Privacy Policy

1. Information We Collect

• Account and identity information: email address, display name, username, account identifiers, authentication state, profile photo URL, subscription status, and settings. Trana uses Clerk for account authentication. Guest use creates a limited guest session identifier.
• Wellbeing, health-related, and app content: mood and stress check-ins, clinical assessment answers where you use assessments, journal entries, AI conversation text, tool responses, safety plans, trusted safety contacts you add, support preferences, memory items you create or allow Trana to keep, and related timestamps. This may include sensitive personal information and, under UK/EU law, special category data concerning health or emotional wellbeing.
• Community and social content: support-circle invitations and interactions, Calm Garden posts, daily prompt responses, reactions, hugs, reports, mutes, blocks, gentle-challenge participation, in-app community notifications, and moderation metadata. Some community surfaces are designed to hide your account identity from other users, but Trana still uses internal identifiers for safety, moderation, abuse prevention, deletion, and support workflows.
• Safety contact information: names, relationships, phone numbers, message text you choose to send, delivery result, and SMS-notification metadata for trusted contacts you add.
• Photos and media: photos you choose from your library or camera for your profile image, along with upload metadata needed to store, display, replace, and delete that image.
• Voice, speech, and audio interaction data: if you use microphone or speech features, iOS and Apple speech services may process voice input to produce text. Trana stores the resulting text when you submit it as part of a conversation, journal entry, tool response, or other app content. Trana does not store raw voice recordings as part of your account history.
• Purchase and entitlement information: App Store subscription product IDs, transaction identifiers, original transaction identifiers, renewal state, billing status, trial state, entitlement status, and related timestamps. We do not receive your full payment card details from Apple.
• Notifications, usage, diagnostics, and device information: push tokens or notification identifiers, notification preferences and delivery logs, feature usage, product interaction events, request IDs, app version, device model, iOS version, crash/error diagnostics, security logs, and network metadata processed by our hosting and infrastructure providers.
• On-device settings: local preferences, guest-session state, reminder settings, biometric lock preferences, and other device-local settings. Face ID and Touch ID authentication are handled by iOS; we do not receive or store biometric templates.

2. How We Use Information

• Provide Trana's chat, journaling, coping tools, insights, safety, community, account, and subscription features.
• Personalise tone, recommendations, memory, tool suggestions, progress summaries, and safety-aware routing.
• Generate AI responses, safety classification, summaries, embeddings, roleplay turns, sleepcasts, journal reflections, moderation assistance, and text-to-speech where enabled.
• Operate support-circle, community, profile, notification, safety-contact, export, deletion, and moderation features.
• Maintain subscriptions, restore purchases, enforce plan limits, prevent fraud and abuse, and secure the service.
• Send local notifications, push notifications, in-app community alerts, or trusted-contact SMS messages where you enable or initiate those features.
• Monitor reliability, diagnose crashes, understand aggregate product usage, and improve Trana.
• Respond to privacy, support, legal, safety, and compliance requests.

We do not sell personal information. We do not share personal information for cross-context behavioural advertising. We do not use your journal or conversation content to train external foundation models.

3. GDPR and UK GDPR Legal Bases

Where UK GDPR or EU GDPR applies, we rely on the following legal bases depending on the feature and context:

• Contract: to provide the App, account features, subscription entitlements, support, purchases, export, deletion, and requested services.
• Consent: for optional permissions or features such as push notifications, microphone/speech input, camera/photo access, optional memory and personalisation choices where consent is requested, and marketing communications if we ever offer them.
• Explicit consent for special category data: when you choose to submit wellbeing, mental-health, clinical assessment, safety-plan, crisis, or other health-related content, you explicitly consent to us processing that content to provide the feature you requested and related safety, moderation, export, deletion, and support workflows.
• Legitimate interests: to secure Trana, prevent abuse and fraud, debug errors, maintain service reliability, understand non-advertising product usage, improve features, and protect users and the community, unless your rights override those interests.
• Legal obligation: to comply with tax, accounting, consumer, App Store, law-enforcement, regulatory, or legal-process obligations.
• Vital interests: in limited circumstances where processing is reasonably necessary to protect someone's life or immediate safety.

You can withdraw consent for optional permissions through iOS Settings, in-app settings where available, or by contacting us. Withdrawing consent does not affect processing that happened before withdrawal or processing that relies on another legal basis.

4. AI and Service Providers

We use service providers to operate Trana. They may process information only as needed to provide services to us, protect users, maintain the App, or comply with law.

• Clerk: authentication, account identity, email/account metadata, and session management.
• Convex: backend database, functions, mobile API data, app storage, and real-time sync.
• Mistral AI: AI responses, safety classification, moderation assistance, summaries, embeddings, reranking, and text-to-speech where enabled.
• Qdrant: vector storage and semantic search for memory embeddings where configured.
• CAMB.AI: fallback text-to-speech generation where enabled.
• Apple: App Store purchases, StoreKit transactions, Sign in with Apple, push notifications, microphone, speech, photo-library, camera, and operating-system security features.
• OneSignal: push notification delivery, notification identifiers, device tokens, and notification engagement where enabled.
• Cloudinary: profile photo upload, storage, delivery, replacement, and deletion.
• Telnyx: trusted-contact SMS delivery when you choose to send a message.
• Stripe: web subscription billing where used outside the iOS App Store flow.
• PostHog: web product analytics where enabled. Private mode suppresses Trana analytics events where implemented.
• Sentry: reliability monitoring and error diagnostics where enabled, with PII scrubbing configured for Trana services.
• Cloudflare R2 or Convex storage: managed storage for admin-uploaded guided audio assets and other app files where enabled.

