Privacy Policy
Effective Date: April 4, 2025
Nuance Tech ("we", "us", or "our") operates the MindWeave mobile application. This Privacy Policy explains how we collect, use, and protect your personal information.
1. Information We Collect
We collect the following types of information:
- Account Information - Email address used for authentication via Supabase Auth.
- Journal Entries - Text entries you write in the app, including mood ratings (1-5 scale) you assign to each entry.
- Health Data - With your explicit permission, we access Apple HealthKit or Google Health Connect data including: steps, heart rate, heart rate variability (HRV), sleep duration, and active energy burned.
- Focus & Meditation Sessions - Duration and type of mindfulness activities you complete within the app.
- AI Chat Conversations - Messages you send in the AI chat feature for cognitive behavioral therapy (CBT) support.
- Usage Data - App usage patterns such as journal streak counts and feature access frequency.
2. How We Use Your Information
- To provide personalized AI-driven cognitive analysis and mental wellness insights.
- To generate mood trend charts, correlations between health metrics and emotional state, and weekly summaries.
- To power the AI chat feature that provides CBT-based support and reflection prompts.
- To track your journaling streaks and mindfulness milestones.
- To manage your subscription and premium features via RevenueCat.
3. Third-Party Services
We use the following third-party services:
- Supabase - For secure authentication, database storage, and backend services. Your data is stored in Supabase's cloud infrastructure with row-level security.
- xAI (Grok API) - For AI-powered journal analysis and chat conversations. Journal text and health context are sent to xAI's API for processing. xAI does not store your data beyond the API request.
- RevenueCat - For managing in-app subscriptions and purchases. RevenueCat processes your subscription status but does not access your journal or health data.
- Apple HealthKit / Google Health Connect - For reading health metrics with your permission. Health data is read locally on your device and is never sold or used for advertising.
4. Data Storage & Security
Your data is protected with multiple layers of security:
- End-to-End Encryption - All journal entries are encrypted on your device using AES-256 encryption before being transmitted or stored. Your encryption key is derived from your unique account credentials and stored securely on your device using platform-level secure storage (Keychain on iOS, Keystore on Android). This means your journal text cannot be read by anyone including us without your device credentials.
- Row-Level Security - Your data is stored in Supabase with row-level security policies ensuring that only you can access your own data.
- Transport Security - All data is transmitted over HTTPS/TLS encryption.
- No Data Sales - We do not sell your personal data to third parties.
5. Health Data
We treat health data with the highest level of care:
- Health data is only accessed with your explicit permission.
- Health data is used solely to provide wellness insights and correlations within the app.
- We do not sell health data or use it for advertising purposes.
- You can revoke health data access at any time through your device settings.
6. Data Deletion
You can delete your account and all associated data at any time through the app's Profile screen. Account deletion permanently removes all your journal entries, chat sessions, health logs, focus sessions, meditation sessions, insights, and profile data from our servers.
7. Children's Privacy
MindWeave is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.
8. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the effective date.
9. Contact Us
If you have questions about this Privacy Policy, please contact us at support@nuancetech.app.