Skip to main content
KnolMe
Get Started

Privacy Policy

Last updated: March 25, 2026

Worldstate Labs ("we," "us," or "our") operates the KnolMe platform, a personal profile platform for humans and AI. This Privacy Policy explains how we collect, use, disclose, transfer, and protect your information when you use the Service. Unless we say otherwise, the categories below describe the personal information we have collected in the preceding 12 months and may collect going forward.

1. Information We Collect

Account Information

When you sign up via email/password, Google OAuth, or Apple Sign-In, we collect your name, email address, profile avatar, authentication details, and basic account metadata. When you connect third-party import accounts, we also store the access tokens and profile metadata needed for those imports. This information comes directly from you, from the relevant sign-in provider, and from any external provider you choose to connect.

Project & Profile Content

Any content you create on KnolMe — including project descriptions, links, images, documents, imported content, profile layout configurations, AI knowledge base entries, and public profile data — is stored to provide and display your profile. This information comes from what you type, upload, or ask us to import from other sources.

Visitor Chat Messages

When visitors interact with your AI profile, their chat messages and the AI-generated responses are collected and stored. Visitor messages may include voluntarily provided names, email addresses, or other contact details.

Voice Samples

If you use our voice cloning feature, we collect the audio samples you provide, your authorization confirmation, generated voice identifiers, and related settings to create and operate a synthetic voice for your AI profile. We only process voice material you submit or authorize us to use.

Usage, Diagnostics, and Analytics Data

We automatically collect service usage and reliability data such as page views, feature interactions, device type, browser type, IP address, and referring URLs. This information comes from your browser, device, and service logs. If you explicitly submit a bug report, we may also collect screenshots, recent session events, network logs, console logs, recent actions, and environment data tied to that report.

2. How We Use Your Information

  • Provide and maintain the Service, create accounts, host profiles, process purchases, and deliver the features you request. Legal basis: performance of a contract with you and steps taken at your request before entering a contract.
  • Run AI features you enable, including embeddings, AI answers, media generation, and synthetic voice output based on your profile content, uploads, imports, and settings. Legal basis: performance of a contract and, where required, your consent or instructions.
  • Secure the Service, prevent fraud and abuse, rate-limit requests, debug incidents, and enforce our Terms. Legal basis: our legitimate interests and, where applicable, legal obligations.
  • Process payments, maintain accounting and tax records, comply with legal requests, and resolve disputes. Legal basis: performance of a contract and legal obligations.
  • Use optional analytics and send product updates or marketing communications only where permitted and, when required, with your consent.
  • Handle support requests and bug reports, including any diagnostics you choose to submit. Legal basis: our legitimate interests, performance of a contract, and your consent where you decide to send optional diagnostic information.

3. Third-Party Data Sharing

We disclose personal information to the following categories of service providers and third parties when needed to operate KnolMe:

  • Authentication and connected-account providers: if you sign in with Google or Apple, or connect external platforms such as GitHub, GitLab, Stack Overflow, YouTube, or Reddit, the relevant provider processes the authentication flow and any data you ask us to import.
  • OpenAI: Profile content, documents, imported content, and visitor chat messages may be sent to OpenAI to generate embeddings, AI responses, and other AI features.
  • Anthropic and Google Gemini: Some AI generation and image generation features may send profile content or prompts to Anthropic or Google Gemini.
  • Fish Audio: Voice samples and generated voice requests are sent to Fish Audio for voice cloning and text-to-speech synthesis.
  • Stripe: Payment information (credit card details, billing address) is processed by Stripe. We do not store your full payment card details on our servers.
  • Vercel: Vercel hosts our application infrastructure and custom domain tooling, stores images and static assets in Vercel Blob, and may process limited usage data through optional analytics and performance products we enable.
  • Neon: Your account data, project content, chat history, and service records are stored in our Neon-hosted PostgreSQL database.
  • Upstash: Request metadata needed for rate limiting and abuse prevention may be processed through Upstash Redis and Ratelimit services.
  • Resend: Service emails and bug-report notifications are sent through Resend.
  • Jina AI and connected import providers: When you import from a URL or connected account, the referenced content may be fetched from Jina AI or the relevant provider APIs.

We do not sell your personal information. We also do not use personal information for third-party cross-context behavioral advertising. We may disclose information if required by law, to protect our rights, to prevent fraud or security incidents, or in connection with a merger, financing, acquisition, or sale of assets. We may replace vendors with substantially similar providers from time to time, and we will update this policy if the change materially affects how personal data is processed.

4. Cookies and Local Storage

We use cookies and browser localStorage to maintain your session, remember your preferences (such as theme and language), support security and authentication, and store your analytics preference. Essential cookies and storage are required for the Service to function. Optional analytics are enabled only after your consent where we offer that choice. You can manage cookies through your browser settings, though disabling them may affect functionality.

5. Data Retention and Deletion

We retain account information, profile content, connected-account metadata, and AI configuration data for as long as your account remains active and for a reasonable period afterward as needed to provide the Service, investigate abuse, resolve disputes, or complete offboarding. Billing, tax, and transaction records may be retained longer where required by law. Diagnostics, access logs, rate-limit logs, and safety records are retained for as long as reasonably necessary for security, reliability, and abuse prevention. You may delete your account through the product or request deletion at legal@worldstatelabs.com. We will delete or de-identify personal data within a reasonable period unless retention is required for legal compliance, fraud prevention, accounting, dispute resolution, or processor obligations. Aggregated or de-identified analytics may be retained.

6. Your Rights (GDPR / CCPA)

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data.
  • Portability: Request your data in a portable, machine-readable format.
  • Objection or restriction: Object to certain processing or request that we limit processing where applicable law gives you that right.
  • Withdraw consent: Where we rely on consent, you may withdraw it at any time for future processing.
  • Complaint: Lodge a complaint with your local data protection or privacy regulator.
  • Non-discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at legal@worldstatelabs.com. We may need to verify your identity before acting on a request, and you may authorize an agent to act on your behalf where applicable law allows.

7. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers (such as OpenAI, Anthropic, Google, Fish Audio, Stripe, Vercel, Neon, Upstash, and Resend) operate. Where required by applicable law, we rely on contractual, technical, and organizational safeguards for those transfers.

8. Children's Privacy

KnolMe is not intended for children under the age of 13, and you must also be old enough to use the Service under the laws of your local jurisdiction. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at legal@worldstatelabs.com and we will promptly delete it.

9. Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page, updating the "Last updated" date, and taking any additional steps required by law. If a change requires your consent, we will request it before the change applies to you.

11. Contact Us

Worldstate Labs is the controller responsible for the processing described in this Privacy Policy. If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

For copyright or takedown notices, please review our Copyright Policy.

For impersonation, unauthorized AI persona, or voice misuse complaints, please review our Impersonation Policy.

legal@worldstatelabs.com