Privacy Policy

1. Introduction

Psychifi ("Psychifi", "we", "us", or "our") provides a personal wellness app and website to support self-awareness, daily check-ins, micro-exercises, and wellbeing insights. This Privacy Policy explains what information we collect, how we use it, how we share it (if at all), and the choices you have.

Your mental wellness data is deeply personal. We design Psychifi so that all of your wellness app data stays on your device under your control. Psychifi has no server that receives your check-ins, journal entries, or health data — there are no network calls from the app to Psychifi infrastructure. We do not sell your personal information and we do not use your health or check-in data for advertising.

By using the Psychifi app or website, you agree to this Privacy Policy. If you do not agree, please do not use Psychifi.

2. Who is responsible for your data

Data controller: Psychifi

Privacy contact: privacy@psychifi.com

General & legal inquiries: legal@psychifi.com

Website contact form: psychifi.app/#contact

This policy is published at https://psychifi.app/privacy, which is the URL referenced in the Psychifi iOS app and App Store listing.

3. Information we collect

The information Psychifi processes depends on how you use the app and website. The categories below describe data you create or store locally in the app, and the limited information we receive via the website contact form. No app data is transmitted to Psychifi servers.

3.1 Information you create in the app (stored on your device only)

All of the following is stored exclusively on your iPhone using iOS local storage (UserDefaults and the app sandbox). None of it is transmitted to Psychifi or any third party by the app itself.

• Check-in data: Mood ratings, energy, stress, sleep quality, coping capacity, emotional tags, follow-up notes, and optional substance tracking (e.g. alcohol, cigarettes/vaping).
• Journal entries: Free-form text you enter during journaling sessions.
• Exercise activity: Which micro-exercises you complete and any reflections you record.
• Profile information: Your display name and optional profile photo (stored on your device).
• Trusted contacts: Names, phone numbers, and email addresses of people you optionally add for insight sharing and reminders. Stored locally; never synced to a Psychifi server.
• Insight sharing history: A local log of which reports you have sent, to whom, and when — including your consent record. Stored only on your device.

3.2 Apple Health data (optional)

Only if you explicitly grant permission in iOS Settings or when Psychifi requests Health access, we may read the following types of data from Apple HealthKit. Psychifi does not write data to HealthKit:

• Heart rate variability (HRV), heart rate, resting heart rate, and walking heart rate average
• Cardio fitness (VO₂ max)
• Respiratory rate and blood oxygen saturation
• Sleep analysis
• Mindfulness sessions
• Workouts, step count, active energy, Apple Exercise minutes, and Stand time
• Environmental audio exposure (noise) and time in daylight (when supported by your device)

You can revoke Health access at any time in Settings → Health → Data Access & Devices → Psychifi.

3.3 Device permissions

• Notifications (optional): If you enable reminders, Psychifi schedules local notifications on your device. We do not require notifications to use the app.
• Photos (optional): If you choose a profile photo, Psychifi accesses only the image you select via the system photo picker.

3.4 Automatically stored app data

• On-device app data: Preferences, onboarding state, and share history are stored locally on your iPhone using iOS storage (UserDefaults and app sandbox files). Nothing is sent to a Psychifi server.
• Crash and diagnostic data: Psychifi has no embedded analytics or crash-reporting SDK. If you have chosen to share diagnostic data with app developers via iOS Settings → Privacy & Security → Analytics & Improvements, Apple may surface anonymised, aggregated crash reports in App Store Connect. We do not receive your check-in, journal, or health data through this channel.

Psychifi does not use third-party advertising networks, cross-app tracking, or the App Tracking Transparency (ATT) framework because we do not track you across other companies' apps or websites for advertising.

3.5 Website contact form

If you submit our contact form at psychifi.app/#contact, we receive your name, email address, and message. This is processed by our hosting provider (Netlify) to deliver the message to us. We use it only to respond to your inquiry.

4. How we use your information

We use information only to operate, provide, and improve Psychifi:

• Personalized micro-exercise recommendations based on your check-in
• Daily wellbeing scores, trends, correlations, and Insights
• Generating PDF insight reports on your device when you request them
• Scheduling local reminders you configure
• Facilitating insight sharing only when you initiate it
• Responding to support requests submitted via the website
• Improving app stability (e.g. diagnosing crashes via Apple's tools)

We do not use your check-in, journal, or HealthKit data for advertising, marketing to third parties, or automated decisions that produce legal or similarly significant effects.

5. Legal bases for processing (EEA, UK, Switzerland)

If you are in the European Economic Area, United Kingdom, or Switzerland, we process personal data on these bases:

• Contract / service delivery: To provide the app features you use.
• Consent: For optional HealthKit access, notifications, photos, and sharing health information with trusted contacts.
• Legitimate interests: To maintain and improve the app, prevent abuse, and respond to inquiries — balanced against your rights.
• Legal obligation: Where required by applicable law.

You may withdraw consent at any time by revoking permissions in iOS Settings or stopping use of optional features. Withdrawal does not affect processing that was lawful before withdrawal.

