Lavender Wellness Privacy Policy
Lavender Wellness ("we," "us," or "our") (also known as Lavender Companion) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital wellness platform and mobile application (collectively, the "Service").
We comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPAA) where applicable, Australian Privacy Act 1988, and other applicable data protection laws globally.
Account Information: Name, preferred name, email address, age, password (hashed with bcrypt)
Profile Data: Focus areas, personality traits, communication preferences, goals, coach persona preferences
Conversation Data: Messages exchanged with AI chatbot, feedback on messages, crisis triggers
Health Metrics: Mood (1-10 scale), sleep hours/quality, energy levels, stress levels, water intake, exercise minutes, burnout risk scores, flow state assessments
Diary Entries: Private journal entries, tags, mood at time of writing, encrypted with optional PIN protection
Action Items: Tasks, due dates, completion status, linked goals and habits
Habits & Goals: Habit names, streaks, completion dates, SMART goal criteria, milestones
Meditation Sessions: Session logs, mood before/after, content preferences, music/playlist selections
Crisis Information: Emergency contacts, crisis event logs (if triggered)
Gamification Data: Points, badges, levels, wellness scores, streaks
Clinical Assessments: PHQ-9, GAD-7, PSS-10, WEMWBS scores (if completed voluntarily)
Preferences: Favorite artists, music genres, interests, hobbies learned from conversations
Payment Information: Billing details processed through Stripe (we store only transaction IDs)
Usage Data: Pages visited, features used, time spent, session duration, interaction frequency
Device Information: Browser type, operating system, device model, screen resolution
Location Data: GPS coordinates (if permission granted), IP-based approximate location, timezone, city/country
Cookies & Local Storage: Session tokens, preferences, chat drafts, dashboard configurations
Telemetry Logs: Error logs, session refreshes, logout events, chat failures, crisis modal openings, module selections
Performance Data: App load times, API response times, feature engagement metrics
Fitbit/Wearables: Steps, heart rate (avg/resting), sleep patterns, active minutes, calories burned, distance traveled, with explicit OAuth authorization
Book Library: PDF/EPUB text extracted for AI-powered search (voluntary uploads only)
YouTube: Video search results based on wellness topics
Local Events: Eventbrite and Ticketmaster event data based on your location
Google Places: Nearby wellness centers, restaurants, markets based on location
Weather & Environment: Local weather, air quality, pollen levels via third-party APIs
We process your personal information for the following purposes:
Service Provision: Deliver personalized AI coaching, wellness recommendations, therapeutic exercises (CBT, DBT, ACT)
Progress Tracking: Monitor health metrics, habits, goals, and mood trends over time
AI Personalization: Learn your preferences (music, communication style, helpful techniques) to improve responses
Insights Generation: Create correlations, trend analyses, professional reports, burnout risk assessments
Crisis Detection: Identify concerning language patterns to trigger safety resources and notify emergency contacts
Gamification: Award points, badges, levels, and track streaks to encourage engagement
Content Recommendations: Suggest meditations, exercises, structured programs, local events based on your data
Notifications: Send reminders, habit check-ins, scheduled notifications (opt-in only)
Payment Processing: Manage subscriptions, process payments via Stripe, track billing history
Platform Improvement: Analyze usage patterns, feature engagement, user satisfaction to enhance the Service
Research & Analytics: Conduct aggregated, anonymized research to improve wellness algorithms (no personal identifiers)
Legal Compliance: Meet regulatory requirements, respond to legal requests, protect rights and safety
Communication: Send service updates, feature announcements, privacy policy changes
Legal Basis (GDPR): Consent, contractual necessity, legitimate interests, legal obligations.
We use OpenAI's API to power AI coaching, generate insights, summarize conversations, and process natural language. Your conversation data, health metrics summaries, and diary excerpts are sent to OpenAI for processing. OpenAI does not use API data to train their models (per their API terms effective March 2023). We implement prompt engineering to minimize sensitive data exposure and request deletion of processed data within 30 days.
Data Minimization: We send only necessary context to OpenAI, excluding identifiable details where possible.
See OpenAI's privacy policy: https://openai.com/privacy
Payment information is processed securely by Stripe, a PCI DSS Level 1 certified payment processor. We do not store full credit card details on our servers—only tokenized references and transaction IDs. Stripe handles all sensitive payment data including card numbers, CVV, and billing addresses.
See Stripe's privacy policy: https://stripe.com/privacy
If you connect your Fitbit account via OAuth 2.0, we access steps, heart rate, sleep data, active minutes, and distance with your explicit authorization. This data is used to enrich health insights and correlations. You can revoke access at any time via Fitbit's settings or our app.
