Privacy Policy

HeartAlly — Lifestyle & Journaling Companion

Last Updated: July 8, 2026
Effective Date: July 8, 2026

1. Introduction

Welcome to HeartAlly ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our AI-powered lifestyle and journaling companion application.

HeartAlly is a lifestyle and journaling app for everyday reflection, mood and sleep tracking, voice notes, and AI companion conversations. We are not a medical or healthcare service provider, and our app is not a substitute for professional medical advice, diagnosis, or treatment.

By using HeartAlly, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our application.

2. Information We Collect

2.1 Account Information

2.2 Conversation Data

2.3 Journal & Lifestyle Data

2.4 Usage Data (Analytics)

3. How We Use Your Information

Data Type

Purpose

Legal Basis

Account Information

Authentication, account management, security

Contract necessity

Conversation Data

Provide AI responses, memory features, personalization

Contract necessity

Journal & Lifestyle Data

Journaling insights, lifestyle tracking, and personal wellness suggestions

Explicit consent

Usage Data

App improvement, bug fixing, user experience optimization

Legitimate interest

4. Data Storage and Security

4.1 Storage Locations

4.2 Security Measures

5. Third-Party Services

We use the following third-party services to provide our application:

Service

Purpose

Data Shared

Supabase

Database, authentication, storage

All user data

Google AI (Gemini / Cloud Speech / Cloud TTS)

AI conversation processing (primary), voice transcription (Cloud Speech-to-Text), text-to-speech (Cloud TTS)

Conversation content, voice recordings (temporarily for transcription only), response text for TTS generation. Not used for model training.

OpenRouter (DeepSeek)

Backup AI conversation processing

Conversation content (only when Gemini is unavailable). Not used for model training.

Google Analytics for Firebase

Product analytics, feature usage tracking, and event measurement

User UUID (after consent), device model, OS version, app version, screen size, app-instance identifier, feature usage events, screen views. No conversation content.

Apple Sign-In

Authentication

Anonymous user identifier

Google Sign-In

Authentication

Email address, name, profile picture (if provided), Google user identifier

RevenueCat

Subscription management

Subscription status, receipts

Google AdMob

Advertising delivery, measurement, and personalization

Device model, OS version, advertising ID (IDFA/AAID), IP address, approximate location, app interactions and ad events

Unity Ads (via AdMob mediation)

Advertising delivery

Device info, advertising ID, IP address, app interactions and ad events

Pangle (via AdMob mediation)

Advertising delivery

Device info, advertising ID, IP address, app interactions and ad events

All third-party services are contractually obligated to protect your data and are prohibited from using it for their own purposes.

5.1 Advertising & Measurement

When advertising is enabled, we work with advertising partners to serve and measure ads. This section describes what data may be collected and how it is used.

5.1.1 Data Collected for Advertising

5.1.2 How Advertising Data Is Used

5.1.3 Advertising Partners

We use Google AdMob as our primary advertising platform, and AdMob mediation to access inventory from Unity Ads and Pangle. Each partner processes data in accordance with their own privacy policy:

5.1.4 Your Choices

6. AI Data Processing & Model Training

HeartAlly uses artificial intelligence to provide conversational support. We believe in complete transparency about how your data is processed by AI systems:

6.1 What Data Is Sent to AI Services

6.2 Data Is NOT Used for Model Training

6.3 Encryption & Transmission Security

7. Your Rights and Choices

7.1 Data Control

7.2 Privacy Settings

7.3 Legal Rights (GDPR/CCPA)

If you are in the European Union or California, you have additional rights including:

8. Account & Data Deletion

You have the right to delete your account and all associated data at any time. We provide both complete account deletion and selective data deletion options to ensure you have full control over your personal information.

8.1 Complete Account Deletion

When you choose to delete your account, the following will occur:

8.2 Partial Data Deletion (Without Deleting Account)

If you wish to delete specific types of data while keeping your account active, you can do so through the following methods:

8.3 How to Request Deletion

You can request data deletion through the following methods:

8.4 Deletion Timeline

9. Data Retention

10. Children's Privacy

Important: HeartAlly is rated 12+ and is intended for users aged 12 and older. We do not knowingly collect personal information from anyone under the age of 12. If you are under 12, please do not use our application or provide any personal information.

If we discover that we have collected personal information from a user under 12, we will take steps to delete that information as soon as possible. If you believe we might have any information from or about a user under 12, please contact us at kaiven9195@gmail.com.

11. Emergency Disclaimer

HeartAlly is a lifestyle and journaling app, not a medical or emergency service. If you or someone you know is experiencing a medical or mental health emergency, please contact your local emergency services or a qualified professional immediately.

12. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your data, including:

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Your continued use of the application after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: kaiven9195@gmail.com
Address: HeartAlly Privacy Team
Response Time: We aim to respond within 48 hours

15. Legal Compliance

This Privacy Policy complies with:

© 2026 HeartAlly. All rights reserved.
Your personal journey is private, and we're committed to keeping it that way.