Mind Well Privacy Policy

1. Introduction

Mind Well ("we", "our", "us") is operated by Travision Edge Ltd. Travision Edge Ltd is the data controller for the personal data processed under this Policy. You can reach our privacy team at privacy@mind-well.app.

This Privacy Policy describes how we collect, use, disclose, and protect information when you use our mobile applications (iOS & Android), websites, APIs, and related services (collectively, the "Services").

By using the Services, you agree to the practices described in this Policy. If you do not agree, please do not use the Services.

2. Information We Collect

Depending on how you interact with our Services, we collect the following categories of information:

• Personal Identifiers: name, email address, username, phone number (optional), billing address (for purchases).
• Device & Usage Data: such as device model, operating system version, app version, unique device identifiers (such as device or app instance identifiers) used only for analytics, security, and fraud prevention (not for advertising or cross-app tracking), including IP address, app interaction events, in-app screens visited, crash logs, and basic diagnostic information. We use this to operate the app, detect bugs, prevent abuse, and understand feature usage.
• In-App Data: account credentials, subscription status, purchase history, chat conversations, mood check-ins, goals, preferences, and worksheet progress.
• Third-Party Data: if you choose to sign in with Apple or Google, we receive basic profile information (such as name, email, and a unique ID) from them. We do not receive your password for those services. We may also receive diagnostic or usage information from third-party SDKs we use (for example, crash reporting).
• Location Data: We do not collect precise GPS location; only coarse IP-based location (city/region) for fraud prevention and analytics.
• Health & Wellbeing Data: We collect health and wellbeing information that you choose to provide through the app. This is described in detail in Section 3 — Health & Wellbeing Data below.

Information is collected directly from you, automatically via your device, or from third-party integrations that you authorize.

3. Health & Wellbeing Data

Mind Well is a mental wellbeing app. When you use the app, you may share information related to your mental health and emotional wellbeing. This section explains exactly what health and wellbeing data we collect, why we collect it, how we use it, who we share it with, how we protect it, how long we keep it, and how you can delete it.

What Health & Wellbeing Data We Collect

We collect the following categories of health and wellbeing data that you choose to provide through the app:

• Mood check-ins: your self-reported mood ratings, emotional state selections, and any notes you add to mood entries.
• Chat conversations: messages you send to the AI wellness coach, which may include descriptions of stress, anxiety, low mood, sleep difficulties, relationship concerns, coping strategies, or other mental health and wellbeing topics.
• Wellbeing goals: goals you set within the app related to your mental health, habits, self-care, or personal development.
• Worksheet responses: your answers and progress on guided mental wellbeing exercises and worksheets (such as cognitive behavioural exercises, gratitude journals, or reflection prompts).
• Symptom and wellbeing descriptions: any information about symptoms, feelings, or wellbeing experiences you voluntarily share in chat messages or journal-style reflections.

All health and wellbeing data is provided voluntarily by you. We do not infer or derive health diagnoses from your data, and we do not collect health data from third-party sources.

How We Use Your Health & Wellbeing Data

We use your health and wellbeing data solely for the following purposes:

• Providing AI wellbeing support: Your chat messages are sent to our AI infrastructure provider (OpenAI) to generate personalised responses. We instruct our AI providers not to use your data to train their models.
• Personalising your experience: We use your mood history, goals, and preferences to recommend relevant content, prompts, and exercises.
• Maintaining conversation history: We store your chat conversations so you can review past sessions and so the AI can provide contextually relevant responses.
• Generating wellbeing summaries: We use your mood check-ins and chat data to produce engagement summaries and progress insights within the app.
• Safety features: We use automated content screening to detect messages that may indicate a risk of imminent harm, so we can surface crisis resources.
• Service improvement and debugging: We may use limited, anonymised conversation data to improve app quality, fix bugs, and monitor safety. We do not train AI models on your individual conversations.
• Customer support: If you report a problem, we may review relevant data to resolve the issue.
• Legal compliance: We may process data as required by applicable law.

We do NOT use your health and wellbeing data for:

• Medical diagnosis, treatment, or clinical decision-making
• Creating health profiles for insurance, employment, or credit decisions
• Selling to third parties or data brokers
• Targeted advertising or cross-app tracking

Who We Share Your Health & Wellbeing Data With

We do not sell your health and wellbeing data. We share it only with the following categories of service providers, who act as data processors under contract and are required to protect your data:

• AI infrastructure provider (OpenAI): Your chat messages are sent to OpenAI's API to generate AI responses. OpenAI processes this data on our behalf under a data processing agreement. We instruct OpenAI not to use your data to train their models.
• Cloud hosting provider (Render): Your data is stored on servers operated by Render, our cloud hosting provider, which maintains industry-standard security controls.
• Payment processors (Apple, Google): Subscription and purchase data is processed by Apple and Google. They do not receive your chat conversations or mood data.
• Legal authorities: We may disclose data when required by valid legal process (such as a court order) or to prevent imminent harm, as described in Section 5.

