Privacy Policy

1. Information We Collect

We collect only the data we need to provide and improve our services. This includes:

2. How We Use Your Data

We use your personal information for the following purposes:

• To deliver and personalise wellness content
• To analyse mood and sleep patterns
• To facilitate voice-based volunteer support
• To improve app features and functionality
• To notify you of relevant service updates
• To respond to your enquiries or support requests

We do not use your personal data for targeted advertising. Your data is never sold.

3. Legal Basis for Processing

We process your data under the following legal bases:

• Consent: Where you provide explicit permission (e.g. connecting health data).
• Contract: To provide the service you've signed up for.
• Legitimate Interests: For improving app performance and user support.
• Legal Obligation: To comply with UK law or respond to lawful requests.

4. Data Storage and Security

We take your data protection seriously and implement industry-standard security measures:

• Data is stored securely on Supabase servers
• Sensitive data is encrypted in transit and at rest
• Regular monitoring and security updates are applied
• Data backups are securely managed and access-controlled

We review our security practices regularly and restrict access to your data to authorised personnel only.

5. Third-Party Services

We use trusted third-party providers that help us deliver key services. These include:

• Supabase (for secure data storage and authentication)
• HealthKit (iOS) and Health Connect (Android) for health data integration
• Voice call services for volunteer communication

We ensure all partners are UK GDPR-compliant and only process your data in accordance with our instructions.

6. Children and Young People

• Our services are intended for users aged 13 and above.
• Users aged 13-17 must provide verifiable parental or guardian consent.
• We do not knowingly collect data from anyone under 13.

We follow the UK Children's Code to ensure special protections for young users.

7. Your Data Rights

You have the right to:

• Access your personal data
• Correct inaccurate or incomplete information
• Request deletion of your account and associated data
• Export your data in a commonly used format
• Restrict or object to certain types of data use
• Withdraw consent at any time (for data collected based on consent)

To exercise any of these rights, contact us at: privacy@moodiaapp.com

8. Data Deletion

If you delete your account:

• Your personal information and mood history are permanently erased
• Links to health data sources are removed
• Backup data containing your information is deleted within 30 days
• Aggregated or anonymised data that cannot identify you may be retained for research and analytics

9. Emergency Situations

In situations where there is a serious and immediate risk of harm:

• We may share relevant data with emergency services
• If you've added an emergency contact, they may be notified
• We will only share the minimum necessary information

This is done solely to safeguard your wellbeing or that of others.

10. International Data Transfers

Some of our service providers may store or process data outside the UK (e.g. in the EEA or USA). In such cases:

• We ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses)
• Your rights and protections under UK GDPR continue to apply

11. Changes to This Policy

We may update this Privacy Policy occasionally. If there are significant changes, we will notify you via:

• Email (if you've provided one), or
• In-app notification

Your continued use of Moodia App after such changes constitutes your acceptance of the updated terms.

12. Contact Us

If you have any questions, concerns, or wish to exercise your data rights, please get in touch:

📧 privacy@moodiaapp.com

We aim to respond within 48 hours. Support is available in multiple languages.