VENTY PRIVACY POLICY

Last Updated: November 12, 2025

Introduction

Venty ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App").

IMPORTANT DISCLAIMER: Venty is an emotional journaling and reflection tool designed to help you process your thoughts and feelings through AI-powered conversations. Venty is NOT a substitute for professional medical or mental health care, diagnosis, or treatment. The AI provides conversational support for self-reflection only and should not be considered medical advice. If you are experiencing a mental health crisis or have serious mental health concerns, please seek help from a qualified mental health professional or contact emergency services immediately.

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Personal Information You Provide

Account Information:

• Email address (for authentication and secure data storage)

Journal Conversation Data:

• Chat messages and conversations you have with the AI
• These conversations may contain personal information including:
  • Personal thoughts, feelings, and emotional states
  • Daily experiences and life situations
  • Relationships and social interactions
  • Stress factors and personal challenges
  • Other personal topics you choose to share

2. Information Collected Automatically

Technical and Usage Data (collected via Mixpanel for onboarding tracking):

• Device information (iPhone model, operating system version)
• App version
• IP address
• Usage analytics (features used, session duration, onboarding progress)
• Crash reports and error logs
• Device identifiers

Note: We do NOT collect location data, even approximate location.

3. Payment Information

All payments are processed through Apple In-App Purchase. We do not collect, store, or have access to your credit card details or billing information. Apple handles all payment processing according to their privacy policy.

How We Use Your Information

We use the information we collect for the following specific purposes:

Email Address

• User authentication and account access
• Secure storage and protection of your data
• Product updates and service announcements (via Brevo email service)

Journal Conversations

• Solely to provide AI-generated responses to your messages
• Conversations are NOT used for AI model training
• Conversations are NOT used for research or product development
• Conversations are NOT analyzed for marketing purposes

Technical/Analytics Data

• Solely to track onboarding completion rates via Mixpanel
• To improve the onboarding experience
• To fix bugs and crashes

We do NOT use your data for:

• Advertising or marketing analytics
• Selling, renting, or trading to third parties
• Building user profiles for commercial purposes
• Any purpose other than those explicitly stated above

How We Share Your Information

Third-Party Service Providers

We share limited information with the following third-party service providers who help us operate the App:

Data Protection Standards

All third-party service providers are required to:

• Maintain the same or greater level of data protection as described in this Privacy Policy
• Use your data only for the specific purposes we've authorized
• Implement appropriate security measures
• Comply with applicable data protection laws

We Will NEVER:

• Sell your personal information to third parties
• Rent or trade your data
• Share your data with advertisers
• Use your data for advertising purposes
• Share your conversations with anyone except the AI service provider (for response generation only)

Human Review of Conversations

Currently, your conversations are NOT reviewed by human staff members. However, we may implement anonymized human review in the future for quality assurance and safety monitoring purposes. If we do:

• All identifying information (including email addresses) will be removed before review
• Reviews will only be conducted for service improvement and user safety
• We will update this Privacy Policy before implementing human review

Data Security

We take data security seriously and implement industry-standard measures to protect your information:

• Encryption in Transit: All data transmitted between your device and our servers uses HTTPS/SSL encryption
• Secure Storage: Data is stored using Firebase's enterprise-grade security infrastructure
• Authentication: Secure password hashing and authentication protocols
• Access Controls: Limited employee access to user data on a need-to-know basis only

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

• Notify you via email within 72 hours of discovering the breach
• Provide details about what information was affected
• Explain steps we're taking to address the breach
• Advise you on steps you can take to protect yourself
• Comply with all applicable data breach notification laws

Data Retention and Deletion

How Long We Keep Your Data

• Account Information: Retained until you delete your account
• Journal Conversations: Retained until you delete your account
• Analytics Data: Retained according to Mixpanel's data retention policies
• Email Data (Brevo): Retained until you unsubscribe or delete your account

Your Right to Delete

You have the right to delete your account and all associated data at any time:

How to Delete:

• Use the "Delete Account" feature within the App settings
• Contact us at ventytherapy@gmail.com

What Happens:

• ALL your data is permanently deleted immediately, including:
  • Email address
  • All chat conversations and message history
  • Account information
• Deletion is irreversible and cannot be undone
• No data is retained after deletion (not even anonymized analytics)

Your Privacy Rights and Choices

Access and Control

You have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you
• Correction: Update or correct your email address within the App
• Deletion: Permanently delete your account and all data (as described above)
• Data Portability: Request an export of your chat conversation history
• Opt-Out: Unsubscribe from marketing emails via the unsubscribe link or email preferences

To Exercise Your Rights: Contact us at ventytherapy@gmail.com with your request. We will respond within 30 days.

