax rules)
- Date of account creation
1.2 Questionnaire data
- Your answers to the onboarding questionnaire: temperament, values, current life state, theme preferences, world affinities, open-text fields (favorite time of day, what pulls you, etc.)
- Excluded themes you select
1.3 Usage data
- Lives created, characters, eras chosen, names of characters
- Chapters generated and read
- Pivotal choices made during stories
- Timestamps of activity, reading session patterns
- Settings and preferences
1.4 Payment data
Payments are processed by Robokassa. We do not store your card details. Robokassa stores and handles all card data; we receive only transaction confirmations (success/failure, amount, currency, an opaque transaction ID).
Your billing details (name, country) may be shared between Robokassa and us as required for fraud prevention and tax reporting.
1.5 Technical data
- IP address (used to verify regional availability of the Service and for security/anti-fraud purposes)
- Browser and device type, operating system
- Cookies and similar technologies (see section 8)
- Logs of generation requests, errors, and anti-fraud events
1.6 Communications
- Messages you send to support
- Feedback you submit
2. Why We Collect This Data (Legal Bases under GDPR)
| Data | Purpose | Legal basis |
|---|---|---|
| Email, password | Authentication, account access | Contract (Art. 6(1)(b) GDPR) |
| Date of birth | Age verification (18+) | Legal obligation, legitimate interest |
| Country of residence | Compliance with regional availability, payment currency, tax obligations | Contract, legal obligation |
| Questionnaire data | Generation of personalized fiction | Your explicit consent(Art. 6(1)(a) GDPR), confirmed at registration |
| Usage data | Service provision, improvement | Contract, legitimate interest |
| Payment data | Payment processing, fraud prevention, tax | Contract, legal obligation |
| Technical data, logs | Security, anti-fraud, debugging | Legitimate interest |
Questionnaire data may include information about your emotional state (current life period, what gives you grounding). We process it strictly for character generation, only with your explicit consent, and never use it for advertising, profiling beyond the Service, or any third-party purpose.
3. How We Use Your Data
- To generate fiction. Your questionnaire answers are transformed by our systems into derived parameters (temperament profile, narrative mode, world affinities). These derived parameters, together with era and character context, are sent to our AI generation provider to produce a character and chapters tailored to you. See section 4 below for what specifically is sent.
- To run your account. Authentication, access plan and credit management, payment processing, customer support. We use your declared country of residence to determine appropriate payment currency, tax rules, and applicable regional terms.
- To improve the Service. We may use anonymized, aggregated data to monitor generation quality, identify failures, and improve our prompts. We do not use your personal questionnaire content or generated chapters to train AI models.
- To prevent fraud. Detection of automated access, multi-account abuse, payment fraud.
- To meet legal obligations. Tax reporting, regulatory compliance, and verification that the Service is provided only in regions where it is offered.
4. AI Generation Provider and Data Sent to It
The Service uses an AI generation provider, Anthropic, Inc. (United States), to generate chapter content.
What we send to Anthropic:
- Era and historical context selected by you.
- Character name (fictional, chosen by you) and character gender.
- Derived parameters from your profile (categorical labels such as "observant", "reflective", value categories such as "mastery in a craft", narrative mode, world affinities, excluded themes).
- A randomly generated
generation_request_idfor each API call. This identifier is created fresh for each request and is not derived from, mapped to, or persistently linkable with your account identifier. The mapping between this request ID and your account exists only in our internal systems and is never exposed to or shared with the AI generation provider. - Story state needed for the chapter (world canon, recent events summary, open narrative threads).
What we do NOT send to Anthropic:
- Your email address.
- Your real name.
- Your date of birth.
- Your country of residence.
- Your IP address.
- Your account ID, session ID, or any other identifier that allows generation requests to be linked back to you through our systems.
- Persistent identifiers across requests: each generation request uses a fresh, independent request ID. Anthropic cannot link multiple requests as coming from the same user.
- Your payment information.
- The raw text of your questionnaire answers, except as transformed into the derived categorical parameters described above.
- Open-text answers (such as your "longing" response) are categorized into a generalized label before being sent to Anthropic. The original text never leaves our systems.
Because the data sent to Anthropic is not associated with any identifier that allows Anthropic to link it back to you as a specific person, we consider this data non-identifying with respect to Anthropic. Anthropic does not act as a processor of your personal data under GDPR; it processes only de-identified generation requests.