See Fitbit's privacy policy: https://www.fitbit.com/legal/privacy-policy
We use YouTube Data API v3 to search and display meditation videos, sleep stories, and wellness content. We store video titles, IDs, and thumbnails for display purposes. We do not store user watch history or YouTube account information.
See YouTube's privacy policy: https://www.youtube.com/t/privacy
We use Google Places API to find nearby wellness centers, healthy restaurants, and organic markets based on your location. Location queries are temporary and not stored beyond the session.
We fetch local wellness events, concerts, and activities using Eventbrite and Ticketmaster APIs. Event data includes names, dates, venues, and ticket links. We do not purchase tickets on your behalf or store payment information.
Our platform is built on Base44, a backend-as-a-service provider. Base44 stores user data, handles authentication, and manages database operations with AES-256 encryption at rest and TLS 1.3 in transit. Base44 complies with GDPR and SOC 2 standards.
Your data is stored on secure cloud infrastructure (Supabase with AWS backend) with multi-region replication for redundancy. All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Access is restricted to authorized personnel only.
How We Protect Your Sensitive Information
Voluntary Entry: The app may process voluntarily-entered emotional or reflective text. This data is encrypted in transit and at rest.
User Control: Users may request deletion of their data at any time through Settings or by contacting privacy@ember-wellness.com.
No Data Sales: We do NOT sell, rent, or share your personal data with advertisers or third-party marketers. We will never monetize your personal information. This is a core commitment.
Encryption: All data is encrypted using AES-256 encryption at rest and TLS 1.3 in transit.
Limited Access: Only essential personnel with strict confidentiality agreements and background checks have access to user data, and only when absolutely necessary for service operations, technical support, or legal compliance.
Pseudonymization: Where possible, we pseudonymize or anonymize data for analytics and research purposes to protect your identity.
We implement industry-standard security measures to protect your data:
Encryption at Rest: All database records encrypted using AES-256 encryption
Encryption in Transit: All API calls and data transfers use TLS 1.3 with HTTPS
Password Hashing: Passwords are hashed using bcrypt with salt rounds (never stored in plain text)
PIN Protection: Diary entries and chat can be individually password-protected with 4-6 digit PINs (hashed with Base64)
Biometric Authentication: Optional fingerprint/face ID for diary access (device-level, not stored on servers)
Access Controls: Strict role-based access controls (RBAC) limit who can view user data
Session Management: Automatic session timeout after inactivity, secure token storage
Regular Security Audits: Quarterly vulnerability assessments and penetration testing
Incident Response Plan: Documented procedures for data breach response and notification
Secure Development: Code reviews, dependency scanning, automated security testing in CI/CD pipeline
Data Backups: Automated encrypted backups with 30-day retention for disaster recovery
Firewall & DDoS Protection: Web application firewall and DDoS mitigation enabled
Note: While we use industry best practices, no system is 100% secure. We encourage users to enable PIN protection for diary/chat and use strong, unique passwords.
Not a Medical Product / Not Regulated
Lavender Wellness is not intended to diagnose, cure, mitigate, treat, or prevent any disease, mental health condition, or medical disorder.
It is not a medical device under FDA (US), EU MDR (Europe), TGA (Australia), PMDA (Japan), NMPA (China), Health Canada, or Indian Medical Device Rules.
This service is not HIPAA-covered unless you explicitly request and sign a Business Associate Agreement (BAA). Without a BAA, we are not a HIPAA-covered entity or business associate.
The service is provided for general wellness, personal reflection, stress management, and self-improvement only.
Not a Substitute for Professional Care: This app does not replace therapy, counseling, psychiatry, or medical treatment. If you are experiencing a mental health crisis or suicidal thoughts, please contact emergency services immediately or call a crisis helpline.
We retain your data for the following periods:
Active Account Data: Retained for the duration of your active subscription or account
Historical Data: Conversation history, health metrics, diary entries, and habits are retained for up to 2 years to provide continuous personalization and trend analysis
Archived Data: After 2 years, older data is either deleted or anonymized for aggregate research (no personal identifiers)
Billing Records: Transaction history retained for 7 years for tax and accounting compliance
Inactive Accounts: If you don't log in for 12 months and your subscription expires, we send reminder emails. After 18 months of inactivity, data may be deleted unless you request otherwise.