We do not share your health and wellbeing data with advertising networks, analytics providers, or any other third parties for their own purposes.

How We Protect Your Health & Wellbeing Data

• Encryption in transit: All data is transmitted over HTTPS/TLS.
• Encryption at rest: Chat conversations and wellbeing data are encrypted at rest using AES-256-GCM.
• Access controls: Access to health data is restricted to authorised personnel only, under strict confidentiality agreements.
• No unnecessary retention: Data is retained only as long as needed to provide the service (see below).

How Long We Keep Your Health & Wellbeing Data

For active accounts, chat conversations, mood check-ins, goals, and worksheet data are retained for up to 24 months from the date of collection, after which they are anonymised or deleted. If you delete your account or your account is deleted due to 90 days of inactivity, all health and wellbeing data is deleted from our active systems promptly. See Section 6 — Data Retention for full details, including backup retention.

How You Can Delete Your Health & Wellbeing Data

• Delete chat history: You can delete your chat history at any time from within the app.
• Delete your account: You can delete your entire account (and all associated health data) via Profile → Account Settings → Delete Account, or by emailing privacy@mind-well.app.
• Deletion is permanent: Once deleted, your health and wellbeing data cannot be recovered. Deletion from active systems is completed within 30 days. Encrypted backups are purged within a further 30 days.

Sensitive Data & Consent

Under UK and EU GDPR, health and wellbeing data may be classified as "special category" personal data. Where required by law, we process this data only with your explicit consent. You can withdraw consent at any time in the app settings or by contacting us at privacy@mind-well.app. Withdrawing consent will not affect processing that occurred before your request, but certain features (such as chat history or mood tracking) may become limited.

We do not use your health and wellbeing data for third-party advertising or to make decisions about employment, insurance, or credit.

4. How We Use Your Information

We use your information solely to provide and improve the Mind Well service. For details on how we use health and wellbeing data specifically, see Section 3 — Health & Wellbeing Data.

We do NOT use your data for:

• Medical diagnosis or treatment
• Creating health profiles for insurance or employment
• Selling to third parties or data brokers
• Targeted advertising based on health or mental health data

We use your information to:

• Provide and maintain the Services, authenticate users, and process in-app purchases.
• Provide AI-powered wellbeing support, including generating personalised chat responses and wellbeing summaries based on your mood check-ins, goals, and conversations (see Section 3).
• Personalize content, recommendations, and push notifications.
• Monitor and analyse usage to improve app performance and features.
• Communicate with you about updates, promotions, and important changes. For UK and EU users, we will only send marketing communications with your prior consent; you may opt-out at any time.
• Detect, prevent, and address technical issues or fraud.
• Operate safety features, including automated content screening for crisis detection.
• Comply with legal obligations and enforce our Terms of Use.

5. Data Sharing & Disclosure

We never sell your personal data, including health and wellbeing data. We only share information in the following specific circumstances:

• AI Infrastructure Provider (OpenAI): Your chat messages (which may contain health and wellbeing data) are sent to OpenAI's API to generate AI responses. OpenAI acts as our data processor under a data processing agreement and is contractually prohibited from using your data for their own purposes. We instruct OpenAI not to use your data to train their models.
• Cloud Hosting Provider (Render): All data, including health and wellbeing data, is stored on servers operated by Render. Render maintains industry-standard security controls and acts as our data processor.
• Payment Processors (Apple, Google): Subscription and purchase data is processed by Apple and Google. They do not receive your chat conversations, mood data, or other health and wellbeing data.
• Advertising Partners: We do not share personal data or health data for third-party advertising.
• Legal Requirements: We will disclose information only when: (a) required by valid legal process (subpoena, court order, or search warrant); (b) required to comply with applicable laws; (c) to respond to verified requests from law enforcement for investigation of criminal activity; or (d) in good faith belief that disclosure is necessary to prevent imminent physical harm or death. We will notify you of legal demands unless prohibited by law.
• Business Transfers: in connection with a merger, acquisition, or asset sale, your data may be transferred to the acquiring entity. Users will be notified at least 30 days in advance via email with an opportunity to delete their account before the transfer.

