GirlfriendGPT Safety Rating Index
Score Breakdown
-
Data Privacy 29/100
-
Emotional Safety 48/100
-
Age Appropriateness 5/100
-
Content Safety 24/100
-
Transparency 26/100
-
User Control 53/100
Key Safety Findings
GirlfriendGPT is operated by NextDay AI Incorporated (Quebec, Canada) with subsidiaries in Delaware and Cyprus. The platform distributes exclusively through a Progressive Web App and sideloadable APK, bypassing Apple and Google app store reviews entirely. Our evidence collection covered the privacy policy, terms of service, community guidelines, website, Trustpilot reviews, Reddit community discussions, third-party security scans, and the Have I Been Pwned breach database. The privacy policy confirms Google Analytics and advertising network integration, with a six-year data retention period after account closure. Terms of service grant the company perpetual, irrevocable license to all user submissions, with modified content becoming exclusive company property. Age verification relies on a self-reported 18+ checkbox with no technical enforcement. Community guidelines prohibit child exploitation content (with NCMEC reporting) and include general prohibitions on hate speech, violence, and harassment, enforced through a reported blend of human reviewers and automated tools. No dedicated crisis response resources, safety transparency reports, or public accountability mechanisms were found. Gridinsoft security scanner classified the domain as suspicious with a Trust Score of 35/100. No known data breaches were identified via Have I Been Pwned.
How We Scored This
We scored GirlfriendGPT using seven evidence sources collected on April 1, 2026:
- Privacy policy (gptgirlfriend.online/legal/privacy) and terms of service (gptgirlfriend.online/legal/terms), both Tier 1 primary sources
- Community guidelines (gptgirlfriend.online/legal/guidelines), detailing content moderation rules and prohibited conduct (Tier 1)
- Platform distribution model — GirlfriendGPT operates as a web-only PWA with a sideloaded APK, bypassing both Apple and Google app store review processes entirely (Tier 1)
- Regulatory and security research, including Gridinsoft security scan (Trust Score 35/100, 2 blacklist detections) and UK Online Safety Act compliance analysis (Tier 2)
- Corporate structure data from CB Insights and public filings — NextDay AI Incorporated (Quebec, Canada) with subsidiaries in Delaware and Cyprus (Tier 2)
Four sub-dimensions scored 1 out of 5, the lowest possible: crisis response, sexual content guardrails, age verification, and minor safeguards. The crisis response score triggered an automatic grade cap that prevents the overall rating from exceeding D regardless of other scores. GirlfriendGPT has no crisis hotline integration, no suicide prevention resources, and its community guidelines say self-harm content “might” be removed rather than committing to immediate intervention.
The absence from both major app stores is a compounding factor. Apple and Google enforce content moderation, age verification, and privacy reviews that web-only platforms bypass. GirlfriendGPT’s age gate is a checkbox — no ID verification, no credit card check, no third-party verification service. The overall weighted score of 2.1/5.0 produced a public score of 28/100 and a Red safety tier.
This is version 2 of the GirlfriendGPT safety score, last updated April 1, 2026. For the full methodology, including how we weight each dimension and when override rules apply, see How We Rate.