5. Notice at Collection for California Residents

This section applies to California residents to the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA"), applies to us. In the last 12 months, Trana has collected or may collect the categories below.

• Identifiers: email, display name, username, Clerk ID, Trana user ID, guest session ID, notification identifiers, Apple transaction identifiers, profile photo URLs, and safety contact names/phone numbers you provide. Used for account, app functionality, safety, subscription, notification, and support purposes.
• Customer records and commercial information: subscription status, purchase history, entitlement state, billing identifiers, plan limits, and support records. Used for purchases, entitlements, fraud prevention, support, and legal compliance.
• Internet or electronic activity information: app interactions, product events, request IDs, diagnostics, crash/error data, device/app version, and notification engagement. Used for app functionality, security, debugging, analytics, and reliability.
• Audio, visual, and user content: profile photos you upload, text created from speech input, AI conversations, journal entries, tool responses, community posts, prompt responses, safety-plan content, and trusted-contact SMS text you choose to send. Used to provide requested features, AI support, moderation, safety, export, and deletion.
• Sensitive personal information: account login information handled through authentication providers; wellbeing, mental-health, clinical-assessment, safety-plan, crisis, and other health-related content you choose to submit; and precise safety contact details you choose to add. Used only to provide Trana, maintain safety, secure the service, comply with law, and support your requests.
• Inferences: support preferences, tool preferences, risk tier, insights, memory items, progress patterns, and personalisation models derived from your app activity and content. Used for app functionality, personalisation, safety, and insights.

We do not sell personal information or share it for cross-context behavioural advertising. We do not use or disclose sensitive personal information for purposes that require a right to limit under the CCPA, except as needed to provide requested services, ensure security, prevent abuse, or comply with law.

6. Sources, Disclosures, and Retention

We collect information from you, your device and App activity, Apple/StoreKit, Clerk, service providers, and App operations. We disclose information to service providers listed in this policy, to Apple and payment providers for purchase flows, to trusted contacts when you send them an SMS, to other users only where a community or support-circle feature is designed to show content, and to authorities or others where required by law or necessary for safety, security, or legal claims.

We retain personal information only for as long as reasonably necessary for the purposes described above. Account and app content is generally kept while your account is active or until you delete it. Guest identifiers on the device are time-limited, but guest-linked server records may remain until merged, deleted, or cleaned up under operational retention. Community blocks expire after a limited period where configured, and support-circle invitations expire where configured. Billing, tax, fraud, security, moderation, backup, and legal records may be retained longer where required or permitted by law. We use retention criteria based on feature needs, legal duties, user deletion requests, safety, fraud prevention, and technical backup cycles.

7. Export, Deletion, and Your Rights

You can export your data and initiate account deletion from Trana Settings where the App provides those controls. Account deletion removes your Trana account data from active app databases and schedules deletion of linked memory vectors where applicable. Some identity-hidden community content, backup, billing, fraud-prevention, security, moderation, or legal records may be retained for a limited period where required or permitted by law. Deleting your Trana account does not cancel an Apple subscription; manage App Store subscriptions in your Apple account subscription settings.

Depending on where you live, you may have rights to:

• Access or know the personal information we process about you.
• Correct inaccurate personal information.
• Delete personal information, subject to legal and safety exceptions.
• Receive a portable copy of certain information.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.
• Opt out of sale or sharing for cross-context behavioural advertising; Trana does not currently sell or share personal information in that way.
• Limit use of sensitive personal information where the CCPA gives that right.
• Not be discriminated against for exercising privacy rights.

To exercise rights, use in-app controls or contact support@trana.live. We may need to verify your identity before acting on a request. If UK/EU law applies, you may also complain to the UK Information Commissioner's Office or your local data protection authority.

8. Your Choices and Controls

• You can use guest mode for limited access without creating a Trana account.
• You can export data and delete your account from Trana Settings.
• You can manage Apple subscriptions in your Apple account subscription settings.
• You can control microphone, speech recognition, notifications, camera/photo access, and biometrics in iOS Settings.
• You can archive or delete saved memory items where the App provides those controls.
• You can add, change, or remove your profile photo and trusted safety contacts.
• You can report, mute, block, or limit community interactions where those controls are available.

9. Security

We use technical and organisational safeguards designed to protect personal information, including authenticated API access, platform security controls, provider-side protections, PII scrubbing for diagnostics where implemented, and deletion/export workflows. No internet or mobile service can guarantee absolute security, and you should keep your device, Apple ID, and sign-in method secure.

10. Children

Trana is intended for adults aged 18 and older. We do not knowingly collect personal information from children under 18. If you believe a child has provided personal information to Trana, contact us so we can delete it.

11. International Transfers

We and our service providers may process information in the United Kingdom, United States, European Economic Area, and other locations. Where required, we rely on appropriate safeguards such as adequacy regulations, standard contractual clauses, the UK International Data Transfer Addendum or Agreement, or service-provider transfer mechanisms.

12. Changes to This Policy

We may update this Privacy Policy as Trana changes or as legal requirements evolve. If a change is material, we will take reasonable steps to notify users through the App, website, App Store listing, or another appropriate channel. The latest version is identified by the date above.