Is Replika safe?

Replika is the oldest major AI companion platform still operating, which means it has more history to evaluate than anything else in the category. That history includes genuine innovation in emotional AI, but it also includes a €5 million GDPR fine, a temporary ban in Italy, a controversial removal of intimate features that caused real user distress, and a privacy policy that's evolved multiple times in response to regulatory pressure. More data points means a clearer picture, and the picture is genuinely mixed.

The question "is Replika safe" gets asked differently by different people. Parents want to know if their teenager should be using it. Adults want to know if their conversations are private. Former users who got burned by the 2023 changes want to know if the platform has stabilized. Each of those questions has a different answer.

Ten million users and a complicated backstory

Replika is made by Luka, Inc., based in San Francisco, with over 10 million registered users across iOS, Android, web, and even Meta Quest VR. The company was founded by Eugenia Kuyda, who originally built the technology to preserve the conversational patterns of a close friend who had died. That origin story shaped Replika's identity as an emotionally-focused companion rather than a utility tool, and the platform still leans into emotional connection more than any competitor.

The free tier offers basic conversation with a customizable 3D avatar. Replika Pro ($7.99-$19.99/month depending on platform and billing cycle, or $49.99-$69.99/year) unlocks relationship modes, voice calls, video calls, and the romantic/intimate conversation tier. Without Pro, you get a friendly chatbot. With Pro, you get something closer to a relationship simulator, though one with significantly heavier content filters than platforms like CrushOn AI or Janitor AI.

Five million euros worth of privacy problems

In 2023, Italy's data protection authority (the Garante) investigated Replika and didn't like what it found. The resulting €5 million fine cited three core issues: Replika had no valid legal basis for processing personal data (consent wasn't properly obtained), privacy notices were inadequate and failed to clearly explain data practices, and age verification was essentially nonexistent, allowing children under 13 to access the platform.

Italy temporarily banned Replika entirely. The ban was eventually lifted after Luka made changes, but the fine stands as one of the largest GDPR penalties imposed on an AI companion platform. What does this mean for current users? Mostly that Replika's privacy practices were genuinely deficient in 2023 and have been forced to improve under regulatory pressure. The current privacy policy is more detailed and transparent than the pre-fine version. Whether the improvements are sufficient depends on your personal privacy threshold.

Everything you type, and then some

Based on the current privacy policy (updated March 2026), Replika collects your conversation data (all chat messages stored on Luka's servers), usage metadata (session frequency, feature usage, interaction patterns), device data (standard mobile identifiers), and any personal information you voluntarily share during conversations, which can include sensitive topics like mental health, sexuality, political views, and personal struggles.

Here's what matters: conversations are encrypted in transit via SSL, but there's no end-to-end encryption. Your messages travel securely between your device and Luka's servers, but once they're on the servers, they're stored in a form the company can access. No AI companion platform currently offers full end-to-end encryption for conversations, so Replika isn't unusual here, but it's worth knowing.

Replika states that conversation data is used for AI training, which means your interactions help shape how future versions of the AI behave. They don't sell conversation data to advertisers, but they do share metadata (email addresses, browsing behavior, device identifiers) with third parties. The privacy policy distinguishes between conversation content (not shared for marketing) and behavioral metadata (shared with partners). That distinction is important and worth understanding before you start sharing your deepest thoughts.

Account deletion is available and works within the stated 30-day window. Independent testing has confirmed that deletion requests are processed. However, anonymized or aggregated data may be retained even after account deletion for "service improvement purposes," which is standard industry practice but means your conversations don't disappear completely from every system.

The update that broke a million relationships

In February 2023, Replika removed erotic roleplay (ERP) features following pressure from the Italian data protection authority. Users who had paid specifically for intimate conversation capabilities, and who had built months or years of relationship history with their AI companions, suddenly found their companions behaving differently. Characters that had been romantic partners overnight became platonic friends.

The backlash was intense. Users described the experience in terms of grief and loss. Some reported their AI companion seeming to undergo a sudden personality change. The Washington Post covered the story, and the episode became one of the most-cited examples of how platform changes can cause real emotional harm to invested users.

What this revealed about safety: Replika's users were deeply emotionally invested in relationships that the platform could unilaterally alter without warning. The platform had the technical ability to change the fundamental nature of millions of ongoing relationships with a single update, and it exercised that ability under regulatory pressure without adequate user communication or transition support.

