Beta Build 1.0

Privacy Policy

Your privacy and data security are our top priorities. Learn how we protect your information.

Last Updated: March 6, 2026

This privacy policy explains how THRPY collects, uses, and protects your personal information.

Information We Collect

Personal Information

  • Name and email address
  • Date of birth and basic demographic information
  • Account preferences and settings
  • Payment information (processed securely through third-party providers)

Therapy Session Data

  • Text messages and conversations
  • Voice recordings (if voice therapy is used)
  • Video recordings (if video therapy is used)
  • Mood logs and assessment responses
  • Diary entries and personal notes

Technical Information

  • Device information and browser type
  • IP address and location data
  • Usage patterns and session duration
  • Error logs and performance data
  • Security event and authentication metadata

How We Use Your Information

Therapy Services

  • Provide personalized AI therapy sessions
  • Analyze emotional patterns and mental health trends
  • Generate insights and recommendations
  • Track progress and support effectiveness

Platform Improvement

  • Enhance AI algorithms and therapy techniques
  • Improve user experience and interface design
  • Develop new features and capabilities
  • Conduct research and analytics using anonymized or aggregated data where possible

Communication

  • Send important service updates and notifications
  • Provide customer support and assistance
  • Share relevant mental health resources
  • Notify about policy changes or security updates

Legal Basis for Processing

  • Performance of a contract when delivering account and therapy services
  • Legitimate interests in operating, securing, and improving the platform
  • Consent where required by law (including optional communications)
  • Compliance with legal and regulatory obligations

Data Protection & Security

Encryption

  • Encryption for therapy data in storage and transit
  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Secure key management and rotation

Access Controls

  • Role-based access controls for staff
  • Multi-factor authentication for all accounts
  • Regular security audits and penetration testing
  • Limited access to personal data on a need-to-know basis

Compliance

  • HIPAA-aligned data handling practices
  • UK GDPR and EU GDPR-aligned controls
  • Data Protection Act 2018-aligned processes
  • Regular compliance and security reviews

Information Sharing

We Do NOT Share

  • Your therapy session content with third parties
  • Personal mental health data with advertisers
  • Individual user data for marketing purposes
  • Sensitive information without explicit consent

Limited Sharing

  • Anonymized, aggregated data for research
  • Information with your explicit consent
  • Data required by legal authorities (with proper warrants)
  • Information with emergency services (in crisis situations)

International Transfers

  • Where data is transferred across borders, appropriate safeguards are applied
  • Transfers are limited to approved processors and service providers
  • Contractual and technical protections are used to protect transferred data

Your Rights

Data Access & Control

  • Access all your personal data we hold
  • Download your data in a portable format
  • Correct or update inaccurate information
  • Delete your account and associated data
  • Request a copy of key processing details

Privacy Controls

  • Opt out of non-essential data collection
  • Control data sharing preferences
  • Manage communication preferences
  • Request data processing restrictions

Retention & Deletion

  • We retain data only as long as needed for service delivery, safety, and legal obligations
  • When data is no longer required, it is deleted or irreversibly anonymized
  • Backup and audit records are retained for limited periods under security policy

Questions About Your Privacy?

We're committed to transparency and are here to answer any questions you may have about how we handle your data.

Privacy Officer

Email: hello@thrpy.ai

We aim to respond to all privacy inquiries within 48 hours.

This privacy policy is effective as of March 6, 2026. We may update this policy from time to time. We will notify you of any material changes by posting the new privacy policy on this page.

THRPY is proprietary software. Copyright © 2026 THRPY LTD. Patents pending.