This is some text inside of a div block.

Privacy Policy

Last updated: 20th september 2025

EchoNest (“we”, “our”, or “us”) is committed to protecting your privacy and ensuring your data is handled safely and transparently. This Privacy Policy explains how we collect, use, and protect your information when you use our website, mobile app, and AI therapy services.

1. Information We Collect

When you use EchoNest, we may collect the following types of information:

a) Personal Information You Provide

• Name, email address, and account details when you register.
• Payment details when you subscribe (processed securely by third-party providers like Stripe — we do not store card numbers).
• Optional demographic information (age, gender, country) to personalize your experience.

b) Therapy & Usage Data

• Text, voice, or chat interactions with EchoNest.
• Journaling entries, mood tracking, and check-ins you complete in the app.
• Session history (timestamps, plan usage).

c) Technical Information

• Device type, operating system, browser type.
• IP address, location (city-level only).
• Cookies and similar technologies (for analytics, performance, and preferences).

2. How We Use Your Information

We use your information to:

• Deliver AI-powered therapy sessions (chat & voice).
• Provide personalized insights, journaling, and progress tracking.
• Improve our AI models (using anonymized, aggregated data only).
• Process payments and manage subscriptions.
• Ensure platform security and prevent abuse.
• Communicate with you about updates, features, and support.

We never sell your personal data.

3. Legal Basis for Processing (GDPR)

If you are in the UK or EU, we process your data under these bases:

• Consent (you agree when signing up).
• Contract (to deliver the service you paid for).
• Legitimate Interest (to improve and secure our platform).
• Legal Obligation (if required by law).
  

4. Data Storage & Security

• All data is encrypted in transit (HTTPS/TLS) and at rest.
• We use secure cloud providers (AWS/GCP/Azure) with compliance certifications.
• Access to data is restricted to authorized personnel only.
• Journals, chats, and therapy records are stored privately and never shared with third parties without your consent.
  

5. Sharing of Data

We may share your data only with:

• Payment processors (Stripe, PayPal) for billing.
• Analytics providers (Google Analytics, Mixpanel) to improve user experience.
• Legal authorities if required by law (e.g., safety, fraud, or court orders).

We do not share your therapy data for advertising purposes.

6. Your Rights

Depending on your location, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion (“right to be forgotten”).
• Withdraw consent at any time.
• Export your data (data portability).
• Object to certain types of processing.

7. Children’s Privacy

EchoNest is not intended for individuals under 16 years of age. We do not knowingly collect data from children.

8. Data Retention

• Account data is retained while your subscription is active.
• Journals and session data are deleted within 30 days of account deletion.
• Payment records are retained as required by financial regulations.

9. International Data Transfers

Your data may be transferred and stored outside your home country. We ensure safeguards (such as EU Standard Contractual Clauses) are in place for international transfers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated date.

11. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact: hello@echonest.co.uk