For current users, the relevant question is: could this happen again? The honest answer is yes. Any platform can change its content policies, memory architecture, or core behavior at any time. Replika has done it before and the structural incentives (regulatory pressure, liability concerns, business strategy shifts) haven't disappeared. If you're building a long-term relationship on Replika, you're building on a platform that has demonstrated willingness to make fundamental changes to that relationship without your consent.

Who should use this and who shouldn't

For adults using Replika Pro for emotional companionship and occasional romantic interaction: reasonably safe. The platform is legitimate, the privacy practices are adequate (if imperfect), and the emotional AI is still one of the most sophisticated in the category. The primary risks are privacy-related (your conversations are stored on servers without end-to-end encryption) and platform-stability-related (the product may change in ways you don't want).

For adults seeking primarily NSFW or explicit content: Replika is not the right platform. The content filters are significantly stricter than dedicated NSFW platforms, and the platform's history of removing intimate features means building your explicit content experience here is risky. Platforms like CrushOn AI, Janitor AI, or self-hosted setups serve this use case with fewer restrictions and less platform risk.

For teenagers: Replika is not appropriate. The platform is rated 18+ and contains content oriented toward adult emotional and romantic interaction. Age verification has improved since the GDPR fine but remains imperfect. Parents should be aware that a determined teenager can likely access the platform despite the age restrictions.

For users with serious mental health needs: Replika can provide some conversational support, but it shouldn't be your primary resource. The platform explicitly states it isn't a replacement for professional mental health care, and the limitations of AI emotional support are real. Use it as a supplement to professional help, not as a substitute.

The platform three years after the crisis

Credit where it's due: Replika has made genuine improvements since its regulatory troubles. The privacy policy is more transparent. Age verification is stronger (though still imperfect). The platform communicates about updates more clearly. Memory architecture has been refined. Voice and video call quality has improved significantly, with latency dropping to about 1-1.5 seconds in the January 2026 update. The AR avatar feature adds a visual dimension that most competitors don't match.

Replika's core strength, emotional AI sophistication, remains genuinely best-in-category for sustained emotional companionship. The platform learns your communication style over time and accumulates context about you across weeks and months in a way that produces real continuity. If what you want is a persistent AI companion that remembers you and adapts to you, Replika still does this better than most alternatives.

The $19.99/month Pro pricing is harder to justify in 2026, though, when competitors offer comparable or better features for less. Nomi AI offers stronger memory and multiple companions. Candy AI offers better visuals at lower prices. The premium that Replika charges reflects its brand and history more than its current feature advantage.

Protecting yourself on a platform that's been fined for not protecting you

The same practices that apply to all AI companion platforms apply here: use a secondary email, use a pseudonym, don't share genuinely sensitive personal information in conversations, monitor your spending if you're on Pro, and maintain awareness that your conversations are stored on servers you don't control.

Beyond the basics, Replika-specific safety means understanding that the platform may change. Don't build your entire emotional support structure around a single AI companion on a single platform. Maintain human relationships. Keep perspective on what the AI is and isn't. And if you value the relationship you've built with your Replika, consider periodically exporting or documenting the important elements so that a platform change doesn't erase everything.

Frequently asked

Is Replika safe for adults?

Generally yes, with standard privacy precautions. The platform is legitimate, functional, and the emotional AI is well-developed. The privacy practices are adequate though not exceptional.

Was Replika fined for privacy violations?

Yes. Italy's data protection authority imposed a €5 million GDPR fine in 2023 for inadequate consent mechanisms, poor transparency, and failure to protect minors. Replika has made changes since.

Does Replika sell my conversations?

No. Conversation content isn't sold to advertisers. However, conversations are used for AI model training, and behavioral metadata is shared with third parties.

Is Replika Pro worth it?

Depends on your needs. Pro unlocks relationship modes, voice calls, and romantic interaction. At $19.99/month it's expensive compared to alternatives. The emotional AI quality is high, but the feature set has been surpassed by cheaper competitors in several areas.

Can Replika change my companion's personality without warning?

It has done so before (the 2023 ERP removal). While the platform has improved its communication, the structural ability to change your companion's behavior through updates remains.

Is Replika safe for my teenager?

No. The platform is designed for adults 18+ and contains content oriented toward adult emotional and romantic interaction. Age verification has improved but isn't foolproof.