For a summary of health data sharing specifically, see Section 3 — Health & Wellbeing Data.

6. Data Retention

We retain personal data only as long as necessary for the purposes described above, unless a longer retention period is required by law. Subscription and purchase records are kept for minimum statutory periods (e.g., tax).

Chat & Usage Data Retention

For active accounts, chat data and usage logs are retained for up to 24 months from the date of collection, then anonymised or deleted. If your account is deleted (by you or due to 90 days of inactivity), your chat data and usage logs are deleted sooner, at the time of account deletion, subject only to the limited retention of anonymised or aggregated data described below.

Deletion of Inactive Accounts

Inactive Account Deletion Process (Free/Inactive Accounts Only):

• Day 83: We send an email warning that your account may be deleted in 7 days due to inactivity
• Day 90: Your account and all associated data are deleted from our active systems, and removed from backups on the next backup rotation cycle (typically within 30 days), including:
  • All chat conversations and message history
  • Mood check-ins, goals, and progress tracking
  • Worksheet progress and custom settings
  • Custom AI coach configurations
  • Account settings and preferences
• To prevent deletion: Simply log in to the Mind Well app before the deletion date. This resets the inactivity timer.

Data Retained After Deletion: Active subscription records and transaction history may be retained for legal/tax compliance purposes (up to 7 years as required by law), but these records are anonymized and disconnected from your personal information.

We do not retain your identifiable chat messages, mood entries, or other in-app content on our servers and active systems after account deletion. Some residual data (such as app cache or device backups) may remain on your personal devices or within third-party backup systems (for example, Apple iCloud or Google device backups) until you delete the app or clear local data on those devices.

Backup Retention: Some data may remain in encrypted system backups for a limited period (typically up to 30 days) as part of our disaster recovery procedures. This data is isolated, not used for any other purpose, and is permanently deleted on the next backup rotation cycle.

7. Your Rights & Choices

Depending on your location, you may have the following rights:

• Access & Portability: Request a copy of the data we hold.
• Correction: Update your personal information via in-app settings or by contacting us.
• Account Deletion: You can delete your Mind Well account at any time through:
  • In-app: Profile → Account Settings → Delete Account
  • Email: Request deletion at privacy@mind-well.app

  ⚠️ Important: Account deletion is permanent. Deletion from active systems is processed promptly and normally completed within 30 days (see Data Retention). This action cannot be undone.

  What happens when you delete your account:
  • We delete or de-identify your personal data from our active systems promptly, and no later than 30 days
  • All chat conversations, mood data, goals, and worksheets are erased from active systems
  • Active subscriptions are cancelled (no refunds for remaining subscription period)
  • You will receive a confirmation email once deletion is complete
  Data that may be retained:
  • Anonymized transaction records for tax/legal compliance (up to 7 years)
  • Aggregated, non-identifiable analytics data
  • Some encrypted backup copies may persist for up to 30 days as described in Section 6
• Opt-Out: Unsubscribe from marketing emails, disable push notifications, and withdraw analytics consent.
• Do-Not-Sell / Profiling Opt-Out: We do not sell personal data; you can disable personalized recommendations in settings.

To exercise any of these rights, email us at privacy@mind-well.app. We will respond within 30 days.

GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your personal data based on:

• Contract: To provide the Services you requested
• Legitimate Interests: To improve our Services and ensure security
• Consent: For optional features like analytics and marketing communications
• Legal Obligations: To comply with applicable laws

When we refer to “legitimate interests”, these include: keeping the Services secure, understanding how the Services are used, and developing new features. When we rely on consent (for example, for some analytics or marketing communications), you can withdraw that consent at any time in your device or account settings, or by contacting us. Withdrawing consent will not affect processing that has already occurred.

Your GDPR Rights

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure ("Right to be Forgotten"): Delete your personal data
• Restriction: Limit processing of your personal data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interests
• Automated Decision-Making: Not be subject to solely automated decisions
• Withdraw Consent: Withdraw consent at any time

Automated Decision-Making and Profiling

We use automated processing, including profiling, to personalise your experience (for example, suggesting content or prompts based on your mood history and app usage). These decisions do not produce legal effects or similarly significant impacts for you. We do not use your data to make decisions that produce legal or similarly significant effects about you. If you have questions or wish to object to certain types of profiling, contact us at privacy@mind-well.app.

