Maureen – Privacy Policy

Maureen ("we," "us," or "our") is a mental wellness toolkit designed to support individuals navigating compulsive overeating and intrusive food thoughts. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using Maureen, you agree to the collection and use of information as described in this policy.

1. Information We Collect

1.1 Account Information

Email address. Used to create and sign in to your account.
Password. Stored securely by our authentication provider (Supabase Auth); we never store or see your raw password.
Apple Sign-In. If you sign in with Apple, we receive only your name (or alias) and email address (which may be a private relay address). We do not receive your Apple ID password or any other Apple account data.
Name or nickname. Entered during onboarding for personalization. Visible to other users in groups and peer connections.
Pronouns. Optionally provided during onboarding.

1.2 Onboarding Responses

Reasons for using Maureen (optional). Selected from a predefined list during onboarding. These help us understand why you're here and develop tools better suited to your needs.

1.3 Mental Wellness Data

All of this data is self-reported by you -- we do not access HealthKit, sensors, or any external data sources. This data is private to you unless you explicitly choose to share it in a group (see Section 1.5).

Daily mood entries. Mood labels recorded up to 4 times per day.
Exercise completions. Which exercises you complete and when.
Exercise-specific details. Depending on the exercise, this may include urge names, intensity ratings, technique selections, thought observations, ladder names, step descriptions, and distress ratings.
Meal plans. Meal names, ingredients, and optional photos you add. Stored on your device and synced to our servers.

1.4 User-Created Content

Throughout your use of Maureen, you may create content that is stored on your device, on our servers, or both. Some content is private to you; other content is visible to group members or peer connections depending on how you use it.

Private content (visible only to you unless you explicitly share it in a group):

Reflections. Optional free-text reflections after completing exercises.
Letters to future self (Futures Mail). Title, body, and chosen delivery date. Stored directly on our servers to ensure delivery on your chosen date, even if you reinstall the app.
Wall cards. Text entries you create and save. You control whether other users can see your wall cards through a visibility toggle in your profile settings.
Safety plan. Your personal crisis resource list.
Ladders. Exposure hierarchies you build, including step descriptions and distress ratings.

Shared content (visible to members of your groups or peer connections):

Group messages. Text messages you send in group chats and direct messages. Stored on our servers and visible to all members of that group or conversation.
Shared personal content. When you choose to share reflections, ladders, meal plans, letters, or wall cards in a group chat, a copy of that content is included in the message and visible to all group members.
Uploaded images. Photos you attach to meal plans or group content are uploaded to our servers and may be visible to group members when shared.
Pins. Content you create for groups, including polls, this-or-that choices, links, and other interactive posts. Visible to all members of the group.
Pin responses. Your votes, selections, and other responses to group pins. Visible to other members of the group, along with your name.
Pin comments. Comments and replies you post on pins. Visible to all members of the group.
Peer connections. When you send or accept a peer request, we store the connection between your accounts. Your name is visible to the other user.
Link previews. When you or another group member shares a URL in chat, we may fetch publicly available metadata (title, description, thumbnail) from the linked website to display a preview. We do not send any of your personal data to these websites.

1.5 User Safety Data

Block records. When you block another user, we store a record of that block to filter their content from your view. The blocked user is not notified.
Reports. When you report a user, message, or comment, we store the report along with the reason you selected. Reports are reviewed by our team. After reporting, you are given the option to block the reported user.

1.6 Subscription Information

Plan selection and trial status. Managed through Apple's and Google's In-App Purchase systems. We record which plan you selected and your trial dates. We never see your payment method, credit card number, or account passwords.

1.7 Information Collected Automatically

When you use Maureen, certain technical information may be collected automatically by our third-party service providers:

Crash data (via Sentry). Device model, OS version, stack traces, and recent user actions leading to a crash. This data is not linked to your identity.
Device identifier (via RevenueCat). A random, anonymous identifier used solely for subscription receipt validation. Not used for tracking or advertising.

No browsing history, usage analytics, or behavioral tracking data is collected.

