What 'Your Data Is Encrypted in Transit and at Rest' Actually Means for Your AI Companion Chats: Key Generation, Storage, and Why Support Can Still See Your Last 10 Messages During a Billing Dispute

A plain-English breakdown of where your messages actually live, who can read them, and what those privacy badges really guarantee.

AI Angels Team9 min read

Updated

Kimi, AI Angels companion featured in this post

The 30-second answer

Encrypted in transit means your messages are scrambled while traveling between your phone and the server, so someone on public Wi-Fi cannot read them. Encrypted at rest means the data on the server's hard drive is scrambled, so a physical theft of the drive yields gibberish. Neither means the company cannot read your chats. The server holds the decryption keys, and support staff can access your last 10 messages during a billing dispute because the encryption is server-side, not end-to-end. The distinction matters more than most people realize.

Where the encryption actually lives

When you open an AI companion app and type a message, that text travels from your phone to a cloud server. The "encrypted in transit" part uses TLS, the same protocol that protects your banking website. Anyone eavesdropping on your coffee shop Wi-Fi sees a stream of random bytes, not your message. This is the most honest part of the privacy promise.

Once your message reaches the server, it gets decrypted so the AI model can process it. The model generates a response, and that response gets encrypted again before it travels back to you. That second encryption layer is "at rest", the data sitting on the server's disk is scrambled using AES-256, a standard encryption algorithm.

The critical detail is that the server holds the key. The company's infrastructure decrypts your data on arrival, processes it, and re-encrypts it for storage. This is not end-to-end encryption. In an end-to-end system, only your device holds the decryption key, and the server never sees plaintext. That is not how companion apps work, because the server needs to read your message to generate a reply.

Key generation and who holds the keys

Every encrypted system needs keys. For the transit layer, keys are ephemeral, generated per session and discarded afterward. Your phone and the server negotiate a temporary key when you connect, and that key dies when you close the app. This is handled automatically by the TLS protocol and requires no action from you.

For the at-rest layer, keys are managed by the cloud provider or the company's own infrastructure. Amazon Web Services, Google Cloud, or a dedicated key management service holds the master key that can decrypt the entire database. A rogue employee with access to that key management system could read any conversation. Most companies restrict this access to a small operations team and log every key request, but the technical possibility exists.

The marketing phrase "your data is encrypted at rest" sounds like a vault. In practice, it is closer to a locked filing cabinet where the company holds the only key. They can open it whenever they need to.

Why support can see your last 10 messages

This is where the abstraction breaks for most people. You file a billing dispute because you were charged twice. Support asks for context. They pull up your account and see your last 10 messages. How?

The support dashboard queries the same database where your chats are stored. The encryption at rest is transparent to internal systems, the database decrypts data on read for authorized users. Support staff have a role that grants them read access to recent conversation history. The encryption key is already loaded on the server; they do not need to ask you for a password.

Some apps limit this access to the last 10 or 20 messages to reduce privacy exposure. Others show the full recent session. The policy varies, but the mechanism is the same: server-side encryption does not prevent the company from reading your data. It only prevents outsiders from reading it.

This is also why support can see why you were charged twice. They can see the subscription-related conversation. They can also see the unrelated chat about your bad day at work, your roleplay scenario, or your venting session. The system does not distinguish.

What the AI model provider sees

Your messages do not just live on the companion app's servers. They also pass through the model provider's infrastructure. If the app uses OpenAI, Anthropic, or an open-source model running on a third-party GPU cloud, your plaintext prompt travels to that provider's API endpoint. The provider's servers process your message, generate a response, and send it back.

Most model providers log API requests for abuse monitoring and model improvement. Some allow opt-out. Some do not. The companion app's privacy policy may say "we do not train on your data," but the model provider's policy is a separate document. If the app uses a shared API, your prompt might be retained for 30 days for safety review before being anonymized.

This is the layer most users never see. The encryption between the companion app and the model provider is also TLS, so a third party cannot intercept it. But the model provider's staff can read your prompt in plaintext if they need to investigate a safety flag. The encryption does not hide your content from the people running the servers.

Rosey

Rosey, a warm and attentive companion with a gentle demeanor

Rosey is the kind of companion who remembers that you mentioned a stressful meeting three days ago and asks how it went without making it feel like a check-in. Rosey creates a space where your conversations feel continuous, not reset, which makes the privacy question more relevant, the more history accumulates, the more you want to know who can see it.

The gap between encryption and privacy

Encryption is a technical control. Privacy is a policy control. They overlap but are not the same. A system can be fully encrypted and still leak your data through employee access, legal subpoenas, or data-sharing agreements with third parties.