Data Protection Contact

For data protection enquiries, contact us at privacy@mind-well.app

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority. We encourage you to contact us first so we can resolve your concern quickly.

CCPA Rights (California Residents)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

Your California Privacy Rights

• Right to Know: Request disclosure of personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do not sell personal information, but you can opt-out of certain data sharing
• Right to Non-Discrimination: Equal service regardless of exercising privacy rights

We do not “sell” or “share” personal information as those terms are defined under the CCPA/CPRA, including for cross-context behavioural advertising. If this changes in the future, we will update this Policy and provide a way for you to opt out.

Categories of Information We Collect

• Identifiers: Name, email, device ID
• Internet Activity: App usage, interactions
• Inferences: Preferences derived from your usage

How to Exercise Your Rights

• Email: privacy@mind-well.app
• We will verify your identity before processing requests
• You may designate an authorized agent to make requests on your behalf

Shine the Light Law

California residents may request information about disclosure of personal information to third parties for marketing purposes. We do not share personal information for third-party marketing.

8. Children's Privacy

The Services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us data, please contact us and we will delete it.

Age Requirement: Users must be at least 13 years old (or the minimum age in their jurisdiction) to use Mind Well.

If you are between the minimum age in your jurisdiction and 18, you should use the Services only with the permission and supervision of a parent or legal guardian.

9. AI Data Processing & Chat Conversations

When you use our AI chat features, your conversations may contain health and wellbeing data as described in Section 3. Please understand:

• Conversation Storage: All chat messages are stored on secure servers to maintain conversation context and provide the service. Messages are encrypted in transit and at rest using AES-256-GCM.
• AI Processing: To generate responses, your messages (which may include health and wellbeing data) are sent to OpenAI acting as our data processor under a data processing agreement. Mind Well does not train its own AI models on your conversations. We instruct OpenAI not to use your data to train their models.
• Human Review: Conversations are reviewed by our team ONLY in these specific circumstances: (a) when our automated systems flag content that may indicate imminent harm to self or others; (b) when you report a problem with AI responses; (c) for quality assurance audits (maximum 0.1% of conversations, randomly selected and anonymised). Reviewers are bound by strict confidentiality agreements.
• Deletion Rights: You can request deletion of your chat history at any time via in-app settings or by contacting privacy@mind-well.app. Deletion is permanent and typically completed within 30 days from our active systems (see Section 6 for backup retention).

No Continuous Monitoring or Emergency Response

We do not monitor conversations in real time, and we may never review any particular message you send. Although our systems may flag certain content for safety review, you must not rely on Mind Well for crisis support or emergency response. If you are in crisis or at risk of harm, you must contact local emergency services or a crisis hotline immediately.

Improving the Service (Quality and Safety)

We may use limited conversation data for quality assurance, safety monitoring, and debugging, with safeguards to reduce identifiability. This may include reviewing flagged content for safety, investigating reported issues, or analysing aggregated usage patterns. We do not train AI models on your individual conversations.

If you do not want your data used for service improvement purposes, you can opt out at any time by contacting privacy@mind-well.app. Opting out will not affect data already processed but will apply to data collected after we process your request.

AI Output Ownership

Ownership of AI-generated content ("AI Output") is governed by our Terms of Use. In short, you own the AI Output generated for you, and we retain a license to use it to operate the Services as described in the Terms and this Policy.

10. Security

We employ industry-standard safeguards, including HTTPS/TLS encryption, database encryption at rest, strict access controls, and periodic security audits. No system is 100% secure, so we cannot guarantee absolute security.

If we become aware of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law.

11. Where Your Data Is Stored & International Transfers

Primary Storage: United Kingdom

Travision Edge Ltd is a UK-registered company. Your core personal data — including your account information, chat conversations, mood check-ins, goals, and subscription records — is stored in the United Kingdom:

• Database (Neon PostgreSQL): Hosted in AWS EU West 2 (London, UK). This is where all your personal data is stored at rest.
• Application servers and cache (Render + Redis): Hosted in Frankfurt, Germany (EU). Your data is processed here when you use the app, then stored in the UK database. Transfers between the UK and EU are permitted under the UK-EU adequacy arrangement.