1.8 De-Identified Data

We may create aggregated or de-identified data by removing information that makes it personally identifiable. De-identified data is not personal information and is not subject to this Privacy Policy. We will not attempt to re-identify de-identified data.

1.9 Information We Do NOT Collect

Location data (GPS, IP-based geolocation)
Contacts or address book
Device identifiers for advertising (no IDFA)
Browsing history
Biometric data
Data from other apps on your device

2. How We Use Your Information

We use your information only to provide and operate Maureen's features and functionality. Specifically:

Purpose	Examples
Provide app functionality	Display your name in greetings, show your mood history, surface personal insights, track exercise completions, deliver your future letters on the date you chose
Facilitate peer support	Deliver your messages to group members, display your pins and responses, show your profile to peers and group members, process peer connection requests
Backup and restore	Sync your data to our servers so it can be restored when you sign back in or switch devices
Safety and moderation	Process reports you submit, enforce blocks, review reported content to maintain a safe environment

We do not use your information for:

Advertising or marketing
Selling to third parties
Building user profiles for ad targeting
Training machine learning models
Analytics or behavioral tracking

3. Information Visible to Other Users

When you participate in groups and peer connections, certain information is visible to other users:

What	Who can see it
Name and pronouns	Members of your groups and your peer connections
Bio	Members of your groups and your peer connections
Wall cards	Only if you enable the wall card visibility toggle in your profile settings
Group messages	All members of the group or direct message conversation
Shared content (reflections, ladders, meal plans, letters)	All members of the group where you shared it
Pins you create	All members of the group
Your pin responses (votes, selections)	All members of the group
Your pin comments	All members of the group

Your private data -- mood entries, exercise sessions, unshared reflections, unshared ladders, unshared meal plans, safety plan, and letters -- is never visible to other users unless you explicitly choose to share it in a group chat.

4. How We Store and Protect Your Data

4.1 Architecture

Maureen uses a local-first architecture for personal wellness data. Your moods, exercises, ladders, wall cards, and safety plan are stored on your device first in a local database. This means the app works offline for these features.

Social features (groups, messages, pins, peer connections) require an internet connection and are stored on our servers so they can be delivered to other users.

Letters (Futures Mail) are stored on our servers to ensure delivery on your chosen date.

4.2 Server Infrastructure

Our backend is hosted on Supabase (built on PostgreSQL), which provides:

Encrypted data transmission (TLS/HTTPS)
Row Level Security -- database rules that ensure you can only access data you are authorized to see
Authentication via industry-standard protocols

Uploaded images are stored in Supabase Storage with access controls that restrict visibility to authorized users.

4.3 Data Isolation

Every database query is scoped to your authenticated user ID. Row Level Security policies ensure that you can only access your own personal data and shared data in groups you belong to.

4.4 On-Device Security

Your local database is stored in the app's private sandboxed storage, which is protected by iOS/Android operating system security. If your device has a passcode or biometric lock, your app data is encrypted at rest by the operating system.

4.5 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you as required by applicable law. Where possible, we will notify you via the email address associated with your account.

5. Data Retention

Data type	Retention period
Mood entries	Stored on your device and synced to our servers. Persists until you delete your account
Exercise sessions	Stored on your device and synced to our servers. Persists until you delete your account
Reflections	Stored on your device and synced to our servers. Persists until you delete your account
Letters to future self	Stored on our servers only. Kept until you delete them or delete your account
Ladders and steps	Stored on your device and synced to our servers. Persists until you delete them or delete your account
Wall cards	Stored on your device and synced to our servers. Persists until you delete them or delete your account
Meal plans	Stored on your device and synced to our servers. Persists until you delete them or delete your account
Safety plan	Stored on your device and synced to our servers. Persists until you delete your account
Group messages	Stored on our servers for the lifetime of the group. Cached on your device for up to 30 days
Pins, responses, and comments	Stored on our servers for the lifetime of the group or until the pin expires or is deleted
Peer connections	Stored on our servers until either user removes the connection or deletes their account
Block and report records	Stored on our servers until you delete your account. Reports may be retained longer if needed for safety review
Uploaded images	Stored on our servers until the associated content is deleted or you delete your account
Account info	Kept until you delete your account

6. When You Sign Out or Delete Your Account

Sign Out

When you sign out, you are given the option to back up your data to our servers before signing out. If you choose "Back Up and Sign Out," your recent data is synced to our servers so it can be restored when you sign back in. If you choose "Just Sign Out," all local data is immediately deleted from your device without backing up -- any data not previously synced will be lost. In either case, your account remains active and you can sign back in at any time.

