Privacy Policy (ChatGPT App)

Effective date: March 11, 2026
Provider: Spheric Admin Ltd ("we," "us," "our")
Contact: privacy.widgets@olutely.com
Product: "Conversation" (the "App"), a ChatGPT app

1) Scope

This policy explains how we process data through the Conversation App. The App runs inside ChatGPT and helps users practice role-play conversations with structured setup and guided response choices. This policy covers Spheric Admin Ltd's processing through the App only.

2) Data categories, purposes, recipients, retention, and controls

Current tool contracts covered by this policy:

  • start-conversation: input fields user.name (optional), otherPerson.name (optional), otherPerson.role (optional), otherPerson.personality (optional), conversation.topic (optional), userInitialMessage (optional); output fields user, otherPerson, conversation, and optional userInitialMessage; metadata timestamp, hasStarted.
  • continue-conversation: input fields otherPersonMessage, possibleUserResponses (array of 2-4 strings); output fields otherPersonMessage and optional userSelectedResponse; metadata timestamp, hasStarted.

2.1 Scenario setup tool data

What: Optional scenario details you or ChatGPT provide to start-conversation, including your name, the other person's name, role, personality, the conversation topic, and an optional opening line.
Why: To initialize the role-play scenario, prefill the setup widget, and normalize the scenario state shown in the App.
Recipients: Our MCP server, OpenAI/ChatGPT platform as part of the tool invocation context, and our hosting/infrastructure providers acting on our behalf.
Retention by us: Not intentionally stored in app databases. Processed to return the tool response. Limited operational logs may temporarily contain request metadata as described in section 2.4.
Your controls: You can leave optional fields blank, avoid including sensitive information, or choose not to use the App.

2.2 Guided continuation tool data

What: continue-conversation receives the other person's next message and 2-4 suggested user replies. The widget may also maintain an optional userSelectedResponse in session after you choose or edit a reply.
Why: To present guided reply choices, let you select or customize a response, and keep the role-play moving turn by turn.
Recipients: Our MCP server, OpenAI/ChatGPT platform, and the widget session runtime inside ChatGPT.
Retention by us: Not intentionally stored in app databases. Processed to return the tool response. Limited operational logs may temporarily contain request metadata as described in section 2.4.
Your controls: You can end the conversation at any time, choose from suggested replies, write your own reply in the widget, and avoid entering sensitive information.

2.3 In-session widget state and follow-up messages

What: In-session widget state may include scenario fields, timestamp, hasStarted, and an optional selected or custom reply. The widget also sends follow-up messages to ChatGPT when you start the scenario, choose a reply, or end the conversation and request an assessment.
Why: To keep the widget consistent during the session and let ChatGPT continue the role-play flow without making you re-enter the same information.
Recipients: OpenAI/ChatGPT platform and the widget session runtime.
Retention by us: Not intentionally stored in our app databases. We generally do not receive this client-side session state unless it later becomes part of a subsequent tool invocation or support request.
Your controls: You can stop using the App at any time, end the conversation from the widget, and manage your ChatGPT conversation/account data through OpenAI controls.

2.4 Technical delivery data and operational logs

What: Limited technical data that our hosting, CDN, and server infrastructure may generate while delivering the App, such as IP address, user agent, URL path, timestamp, response status, and request duration. Depending on deployment configuration, MCP request logs used for debugging and reliability may also include JSON-RPC request payloads, which can contain tool input fields described above.
Why: Security, abuse prevention, service reliability, debugging, and incident response.
Recipients: Our hosting, CDN, and infrastructure providers acting on our behalf.
Retention: Minimized where feasible and retained for no longer than 30 days, unless a longer period is required for a security investigation, abuse review, or legal obligation.

2.5 Contact data (if you email us)

What: Your email address and message content.
Why: To respond to privacy or support requests and maintain a record of the request.
Retention: Up to 24 months after final resolution, unless legal obligations require longer.

3) What we do not do

  • No account creation in this App.
  • No sale of personal information.
  • No advertising SDKs or advertising profiling through this App.
  • No third-party API calls by the widget to generate conversation content outside the ChatGPT/OpenAI runtime and our own app hosting.

4) Cookies and similar technologies

We do not use advertising cookies through this App. We do not intentionally place client-side analytics trackers in the widget pages. ChatGPT/OpenAI, your browser, and hosting infrastructure may use their own cookies or similar technologies for platform operation and delivery; those uses are governed by their own policies.

5) Sharing and disclosure

We may disclose data only as necessary to:

  • Operate the App through service providers such as hosting, CDN, and infrastructure providers.
  • Comply with law, regulation, legal process, or enforceable government request.
  • Protect rights, safety, and security of users, us, and the service.

6) User rights and controls

Depending on your jurisdiction, you may have rights to access, delete, correct, or object to processing of personal data we hold.

To exercise rights, contact privacy.widgets@olutely.com. We may need to verify your identity before fulfilling a request.

Because the App runs inside ChatGPT, you can also manage conversation and account data directly through OpenAI controls. OpenAI's privacy policy: https://openai.com/policies/privacy-policy.

7) International transfers

The App may be accessed globally and processed in countries where we or our providers operate. Where required, we use appropriate safeguards for international data transfers.

8) Security

We implement reasonable technical and organizational safeguards designed to protect data processed through the App. No system is guaranteed to be completely secure.

9) Children's privacy

The App is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children through this App.

10) ChatGPT / OpenAI platform notice

ChatGPT/OpenAI independently processes chat content, account information, platform telemetry, and in-session widget runtime data under OpenAI's terms and privacy practices. This policy does not replace OpenAI's policies; it only describes Spheric Admin Ltd's processing through this App.

11) Changes to this policy

We may update this policy from time to time. If we make material changes, we will update the effective date above.

12) Contact

Questions about this policy or App privacy practices: privacy.widgets@olutely.com (Spheric Admin Ltd).