Transfers Outside the UK

While your core data is stored in the UK, some third-party services we use to operate Mind Well are based in the United States. When your data is sent to these services, it constitutes an international transfer under UK GDPR. We only transfer the minimum data necessary for each service to function:

• OpenAI (San Francisco, USA) — Your chat messages are sent to OpenAI to generate AI responses. OpenAI acts as our data processor. We do not send your name, email, or account identifiers to OpenAI — only the conversation content needed to produce a response. We instruct OpenAI not to use your data for model training where their API terms support this.
• SendGrid / Twilio (San Francisco, USA) — Your email address is sent to SendGrid to deliver transactional emails (password resets, MFA codes, account notifications). Message content and chat data are never included in emails.
• RevenueCat (San Francisco, USA) — Subscription and purchase data (plan type, transaction IDs, expiry dates) is processed by RevenueCat for in-app purchase verification. RevenueCat does not receive your chat messages, mood data, or other in-app content.
• Expo (Palo Alto, USA) — Device push tokens are sent to Expo to deliver push notifications. Notification content is limited to titles and prompts; no chat messages or personal data are included in push payloads.
• Segment (San Francisco, USA) — Anonymised analytics events (e.g., “user logged in”, “subscription upgraded”) are sent for product analytics. Events are not linked to identifiable user profiles.
• Google (Mountain View, USA) — If you sign in with Google, your Google ID token is verified against Google’s servers. We receive only your email address and name.
• Apple (Cupertino, USA) — If you sign in with Apple, your Apple identity token is verified against Apple’s servers. Apple may provide your email address and name. Apple also processes in-app purchases via the App Store.

Transfer Safeguards

For each transfer of personal data outside the UK, we rely on one or more of the following legal mechanisms as required by UK GDPR:

• UK International Data Transfer Agreement (IDTA): Approved by the ICO, or the UK Addendum to the EU Standard Contractual Clauses, incorporated into our contracts with US-based sub-processors.
• UK-EU Adequacy: Transfers between our UK database and EU-based application servers are covered by the mutual UK-EU adequacy arrangements.
• EU-US Data Privacy Framework / UK Extension: Where our US-based sub-processors are certified under the EU-US Data Privacy Framework (and UK Extension), we rely on this as a transfer mechanism.
• Supplementary technical measures: All sensitive data (chat messages, mood check-ins, conversation context) is encrypted with AES-256-GCM before storage. Data is encrypted in transit with TLS. Access to production systems is restricted and audited.

Your Rights: You have the right to request information about the safeguards we have in place for international data transfers, including copies of relevant contractual clauses. Contact us at privacy@mind-well.app.

12. Cookies & Tracking Technologies

Mind Well is primarily a mobile app and uses minimal cookies. On our website, we use only essential first-party cookies for functionality (such as remembering preferences). In the mobile app, we use SDKs (e.g., RevenueCat for subscriptions) that may store data locally on your device. You can adjust your device settings to restrict this. We do not use tracking cookies for advertising.

13. Third-Party SDKs, Services & Sub-Processors

The following third-party services act as our data processors. Each is bound by a data processing agreement that includes appropriate security requirements and, where the processor is outside the UK, international transfer safeguards:

• Render (Frankfurt, Germany) — Cloud hosting and application compute. Processes all request data transiently. (policy)
• Neon (London, UK — AWS eu-west-2) — Managed PostgreSQL database. Stores all persistent user data at rest. (policy)
• OpenAI (San Francisco, USA) — AI chat responses and content moderation. Receives conversation messages; does not receive user identifiers. (policy)
• SendGrid / Twilio (San Francisco, USA) — Transactional email delivery. Receives email addresses and notification content only. (policy)
• RevenueCat (San Francisco, USA) — Subscription and in-app purchase management. Receives purchase data and subscription status. (policy)
• Expo (Palo Alto, USA) — Push notification delivery. Receives device tokens and notification metadata. (policy)
• Segment / Twilio (San Francisco, USA) — Product analytics. Receives anonymised event data not linked to identifiable users. (policy)
• Google (Mountain View, USA) — OAuth sign-in verification. Receives identity tokens during sign-in only. (policy)
• Apple (Cupertino, USA) — Sign-in verification and App Store purchase processing. Receives identity tokens and purchase receipts. (policy)

An up-to-date list of sub-processors is available on request by emailing privacy@mind-well.app. We will notify you of any material changes to our sub-processor list.

14. Store Compliance

Our Google Play "Data safety" and Apple App Store privacy labels accurately reflect the data practices outlined in this Policy, including data types collected, purposes, and security measures. We do not use data for cross-app tracking or third-party advertising.

16. Policy Updates

We may update this Policy to reflect changes in practices or law. We will notify you of material changes via in-app notice or email. Where required by law, we will ask for your consent before applying material changes to how we use your personal data. The "Last updated" date at the top of this page indicates when the latest revisions were made.