Logo
How It Works

Privacy Policy

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use GemMate. By using our Services, you agree to this Privacy Policy.

GemMate is a mental wellness mobile application that helps users build healthier habits through mood tracking and meaningful social interaction. We are committed to protecting your privacy and handling your personal information with care and transparency.

  1. Information We Collect
    • Personal Information: Full name, email address, authentication credentials (email/password, Google ID, Apple ID), account login information, and subscription plan details.
    • Mood Tracking Data: Daily mood logs on a 1-5 scale, timestamps of mood entries, and mood history patterns used to identify early signs of mental wellness challenges.
    • Social Goal Data: Weekly social interaction goals, goal progress tracking, completion status, and interaction frequency with loved ones.
    • Emergency Contact Information: Names, phone numbers, and email addresses of 1-3 trusted contacts provided during onboarding for escalation purposes.
    • Usage and Technical Data: Device type, operating system, IP address, app session duration, in-app behavior logs, crash reports, and error logs.
    • Subscription and Payment Data: Subscription plan type (Free, Premium, or Family), payment transaction records through Apple App Store and Google Play, and subscription status.
  2. How We Use Your Information
    • To provide and maintain our mental wellness services.
    • To analyze mood patterns and social interaction data to identify early signs of mental wellness challenges.
    • To deliver personalized nudges, wellness content, and notifications.
    • To escalate outreach to emergency contacts when social interaction goals are missed for two consecutive weeks.
    • To manage subscriptions and process in-app purchases through platform stores.
    • To improve app functionality and user experience based on aggregated usage patterns.
    • To comply with legal obligations and enforce our Terms of Service.
  3. Data Sharing and Disclosure
    • Emergency Contacts: We share limited information (your name and a gentle care message) with your designated emergency contacts via SMS or email when escalation is triggered after two weeks of missed social goals.
    • Service Providers: We use third-party services including Supabase (backend hosting and authentication), Twilio (SMS delivery), Apple App Store and Google Play (subscription management), and cloud storage providers. These services process data on our behalf under strict confidentiality agreements.
    • Admin Panel Access: Authorized administrators can access aggregate, anonymized data only. Administrators cannot access individual user Personally Identifiable Information (PII) or personal mood/goal data.
    • Legal Compliance: We may disclose information when required by law, regulation, court order, or to protect the rights, property, or safety of users or others.
    • Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred with appropriate confidentiality safeguards.
  4. Emergency Contacts and Escalation
    • You provide 1-3 emergency contacts during onboarding. These contacts are stored securely and used only for escalation purposes.
    • When escalation is triggered (after missing social interaction goals for two consecutive weeks), we share limited information with your emergency contacts: your name and a gentle care message only.
    • No detailed mood data, personal information, or behavioral patterns are shared with emergency contacts.
    • Emergency contact information is stored securely and can be updated or removed at any time through your account settings.
    • SMS notifications are sent via Twilio, a third-party service.
  5. Data Security
    • We implement industry-standard security measures including encrypted data transmission (HTTPS), secure cloud storage, and account authentication protocols.
    • User data is stored securely in Supabase with appropriate access controls and encryption.
    • We conduct routine security audits and monitor for unauthorized access or data breaches.
    • Despite these safeguards, no system is 100% secure. You use the App at your own risk and are responsible for maintaining the confidentiality of your account credentials.
  6. Data Retention
    • We retain your personal data, mood logs, and goal tracking data for as long as your account is active and for a reasonable period thereafter to maintain service continuity.
    • If you request account deletion, we will delete your personal information, mood data, and goal data within 30 days, except where retention is required by law.
    • Aggregate, anonymized data may be retained for analytics and service improvement purposes.
    • Emergency contact information is deleted when you remove contacts from your account or upon account deletion.
  7. Your Rights
    • Access your personal data, mood history, and goal tracking data.
    • Correct or update inaccurate information at any time.
    • Request deletion of your account and all associated data.
    • Export your data in a portable format upon request.
    • Withdraw consent for data processing by deleting your account.
    • To exercise any of these rights, please contact us through the app settings or via email.
  8. Children's Privacy
    • GemMate is intended for users aged 16 years and older, as specified in our Terms of Service.
    • We do not knowingly collect personal data from users under 16 years of age.
    • If we become aware that we have collected data from a minor under 16, we will delete that information immediately and terminate the account.
    • Parents or guardians who believe their child has provided personal information should contact us immediately.
  9. Third-Party Services
    • We use third-party services including Supabase (backend and authentication), Twilio (SMS delivery), Apple App Store and Google Play (subscription management), and potentially third-party APIs for wellness content.
    • These services have their own privacy policies and terms of service. We are not responsible for their privacy practices.
    • Subscription payments are processed entirely through Apple App Store and Google Play. We do not store or process payment card information directly.
    • Wellness content may be sourced from third-party APIs or curated through our content management system. We are not responsible for the privacy practices of content providers.
  10. International Data Transfers
    • Your data may be stored and processed on servers located in different countries, including the United States and other jurisdictions where our service providers operate.
    • By using the App, you consent to the transfer of your data to countries that may have different data protection laws than your country of residence.
    • We ensure that all data transfers comply with applicable data protection regulations and are protected by appropriate safeguards.
  11. Data Breach Notification
    • In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and relevant authorities in accordance with applicable laws and regulations.
    • Notifications will be sent via email (if provided) or through in-app notifications within 72 hours of becoming aware of the breach, where feasible.
  12. Policy Updates
    • We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements.
    • If changes are material, we will notify you through in-app notifications and/or email (if provided) at least 30 days before the changes take effect.
    • Your continued use of the App after the effective date of any changes constitutes acceptance of the updated Privacy Policy.
    • We encourage you to review this policy regularly to stay informed about how we protect your information.