Account Deletion

You can delete your account from within the app's settings. This will:

Delete all personal data associated with your user ID from our servers
Delete your authentication credentials
Revoke your Apple Sign-In token, if applicable (disconnecting Maureen from your Apple ID)
Remove uploaded images from our storage
Remove all local data from your device
Remove you from all groups and peer connections

Messages and content you previously shared in groups may be retained in anonymized form to preserve the continuity of group conversations for other members, but will no longer be associated with your identity.

After deletion, your data cannot be recovered. You may also contact us at support@maureen.care to request account deletion.

Important: Deleting your account does not automatically cancel your App Store or Google Play subscription. You are responsible for cancelling your subscription separately through your device's subscription settings to avoid continued billing.

7. Third-Party Services

We use the following third-party services:

Service	Purpose	Data shared	Privacy policy
Supabase	Authentication, database hosting, file storage	Email, all app data (encrypted in transit)	supabase.com/privacy
Apple (Sign-In and In-App Purchase)	Authentication and subscription billing (iOS)	Name or alias and email for sign-in; payment handled entirely by Apple	apple.com/privacy
Google (In-App Purchase)	Subscription billing (Android)	Payment handled entirely by Google -- we never see payment details	policies.google.com/privacy
RevenueCat	Subscription management	Purchase history, subscription status, anonymous device identifier. Not used for tracking or advertising	revenuecat.com/privacy
Sentry	Crash reporting	Crash logs (stack traces, device model, OS version). No personal data, not linked to identity	sentry.io/privacy

When a URL is shared in a group chat, we may fetch publicly available metadata (title, description, image) from the linked website or its embed provider (such as YouTube or Spotify) to generate a link preview. No user data is sent in these requests.

We do not use:

Analytics services (no Mixpanel, Amplitude, Firebase Analytics, etc.)
Advertising networks
Data brokers
Social media tracking SDKs

8. Children's Privacy

Maureen is not directed at children under 16. We do not knowingly collect information from children under 16. If you believe a child under 16 has provided us with personal information, please contact us and we will delete it.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

Access your data -- request a copy of all data we hold about you
Correct your data -- update inaccurate information
Delete your data -- request account and data deletion (see Section 6)
Export your data -- request a portable copy of your data

To exercise any of these rights, contact us at support@maureen.care.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected on our website with an updated "Last updated" date at the top of this policy. We encourage you to review this policy periodically.

Your continued use of Maureen after changes take effect constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or your data:

Email: support@maureen.care

12. Additional Rights for U.S. State Residents

This section applies to residents of California (under the CCPA/CPRA), Colorado, Connecticut, Virginia, and other U.S. states with comprehensive privacy laws. These rights are in addition to those described in Section 9.

12.1 Categories of Personal Information Collected

We collect the categories of personal information described in Section 1, which include: identifiers (name, email address), sensitive personal information (mental wellness data, pronouns, reasons for using the app), user-generated content (reflections, letters, wall cards, safety plan entries, group messages, pins, comments), social data (group membership, peer connections, block and report records), and commercial information (subscription status).

We do not sell and do not share your personal information as those terms are defined under the CCPA/CPRA. We have not sold or shared personal information in the preceding 12 months. We do not engage in cross-context behavioral advertising. Because we do not sell or share personal information, no opt-out is required -- but you may still contact us at support@maureen.care with any concerns.

12.3 Your Rights

Depending on your state of residence, you may have the right to:

Right to know. Request the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collecting it, and the categories of third parties with whom it is disclosed.
Right to delete. Request deletion of your personal information (see Section 6 for how to delete your account and data).
Right to correct. Request correction of inaccurate personal information.
Right to opt-out of sale or sharing. We do not sell or share your personal information, so this right does not apply. See Section 12.2.
Right to limit use of sensitive personal information. We use sensitive personal information (mental wellness data, pronouns) only to provide the app's core functionality, which is a permitted use under the CCPA/CPRA.
Right to non-discrimination. We will not discriminate against you for exercising any of these rights.

