Your privacy matters

How Serenity AI protects your data.

1. Data We Collect

Account Data: Email address, display name, and authentication method (email/password, Apple Sign In, or Google OAuth). Apple Sign In uses SHA-256 nonce hashing for secure authentication.

Wellness Data: Daily mood check-ins (mood, energy, stress levels), exercise completions and feedback, journal entries (with optional AI analysis), and voice session usage.

AI Memory Data: To personalize your experience, our AI extracts and stores meaningful facts from your conversations. These are organized into 10 types:

Preferences, patterns, and context
Boundaries and triggers
Milestones and life events
Relationships, goals, and coping strategies

Memories are stored with 384-dimensional vector embeddings to enable semantic search, allowing the AI to recall relevant context during conversations.

Push Notification Tokens: Device tokens for delivering optional push notifications. You can disable notifications at any time.

Analytics & Error Data: We use Mixpanel for anonymized usage analytics and Sentry for crash/error reporting. Neither service receives your conversation content or wellness data.

2. How We Protect Your Data

Row-Level Security (RLS) is enforced on every database table. This means your data is cryptographically isolated — no other user can ever access your information, even in the event of an application bug.

Authentication via Supabase Auth with secure token management
Sensitive on-device data stored using expo-secure-store (encrypted)
Tokens are never hardcoded or stored in application code
All data transmitted over HTTPS/TLS
We do not sell, rent, or share your personal data with third parties for marketing purposes

3. Safe Space Mode

Safe Space Mode enables fully ephemeral conversations. When active:

No memories are extracted from the conversation
No conversation data is persisted to our servers
The AI's memory tool is completely disabled
Your conversation exists only for the duration of the session

You can toggle Safe Space Mode on or off at any time from your settings.

4. Your Rights & Control

You have full control over your data:

View memories: See everything the AI has learned about you in "Your Inner World"
Edit memories: Correct any memory the AI has stored
Delete memories: Remove any individual memory at any time
Delete your account: GDPR-compliant full account deletion with cascading removal of all data — conversations, memories, check-ins, journal entries, exercise history, subscriptions, and notification preferences

5. Third-Party Services

Serenity AI uses the following third-party services to deliver its features:

Anthropic (Claude AI)

Powers AI conversations. Conversation content is processed but not stored by Anthropic for training.

ElevenLabs

Provides natural voice synthesis for voice sessions.

Supabase

Database, authentication, and edge functions. All user data is stored securely with RLS.

RevenueCat

Manages subscriptions and payment processing through App Store and Google Play.

Mixpanel

Anonymized usage analytics. Does not receive conversation content.

Sentry

Error and crash reporting. Does not receive personal or wellness data.

6. Payments

All payments are processed through Apple App Store or Google Play Store via RevenueCat. Serenity AI does not directly collect or store credit card numbers or payment details. Subscription status is synced to your profile for feature access.

7. Children's Privacy

Serenity AI is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children.

8. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes through the app or via email. Continued use of Serenity AI after changes constitutes acceptance of the updated policy.

9. Contact Us

For privacy-related questions, data access requests, or account deletion:

privacy@serenityai.app

Read our Terms of Service →