Marketing Communications

You can opt out of marketing emails by:

• Clicking the "unsubscribe" link in any marketing email
• Contacting us at ventytherapy@gmail.com
• Adjusting your email preferences in the App

Note: You will still receive essential transactional emails (account notifications, security alerts) even if you opt out of marketing.

International Data Transfers

Venty is operated from Australia, but our service providers (Firebase, AI provider, Mixpanel, Brevo) are primarily US-based. This means your data may be transferred to, stored, and processed in:

• United States
• Australia
• Other countries where our service providers operate

We ensure that all international data transfers comply with applicable data protection laws and that your data receives adequate protection regardless of where it is processed. Our service providers are contractually obligated to protect your data according to this Privacy Policy and applicable laws.

Regional Privacy Rights

For European Union Users (GDPR):

If you are located in the EU, you have additional rights including:

• Right to data portability
• Right to restriction of processing
• Right to object to processing
• Right to lodge a complaint with your local data protection authority

For California Users (CCPA/CPRA):

If you are a California resident, you have rights including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information (Note: We do not sell personal information)
• Right to non-discrimination for exercising your rights

For Australian Users (Privacy Act 1988):

We comply with the Australian Privacy Principles, including your rights to access and correct your personal information.

Children's Privacy

Venty is intended for users aged 17 and older. We do not knowingly collect personal information from anyone under 17 years of age.

If you are under 17, do NOT use this App or provide any information to us.

If we discover that we have collected personal information from someone under 17, we will delete that information immediately. If you believe we have collected information from someone under 17, please contact us at ventytherapy@gmail.com.

Cookies and Tracking Technologies

The Venty App uses standard mobile app technologies including:

• Session tokens for authentication
• Local storage for app functionality
• Standard mobile analytics tracking (via Mixpanel)

We do NOT use:

• Website cookies
• Cross-app tracking
• Advertising identifiers (IDFA) for ad targeting
• Device fingerprinting for tracking purposes

Third-Party Links

The App does not contain links to external websites or third-party services. All functionality is contained within the App itself.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You:

• Updated "Last Updated" date at the top of this policy
• Email notification for material changes that affect how we handle your data
• In-app notification for significant changes

Your Continued Use: Your continued use of the App after changes are posted constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

Legal Basis for Processing (GDPR)

If you are in the European Union, our legal basis for collecting and using your personal information depends on the data and context:

• Contract Performance: Processing necessary to provide the App services you've requested
• Consent: Where you have given explicit consent (e.g., marketing emails)
• Legitimate Interests: For improving our services, security, and fraud prevention

You have the right to withdraw consent at any time where we rely on consent as the legal basis.

Do Not Track Signals

The App does not respond to Do Not Track (DNT) signals because we do not track users across third-party websites or apps. We only collect data within the App as described in this policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Venty
Email: ventytherapy@gmail.com
Address: Level 13, 477 Pitt Street, Sydney, NSW, Australia

Response Time: We aim to respond to all privacy inquiries within 30 days.

Data Protection Officer

For privacy-related inquiries, you may contact us at ventytherapy@gmail.com.

Summary of Key Points

What We Collect:

• Email address (for account access)
• Journal conversations (may contain personal thoughts and feelings)
• Technical data (device info, usage patterns for onboarding tracking)

How We Use It:

• Email: Authentication and product updates
• Conversations: ONLY to provide AI responses (not for training or marketing)
• Technical data: ONLY for onboarding tracking

Who We Share With:

• AI service provider (for generating responses)
• Firebase (secure storage)
• Mixpanel (onboarding analytics)
• Brevo (email updates)
• NO ONE ELSE - We never sell your data

Your Rights:

• Delete your account and all data instantly
• Export your conversation history
• Opt out of marketing emails
• Request information about your data

Age Requirement: 17+ only

Questions? Email ventytherapy@gmail.com

By using Venty, you acknowledge that you have read and understood this Privacy Policy.