6. Apple HealthKit

Psychifi's use of HealthKit data complies with Apple's HealthKit terms and App Store Review Guidelines. Specifically:

• HealthKit data is used only to improve your in-app experience (scoring, exercise suggestions, Insights, and optional report content).
• We do not use HealthKit data for advertising, user profiling for ads, or data mining for marketing.
• We do not sell HealthKit data.
• HealthKit data is not transferred to our servers by default. It is read on your device and stored only as part of your local app data or in reports you choose to export.
• Sharing HealthKit-derived information with a trusted contact occurs only when you complete the in-app consent step and send a report yourself (e.g. via email, SMS, or the system share sheet). Psychifi does not receive, store, or relay a copy of that shared report on our servers.

7. How we share information

We do not sell or rent your personal information. Sharing happens only in these limited circumstances:

7.1 When you choose to share

• PDF / insight reports: Generated on your device. Content leaves your device only when you tap Share and select a recipient or app.
• Trusted contacts: Summaries or reports sent via SMS, email, or share sheet — only when you initiate the action after reviewing and consenting in the share flow.

7.2 Service providers

We use trusted service providers for limited, specific purposes. Neither provider receives your app data (check-ins, journal entries, health data, or trusted contacts):

• Netlify — hosts our website and processes contact form submissions. Netlify receives only the name, email, and message you enter in the website contact form.
• Apple — distributes the app via the App Store, handles in-app purchases and subscriptions (when offered), and may surface anonymised crash diagnostics if you have opted in to share data with Apple through iOS Settings. Apple's handling of your data is governed by Apple's Privacy Policy.

These providers are bound by their own privacy terms and our instructions to use data only for the stated purpose.

7.3 Legal requirements

We may disclose information if required by law, court order, or governmental request, or to protect the rights, safety, and security of Psychifi, our users, or others.

8. Subscriptions and payments

If you purchase a Psychifi subscription or other in-app purchase, payment is processed entirely by Apple through the App Store. We do not collect or store your payment card details. Apple may share limited purchase metadata with us (e.g. subscription status) to unlock premium features. Apple's privacy practices are described in Apple's Privacy Policy.

You can manage or cancel subscriptions in Settings → [your name] → Subscriptions on your iPhone.

9. Data storage and security

Primary storage: Your check-ins, journal entries, profile, trusted contacts, exercise history, and cached insights are stored on your iPhone in the app's secure sandbox. We do not operate a cloud account that syncs your wellness journal to our servers.

Security measures: We rely on iOS device encryption, app sandboxing, and industry-standard practices appropriate to the sensitivity of mental wellness data. No method of transmission or storage is 100% secure; we encourage you to use a device passcode, Face ID, or Touch ID.

10. Data retention and deletion

Retention: App data remains on your device until you delete it or remove the app. Website contact form messages are retained only as long as needed to handle your request and for reasonable business record-keeping.

Deleting your data:

• Remove individual trusted contacts or share history within the app where those controls are provided.
• Revoke HealthKit access in iOS Settings.
• Disable notifications in iOS Settings or in the app.
• Delete the Psychifi app from your iPhone to remove locally stored app data from your device.

Psychifi does not require you to create a cloud login account. If you contact us at privacy@psychifi.com with a privacy request (including deletion of information you sent via the contact form), we will respond within 30 days (or sooner where required by law).

11. Children's privacy

Psychifi is not directed at children under 13 (or under 16 in the European Union). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact privacy@psychifi.com and we will delete it promptly.

12. Your privacy rights

Depending on where you live, you may have the following rights, subject to applicable law:

• Access — request a copy of personal data we hold about you (primarily contact form submissions).
• Correction — request correction of inaccurate data.
• Deletion — request deletion of data we control.
• Portability — receive data in a structured, commonly used format where applicable.
• Objection / restriction — object to or ask us to restrict certain processing.
• Withdraw consent — for consent-based processing such as HealthKit or sharing flows.
• Complaint — lodge a complaint with your local data protection authority (EEA/UK) or the Office of the Australian Information Commissioner (Australia).

12.1 California residents (CCPA / CPRA)

California residents have additional rights, including to know what personal information we collect, to delete personal information, and to opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information for cross-context behavioral advertising. To exercise rights, email privacy@psychifi.com. We will not discriminate against you for exercising privacy rights.

12.2 Australian Privacy Act

Australian users may access and correct personal information we hold, or complain to us at privacy@psychifi.com. If unresolved, you may contact the Office of the Australian Information Commissioner.

13. International data transfers

App data (check-ins, journal entries, health data, contacts) never leaves your device and is therefore not subject to international transfer. The only personal data that may cross borders is information you submit via the website contact form, which may be processed in the United States or other countries where our hosting provider (Netlify) operates. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for transfers from the EEA/UK.

14. Third-party links

The website or app may link to third-party sites (e.g. crisis helplines, the App Store). We are not responsible for their privacy practices. Review their policies before providing personal information.

15. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised policy at this URL and update the "Last updated" date. For material changes, we may also notify you through the app. Continued use after the effective date constitutes acceptance of the updated policy.

16. Contact us

Questions, requests, or complaints about privacy:

• Email: privacy@psychifi.com
• Contact form: psychifi.app/#contact

Related documents: Terms of Use