Your data, handled with care

1. Introduction

Healera ("we", "our", "us") provides an AI‑powered psychosomatic coaching application that helps users explore the connection between their mind and body through personalized exercises, daily emotional tracking, and an always‑available AI coach. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

We wrote it in plain language — if anything is unclear, get in touch. By using Healera, you agree to the practices described here.

2. Data we collect

Information you provide

• Account details: name and email via Apple Sign‑In or Google Sign‑In.
• Onboarding assessment: your responses to the initial questionnaire about physical health, emotional state, lifestyle, and personal goals. These answers form the foundation of your psychosomatic profile.
• Diary entries: daily emotional check‑ins — mood, physical sensations, and notes you choose to record throughout the day.
• Coach conversations: text and voice messages you send to your AI psychosomatic coach. Voice messages are transcribed to text on‑device or via a transcription service before being sent to the AI — we store the resulting transcript, not the original audio recording.
• Exercise history: which exercises were assigned by the AI, whether they were completed, and any feedback you provide.

Information collected automatically

• Usage data: which features you open, session duration, exercise completions, and streaks.
• Device data: device type, OS version, app version, language, crash logs, and general diagnostics.

We do not collect precise location, contacts, photos, or health data from device sensors.

3. How we use your data

We use the information we collect to:

• Build and continuously update your psychosomatic state diagram — a multi‑axis profile based on your onboarding assessment, diary entries, completed exercises, and coach conversations.
• Assign personalized exercises tailored to your current state and goals.
• Generate relevant, context‑aware responses from your AI coach.
• Display your progress, streaks, and insights over time.
• Improve app reliability, fix bugs, and prevent abuse.
• Communicate with you about your account, support requests, and service changes.

We do not use your personal data for advertising — ever.

4. Third‑party AI processing

Healera's AI coach is powered by OpenAI (OpenAI, L.L.C.). To generate personalized coaching responses, we send the following categories of your personal data to OpenAI's API:

• Profile information: your name, age, gender, health status and complaints, social and financial status, family relationships, personal goals, talents, achievements, and areas for improvement — as provided during the onboarding assessment.
• Diary entries: mood scores, physical state scores, selected emotions, and any notes you write in your daily diary.
• Coach conversations: the text of messages you send to the AI coach. If you send a voice message, the audio recording is transmitted to OpenAI's Whisper transcription service to convert it to text. We store only the resulting transcript, not the original audio.
• Exercise data: which exercises have been assigned, their completion status, and any feedback you provide.

This data is transmitted securely (TLS‑encrypted) and is used solely to generate your coaching responses. Under OpenAI's API data usage policy, API inputs and outputs are not used to train OpenAI's models. OpenAI may retain API data for up to 30 days for abuse and misuse monitoring, after which it is deleted. OpenAI's data processing practices are governed by their API data usage policy and provide protections equivalent to those described in this Privacy Policy.

Before your data is sent to OpenAI for the first time, the app will ask for your explicit consent. You can review exactly what data is shared and choose whether to agree. If you do not consent, the AI coaching feature will not be available, but you may still use other features of the app.

5. Other sharing

We never sell your data. Apart from OpenAI (described above), we share data only with the following trusted service providers:

• Google Cloud / Firebase — for authentication, database, and encrypted data storage.
• Apple — for Sign‑In with Apple authentication and App Store subscription billing.
• RevenueCat — for subscription management and purchase validation (if applicable).

We may also disclose data if required by law or to protect the rights, safety, or property of Healera or its users.

6. Security

Your data is encrypted in transit (TLS) and at rest. Access to production systems is restricted and protected by strict authentication. We follow industry‑standard security practices — but no system is perfectly secure, and we cannot guarantee absolute security.

7. Retention

We keep your data for as long as your account is active. If you delete your account, we remove your personal data from our production systems within 30 days. Aggregated, de‑identified analytics (such as overall usage statistics) may be retained indefinitely.

8. Your rights

Depending on where you live, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate information.
• Export your data in a portable format.
• Delete your account and all associated data.
• Withdraw consent and object to certain types of processing.

You can delete your account from inside the app (Profile → Delete Account). For any other request, email [email protected].

9. Children

Healera is not intended for users under 16. We do not knowingly collect personal data from children. If you believe a child has provided data to Healera, contact us and we will promptly delete it.

10. Changes to this policy

We may update this policy from time to time. When we make material changes, we will notify you in the app or by email before they take effect. Your continued use of Healera after the updated policy takes effect constitutes your acceptance of the changes.

11. Contact

Questions about this policy or your data? Email [email protected] or visit our contact page.