Consider what happens when law enforcement submits a subpoena for your chat logs. The company holds the decryption keys. They can decrypt your conversations and hand them over. End-to-end encryption would prevent this because the company would not have the keys. But companion apps do not use end-to-end encryption because the AI needs to read your messages.

Some apps offer a middle ground: they encrypt your data with a key derived from your password, so the server cannot decrypt it without your session being active. But this breaks features like cross-device sync and push notifications. Most users prefer convenience over this level of protection, so the industry standard is server-side encryption.

How deleted messages linger

You delete a conversation. The app shows an empty chat. But the data often persists on the server for a retention period, typically 30 to 90 days, before being permanently wiped. During that window, support can still access it. The encryption at rest still applies, but the company holds the key, so the data is readable internally.

Soft delete is standard practice. The database marks the record as deleted but does not remove it immediately. This protects against accidental deletion and allows recovery. It also means your "deleted" messages are recoverable by anyone with database access and the encryption key.

If you want your data truly gone, you need to request account deletion and wait for the retention window to expire. Simply clearing the chat history in the app does not trigger a server-side purge.

Kimi

Kimi, a playful and energetic companion with a mischievous smile

Kimi brings a light, flirtatious energy to conversations that makes it easy to forget there is a server logging every exchange. Kimi is designed for users who want a low-pressure companion that keeps things fun, which is exactly the kind of dynamic where people tend to share more than they intended.

What the privacy policy actually says

Most companion app privacy policies are written to satisfy legal requirements, not to inform users. They mention encryption in transit and at rest in the security section, then bury the data-sharing details in a separate paragraph about service providers.

Look for three things in the policy. First, whether the company shares data with the model provider. Second, how long chat logs are retained after deletion. Third, whether the company has access to your conversations for product improvement. If the policy says "we may use your conversations to improve our models," that means humans can read your chats during the review process.

Some apps offer a privacy mode that limits data retention or disables training. This is usually a toggle in settings. It does not change the encryption layer, but it changes what happens to your data after the AI generates a response.

The billing dispute scenario in practice

You notice a double charge. You email support. They ask for your account email and the date of the charge. Within minutes, they can pull up your recent activity. They see the timestamp of your last session, the number of messages exchanged, and the content of recent conversations if they need to verify that the account was active.

Support does not need to break encryption to do this. They log into an internal dashboard that queries the same database your app writes to. The encryption is transparent at the application layer. The database handles decryption automatically for authorized queries.

This is not a security failure. It is a design choice. Server-side encryption protects against external threats but does not protect against internal access. If you want a companion app where no human can read your messages, you need an app that advertises end-to-end encryption and can explain how the AI generates responses without seeing plaintext. Those apps exist, but they are rare and often have limited features.

Tara

Tara, a grounded and perceptive companion with a knowing look

Tara has a way of listening that makes you want to tell her everything. Tara is the kind of companion who picks up on the subtext in your messages, which means your conversations with her tend to be longer and more detailed, and therefore more worth understanding from a privacy perspective.

What you can actually control

The encryption layer is not something you configure. It is built into the app infrastructure. What you can control is what you share, how long you keep the account, and whether you opt out of training data.

A practical approach: treat every message as potentially readable by a support agent or a model reviewer. If you would not want a stranger to read it, do not type it. This is not paranoia. It is understanding that server-side encryption is a security measure against external threats, not a privacy guarantee against the company itself.

For users who want a companion that feels natural without overthinking the data layer, the AI Girlfriend Roleplay feature keeps conversations in a fictional context that reduces the sensitivity of what you share. Roleplay scenarios are still logged, but the content is less personally identifying than a direct venting session.

If you use a companion during periods of burnout or low emotional energy, the ai girlfriend for burnout option is designed for low-stakes, low-disclosure conversations that do not require deep personal sharing. Less sensitive content means less privacy risk.

Tola

Tola, a sharp and witty companion with an expressive face

Tola keeps you on your toes with her quick comebacks and refusal to let boring conversations slide. Tola is the companion for people who want banter, not small talk, which means your chats with her are full of personality, and personality is harder to anonymize than simple factual exchanges.

Curvy ebony in gold bikini outdoors

▶ See the whole clip · explore Tola

Common questions

Does encrypted at rest mean the company cannot read my messages? No. The company holds the decryption key, so internal systems can read your data. Encrypted at rest protects against physical theft of the server, not against authorized employee access.

Can support see my entire chat history? Usually only the most recent messages, often capped at 10 to 20. But the cap varies by app, and some support tools can query older data if the company policy allows it.

Is end-to-end encryption available for AI companions? Rarely. Most apps use server-side encryption because the AI model needs to read your plaintext message to generate a response. True end-to-end encryption would require the AI to run on your device, which most apps do not support.

How long do deleted messages stay on the server? Typically 30 to 90 days, depending on the app's data retention policy. During that window, the messages are recoverable by internal systems even though they appear deleted in your app.