User-Requested Deletion: You can request immediate deletion of your data at any time via Settings. Deleted data is permanently removed within 30 days (except where legal retention is required for billing, disputes, or regulatory compliance).
Legal Hold: Data subject to legal proceedings, investigations, or court orders is retained until the matter is resolved.
Right to Deletion: You can delete your account and all associated data at any time via Settings > Danger Zone.
You have the following rights regarding your personal data:
Right to Access: View all your personal data at any time
Right to Portability: Export your data in CSV/JSON format
Right to Rectification: Correct inaccurate data
Right to Erasure: Request permanent deletion of your account and data
Right to Restrict Processing: Limit how we use your data
Right to Object: Opt-out of certain data uses (e.g., marketing)
Right to Withdraw Consent: Revoke consent for data processing at any time
How to Exercise Your Rights:
Access & Export: Settings > Privacy & Data > Export All My Data
Delete Account: Settings > Danger Zone > Delete Account & All Data
Contact Us: Email privacy@lavenderwellness.com for assistance
We will respond to all requests within 30 days (GDPR) or 45 days (CCPA), with an option to extend by 30 days if necessary.
We do NOT sell, rent, or trade your personal data. Period.
We may share data in the following limited circumstances:
Service Providers: OpenAI (AI processing), Stripe (payments), Base44 (infrastructure), YouTube/Google (content APIs), Eventbrite/Ticketmaster (events) — all under strict data processing agreements (DPAs)
Emergency Contacts: If you trigger a crisis alert (e.g., self-harm language), we may notify your designated emergency contacts with relevant information to ensure your safety
Legal Requirements: If required by law, court order, subpoena, or government request, we will disclose minimal necessary information. We will notify you unless legally prohibited.
Safety & Fraud Prevention: To protect against fraud, abuse, security threats, or harm to users or the public
Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred. You will receive 30 days' notice and the option to delete your account before the transfer.
With Your Consent: Any other sharing requires your explicit, informed consent
Important: We do NOT share your diary entries, conversation transcripts, or health metrics with third parties for advertising or marketing purposes.
We use the following types of cookies:
Essential Cookies: Required for login and core functionality
Analytics Cookies: To understand how you use the Service
Preference Cookies: To remember your settings
You can control cookies through your browser settings, but disabling them may affect functionality.
Lavender Wellness is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected data from a child under 13, we will delete it immediately upon discovery or parental notification.
Ages 13-17: Minors aged 13-17 may use the Service with verifiable parental or guardian consent. Parents can contact us at privacy@lavenderwellness.com to review, modify, or delete their child's data.
Parents who believe their child has provided personal information without consent can email us immediately for removal.
Lavender Wellness operates globally. Your data may be transferred to, stored, and processed in countries outside your residence, including the United States, Australia, and European Union member states. We ensure adequate safeguards are in place:
Standard Contractual Clauses (SCCs): We use EU-approved SCCs for GDPR compliance when transferring data outside the EEA
Adequacy Decisions: We rely on European Commission adequacy decisions where applicable (e.g., EU-US Data Privacy Framework)
Data Processing Agreements: All third-party processors sign DPAs ensuring equivalent data protection
Encryption: Data in transit across borders is encrypted using TLS 1.3
For EEA/UK users: You have the right to obtain a copy of the safeguards we use for international transfers by contacting dpo@lavenderwellness.com.
In the event of a security breach that compromises your personal information, we will:
Notify You: Within 72 hours of discovering the breach (GDPR requirement)
Notification Method: Via email to your registered address and in-app notification
Disclosure Content: Nature of the breach, types of data affected, potential consequences, mitigation steps, and contact information
Regulatory Notification: We will notify relevant data protection authorities as required by law
Remediation: We will take immediate steps to secure systems, investigate the breach, and prevent future incidents
If you suspect unauthorized access to your account, change your password immediately and contact security@lavenderwellness.com.
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Your continued use of the Service after changes constitutes acceptance.
For questions, concerns, privacy requests, or security issues, contact us at:
Privacy Inquiries: privacy@lavenderwellness.com
Data Protection Officer: dpo@lavenderwellness.com
Security Issues: security@lavenderwellness.com
General Support: support@lavenderwellness.com
Mailing Address: Lavender Wellness, [Your Company Address]
EU Representative: For EEA users, you can contact our EU representative at eu-rep@lavenderwellness.com
Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.
By using Lavender Wellness, you acknowledge that you have read, understood, and agreed to this Privacy Policy. Continued use of the Service after policy updates constitutes acceptance of the revised terms.
Version: 2.0 | Effective Date: January 1, 2026