TL;DR We collect only what is necessary to provide features: PSS/DASS-21
tests, tracking results, mood charts, white noise, AI chat, journaling, community features, meditation,
stories, and relaxing games. You control your data (see Your Rights) and may request deletion at any
time.
Contents
1. Scope
This policy applies to all users of the App on Android/iOS and related services (backend, AI, analytics, push notifications). By using the App you agree to this policy.
2. Data we collect
2.1 Account data
- Email, display name, avatar (if provided), user ID, authentication tokens (hashed/encrypted as appropriate).
- Preferences: language, time zone, notification settings.
2.2 Activity & content
- Test results (PSS, DASS-21), responses, and scores.
- Daily journal entries, mood tags, meditation session durations.
- White noise playback history, stories read, games played (e.g., Bubble Wrap) and basic usage metrics.
- Community content: posts, comments, likes, reports.
- AI chat content you submit for assistance.
2.3 Device & diagnostics
- Device info: model, OS, app version, language, region.
- Performance and crash logs, usage events (anonymized when possible).
- IP address and advertising identifiers (if you permit ads/tracking).
2.4 Payment data
- Purchase/subscription status from Google Play / App Store. We DO NOT store card details.
3. How we use data
- Provide core features: tests, tracking, charts, meditation, white noise, AI chat, community, stories, and games.
- Personalize content and recommendations (e.g., suggested meditations).
- Provide AI assistant responses and improve quality (see section 8).
- Analyze anonymized usage to improve the product, fix bugs, and prevent abuse.
- Manage purchases, verify subscriptions, and support users.
4. Data sharing
We do not sell personal data. We may share data with:
- Service providers (cloud hosting, analytics, email, push notifications, AI providers) under contractual confidentiality and security obligations.
- Payment platforms (Google Play / App Store) to validate purchases.
- Law enforcement or regulators when legally required or to protect safety and rights.
- Third parties in connection with a business transfer (merger, sale) — you will be notified if control of data changes.
5. Retention
- Account data and user content: retained until you delete your account or request deletion.
- Logs and analytics: kept 3–24 months depending on type, then deleted or anonymized.
- Transaction records: retained as required by accounting and legal obligations.
6. Security
- Transport encryption (HTTPS/TLS) and encryption at rest for sensitive fields when feasible.
- Access controls and least-privilege access, internal logging of access.
- Periodic security testing and an incident response plan.
No system is perfectly secure. Use strong passwords and enable available protections on your device.
7. Your rights
Depending on your jurisdiction, you may have rights to:
- Access, correct, export (data portability), or delete your data.
- Restrict or object to processing, and withdraw consent for analytics or ads.
- File a complaint with a local data protection authority.
To exercise rights, contact: support@yourdomain.com. We may request identity verification.
8. AI assistant & user-generated content
- Messages you send to the AI assistant are sent to our AI provider to generate responses.
- Unless you explicitly opt-in to improve models, chat content is not used to train public models; logs may be kept to detect abuse and improve service.
- Do not submit other people’s personal or highly sensitive information to the AI chat.
- Community content must follow rules; violating content may be removed or moderated.
- This App is not a substitute for professional medical or mental health care. If in crisis, contact local emergency services.
9. In-app purchases & payments
- Payments and subscriptions are processed by Google Play / App Store. We receive purchase receipts/tokens to grant entitlements.
- Manage subscriptions in your store account. Refunds are handled by the platform.
10. System permissions
| Permission | Purpose | Options |
|---|---|---|
| Notifications | Reminders for meditation, tests, journaling, new content | Can be disabled in system settings |
| Storage/Media (if used) | Store/play white-noise audio files offline | Optional; features may be limited if denied |
| Network | Sync data, AI chat, verify purchases | Required for online features |
11. Children
The App is not intended for children under 13 years old (or the minimum age in your jurisdiction). We do not intentionally collect data from children. If we learn we have collected data from a child, we will delete it.
12. International data transfers
Data may be processed on servers located outside your country. We implement standard safeguards such as contractual terms to protect data when transferred internationally.
13. Changes
We may update this policy for feature or legal changes. Significant updates will be communicated via the app or email.
14. Contact
If you have questions or requests, contact:
- Email: support@yourdomain.com
- Data controller: Developer/Company Name
- Address: Business address
Appendix A — Data categories & purposes (for Play Store Data safety)
| Data category | Examples | Purpose | Linked to identity | Options |
|---|---|---|---|---|
| Account info | Email, display name | Login, support | Yes | Can delete |
| Health & well-being | PSS/DASS-21 results, moods | Core features, charts | Yes | Can delete |
| User content | Journals, community posts | Store and share per settings | Yes | Control/delete |
| Usage | Events, session length | Analytics, improvements | No (when anonymized) | Opt-out (if provided) |
| Diagnostics | Crash logs | Debugging | No | — |
| Purchases | IAP/subscription status | Grant entitlements | Yes | Manage in store |
| Identifiers | Advertising ID (if enabled) | Ads and analytics | Yes | Disable ad tracking |
Tip: replace the contact email, company name, and address before publishing. Ensure the Play Store Data safety form matches this policy.