Wonder WalkSomeone to help you sleep
WONDER WALK · PRIVACY POLICY

Privacy Policy

Last updated · 2026-05-28

Who we are

Wonder Walk (referred to as “we” below) is a sleep companion product, developed and operated by the Wonder Walk team at Purdue University. Our core services run on Cloudflare's global network. This policy explains what information we touch when you visit wonderwalk.ai, register an account, subscribe, or chat with Wonder AI — how we use it, and what you can do about it.

If you have any question about this policy, email us at founder@wonderwalk.ai or support@wonderwalk.ai.

What information we collect

1. Account information

When you sign in with Google, Apple, or email, the identity provider shares your email, name, and avatar with us. We do not read any other content from your third-party account.

2. AI conversations and sleep memory

Your conversations with Wonder AI are stored in our server database (Cloudflare D1). We use them to:

  • Continue context when you return to the chat;
  • Let the AI distill long-term memory so the companion fits you better;
  • Compute aggregate metrics for model cost and service availability (these metrics never contain conversation text).

You can view long-term memory, clear it, delete chat history, or revoke the improvement-sharing consent at any time from My account · Wonder memory & privacy.

3. Subscription and billing

We use Stripe to process subscriptions and refunds. We never touch or store your credit card number or bank account. We only keep what Stripe returns to us: customer ID, subscription status, billing cycle — used to unlock the subscription features you purchased.

4. Device and access information

When you visit the site, Cloudflare and our application log the following for security, quotas, and abuse prevention:

  • IP address (rate-limit use only; not tied long-term to your account);
  • Browser User-Agent and device class;
  • Request timestamps, error logs, and response latency;
  • Anonymous product analytics events — for example page views, audio plays, AI chats, pricing-page clicks, and checkout redirects;
  • Ad and share-source parameters such as UTM, gclid, gbraid, wbraid, fbclid, ttclid — used to judge which channels bring genuine users;
  • For non-signed-in visits, an anonymous identifier (an irreversible hash over IP + User-Agent), used only to rate-limit AI calls and unable to identify a person.

Analytics events are used to improve releases, marketing, and the experience flow. They never include your credit card data and they never carry the plain text of AI conversations as an analytics property.

5. Cookies and local storage

We use the minimum number of cookies:

  • Session cookie — keeps you signed in after login;
  • Email-login temporary cookie — valid for 30 minutes during the magic-link flow;
  • Browser local storage — for example your chat-page model preference and whether you've consented to improvement sharing;
  • Anonymous analytics + source identifiers — used to distinguish a visit, a browser session, and an ad/share source.

We use the Google Ads tag for ad attribution and basic conversion measurement. By default Google Consent Mode restricts ad and analytics storage; after you confirm in the cookie banner, the Google Ads tag may use the cookies or similar identifiers needed for ad attribution.

Third-party processors

We delegate infrastructure and commercial functions to trusted providers, and we only pass them the minimum information needed:

  • Cloudflare (hosting, CDN, D1 database, R2 audio, Workers AI) — network and storage infrastructure;
  • Stripe (subscriptions and payments) — payments, customer management, invoicing;
  • Google Ads (advertising and attribution) — measure ad visits and basic conversion;
  • Resend (transactional email) — sends magic-link sign-in mail and notifications;
  • Google / Apple (OAuth identity providers) — used only when you actively choose that sign-in method;
  • OpenAI / Anthropic / DeepSeek (third-party foundation models) — Wonder AI chat calls the appropriate model based on the tier you choose. The request includes the necessary conversation context and system prompt, but not your account identity.

Each processor has its own privacy policy. We've signed a data processing agreement (DPA) with them, or use their default terms.

AI improvement sharing (optional · off by default)

You can opt in to share conversations for product improvement from Wonder memory & privacy. Once on, team members can view your shared conversations in the admin panel to improve Wonder's reply quality and safety rules. Every admin view is audit-logged.

This switch is off by default. You can turn it off at any time and revoke visibility for previous conversations.

How we retain data

  • Account information — retained while your account is active; cleared within 30 days of account deletion;
  • AI conversations — kept so you can scroll back and continue context; you can clear them at any time from privacy settings;
  • Payment records — retained for 5–7 years for tax, reconciliation, and dispute handling, per local law;
  • Request logs — usually 30 days, for security and troubleshooting only.

Cross-border transfers

Because we use Cloudflare's global network and overseas AI model providers, your data may be processed in the United States, Europe, and Asia-Pacific. We require all processors to provide industry-standard data protection.

Your rights

Wherever you are, we try to let you:

  • View Wonder's long-term memory about you;
  • Clear Wonder's memory and all AI chat history;
  • Turn off AI improvement sharing;
  • Delete your account and remove personally identifiable information (email support@wonderwalk.ai to start the process);
  • Where GDPR or CCPA applies: access, rectify, export, restrict, or object to automated processing.

Minors

This service is not directed at children under 13. If you are a 13–17 year-old teen, please use it with parental or guardian guidance, and avoid sharing sensitive health information with Wonder.

Security

We use HTTPS for every transfer, and sensitive credentials such as OAuth, subscription, and email keys are read only on the server. No system is perfectly secure; if you find a potential issue, please report it to support@wonderwalk.ai.

Changes to this policy

When the policy changes materially, we'll update the “Last updated” date at the top and notify you on a prominent place on the site or via an in-product notice. Continued use means you accept the latest version.

Contact

For any question, request, or complaint about this policy, email founder@wonderwalk.ai.

View Terms of ServiceWonder memory & privacy settingsBack to home