Privacy Policy

1. Information We Collect

When you use Mental Healing, we collect:

• Account Information: Name, email address, and profile information from your authentication provider
• Conversation Data: Messages you send to our AI assistant for the purpose of providing mental wellness support
• Usage Information: How you interact with our service, including timestamps and feature usage
• Payment Information: Billing details processed securely through Stripe (we do not store your payment information)

2. How We Use Your Information

We use your information to:

• Provide personalized mental wellness support through AI conversations
• Maintain and improve our services
• Process payments and manage subscriptions
• Send important service updates and security notifications
• Ensure the safety and security of our platform

3. Information Sharing

We do not sell, trade, or share your personal information with third parties, except:

• Service Providers: Trusted partners who help us operate our service (like Stripe for payments)
• Legal Requirements: When required by law or to protect our rights and safety
• Emergency Situations: If we believe disclosure is necessary to prevent serious harm

4. Data Security & Encryption

We implement robust security measures to protect your sensitive information:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL
• Encryption at Rest: Sensitive personal data, including chat messages, mood journal notes, gratitude entries, AI memory facts, and direct messages are encrypted at rest using AES-256 symmetric encryption (Fernet) before being stored in our database
• Access Control: Access to your data is strictly limited to authorized systems and personnel on a need-to-know basis
• Payment Security: Payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. We never store your credit card information
• Your conversations and personal reflections are encrypted so that even database access alone cannot reveal their contents

4a. What Data Is Encrypted

The following types of user data are encrypted at the field level in our database:

• Chat messages (both your messages and AI responses)
• Mood journal notes and personal reflections
• Gratitude journal entries
• AI memory facts (personal details the AI remembers about you)
• Direct messages between community members

Non-sensitive metadata (such as timestamps, mood scores, and account settings) is stored without encryption for functional purposes.

5. Data Retention

We retain your information only as long as necessary to provide our services:

• Account information is kept while your account is active
• Conversation history is retained to provide continuity in your mental wellness journey
• You can request deletion of your data at any time

6. Your Rights

You have the right to:

• Access your personal information
• Correct inaccurate information
• Delete your account and associated data
• Export your conversation history
• Opt out of non-essential communications

7. Children's Privacy

Mental Healing is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

8. International Users

By using Mental Healing, you consent to the transfer of your information to the United States, where our servers are located. We ensure appropriate safeguards are in place for international data transfers.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our service. Your continued use of Mental Healing after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or how we handle your information, please contact us:

• Email: privacy@mentalhealing.app
• Address: [Your Business Address]