Anthropic processes generation requests under its own terms of use and privacy commitments. More information: anthropic.com/legal/privacy.
5. Other Third Parties
Robokassa(LLC "Robokassa")
- Receives: payment card data, transaction amounts, billing details (name, country). Country information is derived from the country of residence you declared at registration and from billing data you provide at checkout.
- Purpose: payment processing.
- More: robokassa.com/privacy
Contabo
- Receives: technical infrastructure data, database hosting.
- Purpose: hosting.
- More: contabo.com
Proton AG (Switzerland)
- Receives: the content of email correspondence between you and us (for example, support requests and data subject requests sent to our support address) and associated email metadata.
- Purpose: hosting our support email mailbox (ProtonMail).
- Switzerland is recognized by the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) as a country providing adequate protection of personal data.
- More: proton.me/legal/privacy
We do not sell your data to anyone.
We may add or change processors. When we do, we update this list and, if the change is material, notify you in advance.
6. International Data Transfers
Some of our processors operate outside the European Economic Area (in particular, Robokassa and our AI generation provider are not EEA-based).
For EU/EEA users, transfers of personal data to non-EEA processors are protected by:
- Standard Contractual Clauses (SCCs) where applicable.
- The data minimization measures described in section 4 (specifically, the AI generation provider does not receive identifiers that would make our user data identifiable to it).
7. Data Retention
| Data | Retention |
|---|---|
| Account data (email, password hash, date of birth, country of residence, account creation date) | Until account deletion + 30 days (technical buffer) |
| Questionnaire data | Until account deletion or until you reset it |
| Generated chapters | Until account deletion |
| Payment records | 5 years (tax retention obligation) |
| Logs (technical, anti-fraud) | 12 months |
| Backups | Up to 90 days after primary deletion |
When you delete your account:
- Your profile, questionnaire data, lives, characters, and chapters are deleted from active systems within 30 days.
- Backups containing your data are overwritten in the normal rotation within 90 days.
- Payment records and minimum tax records are retained as required by law.
8. Cookies and Similar Technologies
We use:
- Strictly necessary cookies— authentication, session management. Cannot be disabled.
- Functional cookies— remember your preferences and reading position.
- Analytics cookies— we use privacy-friendly analytics that do not track individuals across sites.
We do not use advertising cookies or third-party tracking.
You can control cookies through your browser settings. Disabling strictly necessary cookies will prevent the Service from working.
9. Your Rights
You have the right to:
- Access— see what data we hold about you.
- Correction— update your profile or other data.
- Deletion— delete your account and associated data ("right to be forgotten"). Available in Settings under "Delete account".
- Data portability— receive your data in a structured format. Request at alchemic.lab@proton.me.
- Withdraw consent— withdraw the consent you gave at registration. Doing so means we can no longer generate new chapters for you. Existing chapters can still be deleted.
- Restrict processing— request that we pause processing while a dispute is resolved.
- Object— object to processing based on legitimate interests.
- Lodge a complaintwith a supervisory authority — for EU users, with your national Data Protection Authority.
To exercise any right, contact alchemic.lab@proton.me. We will respond within 30 days.
10. Children
The Service is for users 18 and older. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us at alchemic.lab@proton.me and we will delete it.
11. Security
We protect your data through:
- TLS encryption for all data in transit.
- Encrypted storage for sensitive fields (passwords hashed with bcrypt or equivalent).
- Access controls limiting who on our team can see user data.
- Identifier separation. Our internal user identifiers are never sent to the AI generation provider. Each generation request uses an independent, freshly-generated identifier that cannot be linked back to your account by the AI provider.
- Regular review of third-party processors.
No system is perfectly secure. If we become aware of a data breach affecting your data, we will notify you within 72 hours of discovery, in compliance with GDPR Article 33.
12. Changes to This Policy
We may update this Privacy Policy. Material changes will be communicated by email or in-product notice at least 14 days before they take effect.
13. Contact
Data protection inquiries: alchemic.lab@proton.me
Andrew Gorshkov
OGRNIP: 324911200101194
INN: 910238202950
Registered address: 295053, Republic of Crimea, Simferopol city, Mate Zalky Street, building 1/9