Privacy Policy

Last Updated: April 16, 2026

⚠️ Emergency Situations and Crisis Disclaimer

PLEASE READ THIS SECTION CAREFULLY

IF YOU ARE EXPERIENCING THOUGHTS OF SUICIDE, SELF-HARM, OR HARMING OTHERS, OR IF YOU ARE EXPERIENCING A MENTAL HEALTH EMERGENCY:

• IMMEDIATELY STOP USING EMOTE
• DIAL 988 (US) FOR THE SUICIDE AND CRISIS LIFELINE
• CALL YOUR LOCAL EMERGENCY SERVICES (911 IN US)
• GO TO THE NEAREST EMERGENCY ROOM
• CONTACT A QUALIFIED MENTAL HEALTH PROFESSIONAL

EMOTE IS NOT AN EMERGENCY SERVICE AND CANNOT HELP IN CRISIS SITUATIONS.

1. Introduction

At Emote ("we," "our," or "us"), accessible from https://emotenow.app , one of our main priorities is the privacy of our visitors and users. This Privacy Policy document contains types of information that is collected and recorded by Emote and how we use it.

By using our website and services, you hereby consent to our Privacy Policy and agree to its terms. This policy is compliant with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Information We Collect

A. Information You Provide

When you register for an account, we may collect the following personal information:

• Name (optional/pseudonym allowed)
• Email address (for authentication via Google or Magic Link)
• Google Profile ID (if logging in via Google OAuth)
• Profile preferences and settings

B. Conversation Data

We collect the text input you provide during your conversations with the Emote AI. This data is essential for the functionality of the service (generating AI-powered conversational responses, somatic detection, and personalized emotional support).

Your conversations are private and confidential. They are stored securely and are only accessible to you and authorized technical personnel for debugging critical errors or safety flagging purposes.

C. Automatically Collected Data

Like most online services, we automatically collect certain technical information when you use our service:

• IP addresses (anonymized for analytics)
• Browser type and version
• Device type and operating system
• Internet Service Provider (ISP)
• Date and time stamps of access
• Pages visited and features used
• Referring/exit pages

This information is not linked to any personally identifiable information and is used solely for improving service performance and security.

D. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. These include:

• Essential Cookies: Required for authentication and core functionality
• Analytics Cookies: Help us understand how users interact with our service
• Preference Cookies: Remember your settings and preferences

You can control cookie preferences through your browser settings. Note that disabling essential cookies may affect the functionality of our service.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, operate, and maintain our AI-powered emotional wellness service
• Personalization: To improve and personalize your experience based on your preferences and interaction patterns
• Service Improvement: To analyze anonymized and aggregated conversation logs to improve the quality, safety, accuracy, and somatic detection capabilities of our AI models
• Communication: To send you service updates, technical notices, security alerts, and support messages
• Safety & Compliance: To detect and prevent fraud, abuse, or violations of our terms of service
• Legal Obligations: To comply with applicable laws, regulations, and legal processes

Important: Personally Identifiable Information (PII) is removed from datasets used for general model training and improvement. Your individual conversations are never shared with third parties for marketing purposes.

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Consent: You have given explicit consent for us to process your personal data for specific purposes (e.g., creating an account, receiving communications)
• Contract Performance: Processing is necessary to fulfill our service agreement with you
• Legitimate Interests: Processing is necessary for our legitimate interests (e.g., improving our service, fraud prevention) that do not override your rights
• Legal Obligation: Processing is required to comply with legal obligations

5. Data Security & Encryption

We take your security seriously and implement industry-standard security measures:

Encryption in Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3 (HTTPS), ensuring that your conversations and personal information cannot be intercepted during transmission.

Encryption at Rest

Your conversation data is stored in our secure databases (Supabase/PostgreSQL) with industry-standard encryption protocols. All sensitive data is encrypted at rest using AES-256 encryption.

Access Control

We employ strict Role-Level Security (RLS) policies. Your data is accessible only to you and authorized technical personnel for the sole purpose of:

• Debugging critical errors
• Safety flagging and content moderation
• Compliance with legal obligations

Security Best Practices

• Regular security audits and penetration testing
• Secure authentication via OAuth 2.0 and magic links
• Multi-factor authentication options
• Automated breach detection and monitoring
• Incident response procedures

While we implement robust security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data to the best of our ability.

