Privacy Policy for Selfmap

1. Introduction

Welcome to Selfmap ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and website and related services ("Service").

By using Selfmap, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described in this policy, please do not use our Service.

1.1 Medical and Clinical Disclaimer

NOT A MEDICAL OR CLINICAL SERVICE

Selfmap is NOT a medical, clinical, therapeutic, or healthcare service. This Privacy Policy relates to our personal development and wellness information application. The Service does NOT:

• Provide medical diagnosis, treatment, or advice
• Offer clinical assessments or professional healthcare services
• Replace professional medical, psychological, or psychiatric care
• Constitute a patient-provider relationship or therapeutic relationship
• Provide emergency medical or crisis intervention services

Privacy and Health Information:

While we collect wellness and mood-related data, this information is:

• NOT considered protected health information (PHI) under HIPAA or similar laws (we are not a covered entity)
• Collected for personal development and self-reflection purposes only
• NOT used for medical diagnosis, treatment, or clinical decision-making
• NOT shared with healthcare providers (unless you explicitly request this)

If you need medical or mental health services:

• Contact qualified healthcare professionals
• Seek emergency services for medical emergencies (911 or local emergency number)
• Contact crisis hotlines for mental health emergencies

Always consult qualified medical professionals for any health-related concerns. The Service is for informational purposes only and does not constitute medical or clinical advice.

2. Information We Collect

2.1 Account Information

When you register for Selfmap, we collect:

• Email address (required for account creation and authentication)
• Display name (optional, as provided by you)
• Password (encrypted and stored securely via Firebase Authentication)
• Account creation date and last update timestamp

2.2 Self-Assessment and Questionnaire Data

We collect information you provide through our questionnaires and assessments, including:

• Your responses to personality questionnaires about your goals, preferences, values, life circumstances, and behavioral patterns
• Demographic information such as age range, location, and other relevant background details you choose to share
• Self-assessments of your social preferences, wellness factors, and personal characteristics
• Questionnaire completion information including dates and assessment history

2.3 Activity and Progress Tracking Data

Through daily check-ins and activity tracking, we collect:

• Mood and energy indicators you provide during check-ins
• Schedule and activity information you choose to share
• Goals you set and track through the app
• Activity history

2.4 Generated Reports and Insights

Based on the information you provide, we create and store:

• Personalized reports analyzing your responses and patterns
• Historical records of your assessments and progress over time
• Customized recommendations tailored to your growth journey

2.5 Usage Data

We automatically collect:

• Device information (device type, operating system, app version)
• Usage statistics including:
  • Check-in frequency and streaks
  • Feature usage and engagement metrics
  • App feature usage patterns
• Timezone information (to provide accurate date-based features)
• Notification preferences and reminder settings

2.6 Profile Information

If you choose to provide:

• Profile picture (stored securely in Firebase Storage)
• Demographic information (as part of questionnaire responses)

2.7 Technical Data

• Authentication tokens (managed securely by Firebase Authentication)
• Device identifiers for notification delivery
• IP addresses (collected automatically by Firebase services)
• Browser/app event data for analytics purposes

2.8 Payment Information

If you make purchases or subscriptions, we collect transaction data including subscription status and purchase history. Payment method information is processed securely through third-party payment processors (RevenueCat and Stripe). We do not store full credit card numbers or CVV codes.

3. How We Use Your Information

3.1 Core Service Delivery

We use your information to:

• Generate personalized reports and insights using AI (OpenAI GPT-4 models)
• Provide personalized recommendations tailored to your goals and preferences
• Track your progress and provide assessments over time
• Maintain your account and authenticate your identity
• Deliver notifications about reminders, reports, and app updates

3.2 AI Processing

Your questionnaire responses and activity data are processed by:

• OpenAI's GPT-4 models via secure Firebase Cloud Functions
• Data is transmitted securely to OpenAI for the purpose of generating personalized content
• OpenAI processes your data according to their privacy policy (available at openai.com/privacy)
• We do not share your data with OpenAI for training their models without your explicit consent

3.3 Analytics and Marketing

We use analytics and marketing tools to:

• Understand user behavior and feature usage (via PostHog)
• Track app performance and conversion events
• Measure marketing effectiveness (via Meta SDK)
• Optimize user acquisition and engagement
• Provide personalized experiences based on usage patterns

3.4 Communication

We use your email address to:

• Send account-related notifications (password resets, security alerts)
• Deliver service updates and important notices
• Respond to support requests

3.5 Payment Processing

We use your payment information to process subscriptions and purchases through RevenueCat and Stripe, manage your subscription status, and send transaction confirmations.