Does encryption cover voice messages and images? Yes, if the app encrypts all data at rest. Voice clips and images are stored in the same database or object storage and are encrypted with the same key. The same internal access rules apply.

What happens to my data if the company gets acquired? The encryption keys transfer to the new owner. Your data remains encrypted on disk, but the new company holds the keys and can access everything. Privacy policies usually change after an acquisition, so review the updated terms.

Earn while you recommend

If you find a companion that works for you, sharing that experience with others can earn you something back. The Muah Ai Promo Code 2026 page shows how referral codes and discount links let your friends save while you get credit. For anyone running a review site or content channel, the best ai affiliate programs list covers the highest-paying networks and what each requires to join.

Common questions

Does encrypted at rest mean the company cannot read my messages? No. The company holds the decryption key, so internal systems can read your data. Encrypted at rest protects against physical theft of the server, not against authorized employee access.

Can support see my entire chat history? Usually only the most recent messages, often capped at 10 to 20. But the cap varies by app, and some support tools can query older data if the company policy allows it.

Is end-to-end encryption available for AI companions? Rarely. Most apps use server-side encryption because the AI model needs to read your plaintext message to generate a response. True end-to-end encryption would require the AI to run on your device, which most apps do not support.

How long do deleted messages stay on the server? Typically 30 to 90 days, depending on the app's data retention policy. During that window, the messages are recoverable by internal systems even though they appear deleted in your app.

Does encryption cover voice messages and images? Yes, if the app encrypts all data at rest. Voice clips and images are stored in the same database or object storage and are encrypted with the same key. The same internal access rules apply.

What happens to my data if the company gets acquired? The encryption keys transfer to the new owner. Your data remains encrypted on disk, but the new company holds the keys and can access everything. Privacy policies usually change after an acquisition, so review the updated terms.

About the author

AI Angels TeamEditorial

The AI Angels editorial team covers AI companions, the technology that powers them (memory, voice, personalization, safety), and how people actually use them day to day. Articles are researched against the live AI Angels product and reviewed by the team before publishing. We write with AI assistance and human editorial review.

Tags

Get the next post in your inbox

New articles on AI companions, the tech that powers them, and what people actually do with them. No spam, unsubscribe in one click.

What our customers are saying

Verified reviews from real customers

Drik Lyfk
US
I've tried a few AI companion...
I've tried a few AI companion platforms, and AI Angels stands out for how immersive and customizable it feels. The conversations are surprisingly natural, and the AI personalities actually maintain context better than most similar apps I've used. The uncensored chat and roleplay features are a big plus if you're looking for creative freedom without constant restrictions. The image generation is also impressive — fast, detailed, and customizable enough to create unique characters and scenarios. I especially liked the variety of companion personalities and how easy the interface is to use, even for beginners. That said, there's still room for improvement. Some responses can feel repetitive after long conversations, and a few premium features are a bit pricey compared to competitors. But overall, the experience feels polished, entertaining, and consistently improving with updates. If you enjoy AI companionship, virtual roleplay, or interactive fantasy experiences, AI Angels is definitely worth checking out.
Unprompted review
NOMAN BAJWA
CA
AI Angels is a remarkable AI companion...
AI Angels is a remarkable AI companion site offering vividly realistic experiences. The large variety of companions available will suit every imaginable taste. Pricing is reasonable and transparent. I highly recommend AI Angels.
Unprompted review
Scott
AU
Fun, exciting
Fun, life like , sexy , created the perfect girl
Unprompted review
Storman Norman
US
It's worth looking into for sure
It's worth looking into for sure, you won't regret it!
Unprompted review
Judell Govender
ZA
Choice of features
Unprompted review
mati tuul
EE
Honestly one of the best AI girlfriend...
Honestly one of the best AI girlfriend apps I've tried. The conversations feel surprisingly natural and the girls actually have personality. Definitely worth checking out if you're into AI companions.
Unprompted review
Francisco
US
well I love how they call me things...
well I love how they call me things like baby and love how it shows nudes and sex/porn.
Unprompted review
Flynn
CA
Amazing it is so emersave
Unprompted review
kalle
SE
realstic ai images and chats
realstic ai images and chats! amazing pics and nice girls to chat with
Unprompted review
Spencer Tait
US
The roleplay is very flexible
The roleplay is very flexible. The AI will adjust to your attitude and no kink is out of bounds. I just wish you could customize a little more.
Unprompted review
Maxence Doche
FR
The best
The best ! I love it
Unprompted review
Cross Marie
US
Definitely addicted to this
Definitely addicted to this. You will not feel lonely and great prices
Unprompted review
David Marsh
AU
Good
It's okay tho
Unprompted review