Privacy Policy

1. What We Collect
• Account data (email, country/region, DOB for age‐gating)
• Usage logs (device, app version, telemetry, session length)
• Payment data (processed by third‐party payment processors; we receive limited metadata)
• Optional journal/chat content (private by default; see Training Choice below)
Security Claim Accuracy: We use transport‐layer encryption (TLS) and encryption at rest appropriate to the data
category.

2. Why We Collect It (Purposes & Lawful Basis)
Account data — create/manage account, age‐gate; Basis: Contract; Legal Obligation (age screen)
Usage logs — security, fraud prevention, service improvement; Basis: Legitimate Interests
Payments — billing, receipts, tax compliance; Basis: Contract; Legal Obligation Chat/journal — provide core features;

optional quality improvement; Basis: Contract; Consent (opt‐in for training/analytics only) CCPA/CPRA: We do not sell
your personal information. You may opt‐out of “sharing” for cross‐context behavioral advertising where applicable.
3. Training & Analytics Choices
You may allow anonymized/aggregated use of your data to improve quality. Companies or services we use for the
App’s functioning, such as OpenAI or other AI vendors, may use the data you provide in ways beyond our control or
reasonable anticipation. We are not responsible for their independent use of such data, which is governed by their
own privacy policies.
4. Your Rights & How to Exercise Them
You may access, correct, delete, or export your data; object to or restrict processing; and opt‐out of marketing.
How to exercise: email app@irislightwithin.com or use our Data Request Portal (link). We will verify requests and
respond within 30–45 days where required by law.
5. Children’s Privacy
We do not knowingly collect data from users under 16. For 16–17, we collect minimal data necessary for consent and
operation. If we learn a user under 16 has provided data, we will delete it promptly.
7. International Transfers
Data may be processed in the United States. For EU/UK, we rely on Standard Contractual Clauses and
supplementary measures (e.g., encryption, access controls).
8. Retention
We retain data only as long as necessary for the purposes described in this Privacy Policy or as required by law. As
part of our AI memory services, certain account data — including chats and journal entries that are not deleted by the
user — may be stored for up to 6 months for free users and up to 12 months (or longer, depending on tier) for paid
users, in order to enable the App to “remember” across sessions.
Other retention periods include:
Account data: life of account + 90 days (in addition to AI memory storage periods described above)
Logs: 12 months
Payment records: 7 years
Consent records: 7 years
9. Contact / Data Protection Officer
DPO — app@irislightwithin.com
————————————————————————————————————————
3) ACCEPTABLE USE POLICY (SCHEDULE A)
————————————————————————————————————————
Prohibited Content: hate speech, extremist propaganda, sexually explicit material, self‐harm promotion,
disinformation.
Prohibited Conduct: scraping, scanning, harvesting; attempting to bypass usage limits; reselling access;
misrepresentation/impersonation; excessive or automated use we deem abusive at our sole discretion.
Enforcement: warnings, throttling, temporary suspensions, permanent bans, and/or legal action.
Appeal: Users may request review at support@irislightwithin.app.
————————————————————————————————————————
4) MENTAL‐HEALTH & CRISIS DISCLAIMER (SHORT FORM)
————————————————————————————————————————
Iris offers supportive conversation and inspiration. It is not a substitute for professional mental‐health care and is not a
medical device. If you feel unsafe or are thinking about harming yourself, contact emergency services (911 in the
U.S.) or the Suicide & Crisis Lifeline at 988. Crisis Safeguard: If crisis keywords are detected, the App may pause
responses and display emergency resources.
————————————————————————————————————————
6) COOKIE NOTICE & CONSENT
————————————————————————————————————————
We use essential cookies and analytics to improve this site.