6. Third-Party Services

We use trusted third-party vendors for infrastructure and service delivery. These vendors are bound by strict data protection agreements:

Infrastructure Providers

• Supabase: For database hosting, authentication, and real-time features. Supabase is SOC 2 Type II compliant and GDPR-ready.
• Netlify/Vercel: For hosting and content delivery. All data transmission is encrypted.

AI/LLM Providers

We process your conversation text through enterprise-grade API providers (such as OpenAI, Anthropic, or similar) solely for generating conversational AI responses.

Important: We do NOT opt-in to allowing these providers to train their public models on your data. We use enterprise API agreements that explicitly prohibit the use of your data for model training by third parties.

Analytics Services

• We may use privacy-focused analytics tools to understand service usage patterns
• All analytics data is anonymized and aggregated
• No personally identifiable information is shared with analytics providers

Payment Processing

If we offer paid features, payment processing is handled by trusted providers (such as Stripe). We do not store your full credit card information on our servers. Payment processors are PCI-DSS compliant.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

• Account Data: Retained while your account is active and for a reasonable period after deletion to prevent fraud
• Conversation Data: Retained while your account is active. You can delete individual conversations or your entire conversation history at any time
• Anonymized Analytics: May be retained indefinitely as it cannot be linked back to you
• Legal Requirements: Some data may be retained longer if required by law or for legitimate legal purposes

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with similar privacy laws, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
• Right to Restrict Processing: Request that we limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to our processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time where we rely on consent
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise any of these rights, please contact us at founder@emotenow.app . We will respond to your request within 30 days.

9. Account and Data Deletion

You have full control over your data. You may request the deletion of your account and associated data at any time through:

• The account settings page within the application
• Emailing us at founder@emotenow.app

Upon receiving your deletion request, we will:

• Permanently delete your account within 30 days
• Remove all personally identifiable information from our systems
• Retain only anonymized, aggregated data for analytics (which cannot be linked back to you)
• Comply with legal retention requirements if applicable

Note: Once deleted, your account and conversation history cannot be recovered.

10. Children's Privacy

Emote is not intended for use by children under the age of 18 without parental consent and supervision. We do not knowingly collect personal identifiable information from children under 13.

If you are between 13 and 18 years old, you may only use Emote with the consent and supervision of a parent or legal guardian.

If we become aware that we have collected personal information from a child under 13 without proper parental consent, we will take steps to delete that information immediately. If you believe that a child under 13 has provided us with personal information, please contact us at founder@emotenow.app .

11. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

If you are located in the EEA or UK, we ensure that any data transfers comply with GDPR requirements through:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for certain countries
• Other legally approved transfer mechanisms

12. AI Service Disclaimer

Emote provides general emotional wellness support through AI technology. However:

• Emote is not a licensed therapist or mental health provider
• The AI is not a substitute for professional medical advice, diagnosis, or treatment
• Emote does not guarantee the accuracy, completeness, or appropriateness of the AI's advice
• You acknowledge that Emote is not responsible for any consequences, harm, or losses resulting from using the AI's advice
• Emote is not suitable for emergency situations or crisis intervention

Always consult with a qualified healthcare provider for medical advice and treatment.

13. Communication and Marketing

By creating an account, you consent to receive emails from Emote regarding:

• Essential service updates and security alerts (cannot opt-out)
• Feature announcements and product updates
• Feedback requests and user research invitations
• Promotional content and special offers (optional)

You may opt out of promotional emails at any time by:

• Clicking the "unsubscribe" link in any promotional email
• Updating your communication preferences in account settings
• Contacting us at founder@emotenow.app

14. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (for significant changes)
• Displaying a prominent notice within the application

We encourage you to review this Privacy Policy periodically. Continued use of our service after changes constitutes acceptance of the updated policy.

15. Third-Party Links and Services

Our service may contain links to external websites or resources that are not operated by us. We are not responsible for the privacy practices or content of these third-party sites.

We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: founder@emotenow.app

Website: https://emotenow.app

Data Protection Officer: Available upon request

17. Your Acknowledgment

By using Emote, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please do not use our service.

Your emotional wellness journey matters to us, and protecting your privacy is a fundamental part of that commitment.