12.4 How to Submit a Request

To exercise any of the rights above, contact us at support@maureen.care. We will verify your identity before fulfilling a request, typically by confirming ownership of the email address associated with your account. We will respond within the timeframe required by applicable law (45 days under the CCPA/CPRA, with extensions as permitted).

12.5 Other State Privacy Laws

Residents of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, and other states with comprehensive privacy laws have similar rights to access, delete, and correct personal information, and to opt out of targeted advertising, profiling, and sale of personal data. None of these activities apply to Maureen. To exercise any rights under your state's law, contact us at support@maureen.care.

13. Additional Rights for International Users

Maureen is available internationally. Depending on where you are located, you may have additional rights under local data protection laws. This section supplements the general rights described in Section 9.

13.1 International Data Transfers

Our servers are hosted in the United States via Supabase. If you use the Service from outside the United States, your personal data is transferred to and processed in the United States. Where required by applicable law, we rely on standard contractual clauses or other lawful transfer mechanisms to ensure adequate protection of your data.

If you are located in the EEA, UK, or Switzerland, the General Data Protection Regulation (GDPR) or equivalent legislation applies to our processing of your data.

Legal basis for processing:

Performance of a contract. Processing your account information, wellness data, and content is necessary to provide the Service to you under these Terms.
Legitimate interests. We process safety data (block and report records) and perform server maintenance to keep the Service secure and operational, where these interests are not overridden by your rights and freedoms.
Consent. Where required by law, we obtain your consent before processing. You may withdraw consent at any time by contacting us, though this will not affect the lawfulness of processing carried out before withdrawal.

Additional rights under the GDPR:

Right to restriction of processing. Request that we restrict processing of your personal data under certain circumstances.
Right to data portability. Receive your personal data in a structured, commonly used, and machine-readable format, and transmit it to another controller.
Right to object. Object to our processing of your personal data where we rely on legitimate interests as the legal basis.
Right to withdraw consent. Where processing is based on consent, withdraw that consent at any time.
Right to lodge a complaint. You may lodge a complaint with the supervisory authority in your country of residence.

We will respond to GDPR requests within 30 days, with extensions as permitted.

13.3 Canada (PIPEDA)

If you are located in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial legislation may apply. You have the right to access, correct, and request deletion of your personal information. We process your data with your knowledge and consent, which you may withdraw at any time by deleting your account or contacting us. We will respond to requests within 30 days.

13.4 Australia (Privacy Act)

If you are located in Australia, the Privacy Act 1988 and the Australian Privacy Principles (APPs) apply. You have the right to access and correct the personal information we hold about you. If you believe we have breached the APPs, you may lodge a complaint with us at support@maureen.care, and if unsatisfied with our response, with the Office of the Australian Information Commissioner (OAIC).

13.5 Brazil (LGPD)

If you are located in Brazil, the Lei Geral de Protecao de Dados (LGPD) applies. You have the right to confirm whether we process your data, access it, correct inaccuracies, request anonymization or deletion of unnecessary data, request data portability, and withdraw consent. We process your data based on your consent and the necessity of performing our contract with you.

13.6 Japan (APPI)

If you are located in Japan, the Act on the Protection of Personal Information (APPI) applies. You have the right to request disclosure, correction, and deletion of your personal information. We will not provide your personal information to third parties without your consent, except as required by law.

13.7 South Korea (PIPA)

If you are located in South Korea, the Personal Information Protection Act (PIPA) applies. You have the right to access, correct, delete, and suspend processing of your personal information. We collect and use your personal information based on your consent and for the purposes described in this Privacy Policy.

13.8 General

If your country or region is not specifically listed above but has data protection laws that grant you rights regarding your personal information, we will honor those rights to the extent required by applicable law. To exercise any rights, contact us at support@maureen.care. We will respond within the timeframe required by your local law.