4. Third-Party Services and Data Sharing

We work with trusted third-party service providers to help us operate Selfmap and deliver our services to you. These providers may access your information only to perform specific tasks on our behalf and are obligated to protect your information.

4.1 Infrastructure and Hosting

We use Google Firebase for cloud storage, user authentication, and app infrastructure. This means your data is stored on Google's servers and subject to Google's privacy practices.

Privacy policy: policies.google.com/privacy

4.2 Web Application Hosting

We use Vercel for web application hosting. Privacy policy: vercel.com/legal/privacy-policy

4.3 AI-Powered Personalization

We use OpenAI's services to generate your personalized reports and recommendations. Your questionnaire data is sent securely to OpenAI for processing. According to their current API terms, this data is not used to train AI models.

Privacy policy: openai.com/privacy

4.4 Analytics and Performance

We use PostHog to understand how users interact with our app and identify ways to improve. This includes tracking app events, feature usage, and technical performance data.

Privacy policy: posthog.com/privacy

4.5 Payment Processing

We use RevenueCat and Stripe to handle subscriptions and payments securely. These services process your payment information, but we never see or store your full credit card details.

Privacy policies: revenuecat.com/privacy | stripe.com/privacy

4.6 App Infrastructure

We use Expo for mobile app deployment and push notification delivery.

Privacy policy: expo.dev/privacy

4.7 What We Don't Do

We do NOT:

• Sell your personal information to third parties
• Use your data for purposes other than those described in this policy

4.8 Cookies

We and our third-party providers use cookies and similar technologies for essential operations, analytics, and marketing. Stripe uses cookies for payment processing; PostHog uses them for analytics to help us improve the Service; Meta Pixel may be used for marketing and measurement. You can manage or disable cookies through your browser settings, though some features may not work correctly if you block certain cookies.

5. Data Storage and Security

5.1 Storage Location

Your data is stored in:

• Firebase servers (hosted by Google Cloud Platform)
• Geographic location: Data may be stored in servers located in the United States or other countries where Google operates
• Firebase Storage for profile pictures (global CDN)

5.2 Security Measures

We implement industry-standard security measures:

• Encryption in transit (HTTPS/TLS for all data transmission)
• Encryption at rest (Firebase automatically encrypts stored data)
• Secure authentication via Firebase Authentication
• Access controls (only authenticated users can access their own data)
• Regular security audits and updates

5.3 Data Retention

We retain your data for as long as:

• Your account is active and you continue using the Service
• Necessary to provide services to you
• Required by law or for legal compliance
• Necessary for legitimate business purposes

5.4 Account Deletion

When you delete your account:

• All personal data associated with your account will be permanently deleted
• Profile pictures will be removed from storage
• Questionnaire responses and reports will be deleted
• Activity tracking data and check-ins will be removed
• This process may take up to 30 days to complete

6. Your Rights and Choices

6.1 Your Rights and Choices

You have the right to access your personal data through the app and request a copy of your data in a portable format. You can update your profile information at any time in the app, edit demographic information through the questionnaire, and modify notification preferences in settings. You have the right to delete your account through the app settings, request permanent deletion of your data (see Account Deletion section), and opt out of data collection by discontinuing use of the Service. You can control notification settings (push notifications) through app preferences, and analytics sharing (if available in settings).

6.2 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

• Right to know what personal information we collect
• Right to delete your personal information
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at: support@selfmapai.com

7. Children's Privacy

Selfmap is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children under these ages. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we discover we have collected information from a child under the applicable age, we will delete that information promptly.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top of this policy
• In-app notification for material changes
• Email notification (for significant changes affecting your rights)

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

9. Data Breach Notification

In the event of a data breach that may compromise your personal information, we will:

• Notify affected users within 72 hours (or as required by applicable law)
• Provide details about what information was compromised
• Recommend steps you should take to protect yourself
• Report to relevant authorities as required by law

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: support@selfmapai.com