Privacy Policy

Privacy Policy

The Short Version

What we promise, in plain language

No humans ever listen to your sessions

No big tech processing (BigTech)

Conversations never train AI models

Your identity is separated from your words

Only insight notes saved, not full transcripts

Delete all your data anytime, instantly

Read our full privacy promise

Information We Collect

We collect minimal information necessary to provide our services: your email, wellness preferences, session metadata, and insight-level notes you choose to keep. Voice audio is processed in real time and is not stored.

How We Use Your Data

Your data is used exclusively to provide personalized wellness coaching. We never sell your information. Data is shared only with essential service providers under strict privacy agreements to deliver our services.

Your Identity is Protected

We protect your privacy by keeping your personal identity separate from your conversations:

  • AI Processing Services: Receive ONLY your conversation content - no name, email, or identifying information. They process your words in real time and do not retain them.
  • Memory Storage Services: Receive only an anonymous ID number (UUID) to organize your insights - never your name or email.
  • Voice Communication Services: Use anonymous participant IDs - not your real identity.
  • Secure Database: The only service that stores your complete profile with full encryption and access controls.

This means the AI services helping with your coaching conversations never know who you are - they only see the conversation itself.

Third-Party Service Providers

To provide our wellness coaching services, we work with trusted service providers who process data on our behalf under strict privacy agreements:

  • Authentication and database services for secure account management
  • Real-time voice communication infrastructure
  • AI language processing services for personalized wellness coaching
  • Voice transcription and synthesis services for audio processing
  • Insight storage for continuity between sessions
  • Safety monitoring signals for user protection

Most services receive only anonymous conversation content without your identity. See "Your Identity is Protected" section above for details. All providers are bound by strict data protection agreements requiring them to process data only for the purpose of delivering our services.

What Data is Shared with Third Parties

We share the minimum data necessary with each service provider, and most receive NO identifying information:

Anonymous Processing (No Identity Shared):

  • Voice transcription services receive only audio streams (no name/email)
  • AI processing services receive only conversation text (no name/email)
  • Voice synthesis services receive only text (no name/email)
  • Safety monitoring services receive minimal signals (anonymous)

Pseudonymous Storage (Anonymous ID Only):

  • Memory storage services receive insight notes with anonymous IDs - NOT your name or email
  • Voice communication services use anonymous participant IDs - NOT your real identity

Full Profile Access (Encrypted Storage):

  • Our secure database stores your complete account data with encryption and access controls

Your conversations are processed by AI services that never know your identity.

Data Security

We protect your data with multiple security layers:

  • Anonymous Processing: AI services process conversations without knowing your identity
  • Encryption during all data transmissions (voice, text, data)
  • Encryption for all stored data
  • Access controls ensuring you only see your own data
  • Pseudonymous identifiers instead of personal names for data storage
  • Regular security monitoring and audits
  • Minimal data collection principle

While we implement industry-standard security, no system is 100% secure. We continuously monitor and improve our protections.

International Data Transfers

Some of our service providers are located in the United States and process data outside the European Economic Area (EEA). We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Service providers certified under privacy frameworks
  • Contractual commitments to GDPR-equivalent protections

Your data is protected by the same high standards regardless of where it's processed.

Your Rights

Under GDPR Article 17 (Right to Erasure), you have comprehensive control over your data:

Data Access & Export:

  • Access all your data at any time through your profile
  • Export your complete data in JSON or human-readable format
  • Download includes session metadata, insight notes, and preferences

Account Deletion:

  • Request immediate deletion (data removed promptly after confirmation)
  • Deletion is permanent once confirmed

Data Correction:

  • Update your profile information at any time
  • Modify preferences and wellness goals
  • Correct any inaccurate information

You can exercise these rights directly in the app without contacting support. All rights comply with GDPR Article 17 requirements for transparency and user control.

Data Retention

Voice Conversations: Your voice is transcribed to text in real time (audio is not stored). We store only insight-level notes to help your coach remember what matters, and you can delete them at any time.

Account Data: Your profile, preferences, and wellness goals are retained while your account is active.

Deletion: All data is permanently deleted when you request account deletion. This includes all data from our secure infrastructure and storage systems.

Legal Basis for Data Processing

We process your personal data based on the following legal grounds:

  • Consent (GDPR Article 6(1)(a)): You provide explicit consent when creating an account and using our services
  • Contractual Necessity (GDPR Article 6(1)(b)): Processing is necessary to provide wellness coaching services
  • Legitimate Interests (GDPR Article 6(1)(f)): Improving service quality and ensuring user safety

You can withdraw consent at any time by deleting your account from profile settings.

Your Data Export Rights

You can export all your data at any time from your profile. This includes your insight notes, preferences, and session metadata in a downloadable format. Export is typically ready within minutes.

Account Deletion

You can delete your account at any time from your profile settings. All data is deleted immediately upon confirmation.

Data Controller

Data Controller: eHealth Systems Ltd
Email: [email protected]

You can export or delete your data directly from your profile settings in the app - no need to contact us. For other data protection inquiries or questions, please email us at the above address.

Age Requirement

VocalCalm is intended for users aged 17 and older. By downloading and using this app, you confirm that you meet this age requirement. If you are under 17, please do not use this service.

Contact Us

If you have questions about this privacy policy, please contact us at [email protected].