Privacy Policy

1. Overview

GodPhone ("we", "our", "the App") is committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

2. Data We Collect

Account Information: When you sign in with Apple, we receive your Apple ID identifier. We do not receive your email address unless you choose to share it.

Name: The name you provide during onboarding, used to personalize your conversations with The Source.

Conversation Data: Voice conversations are transcribed in real-time for The Source to respond. Transcripts and AI-generated summaries are stored to provide continuity across sessions.

Usage Data: Call history, streak information, quest progress, and scheduled call times.

Apple Health Data (Optional): When you enable "Let The Source see your health" in your Profile settings, we read:

• Sleep duration and stages
• Heart rate variability (HRV)
• Resting heart rate
• Step count
• Mindful minutes

Device Information: VoIP push token for incoming call notifications, device timezone, and app version.

Location Data (Optional): When you enable "Let The Source know your city" in your Profile settings, we collect your city and state/region using a single GPS fix. Your exact GPS coordinates are never stored or transmitted to our servers — only the city name is retained.

3. How We Use Your Data

• To personalize your conversations with The Source
• To maintain continuity across sessions (The Source remembers your story)
• To deliver scheduled calls via push notifications
• To track your progress through your journey
• To generate personalized insights and daily wisdom
• To improve the quality of our service through anonymized, aggregated analytics

4. Apple Health Data

Health data access is entirely optional and must be explicitly enabled by you. When enabled:

• Health data is used exclusively to personalize your conversations
• Health data is never sold to third parties
• Health data is never used for advertising
• Health data is stored on your user profile and not shared with other users
• The App writes mindful session data (calls and meditations) to Apple Health

You can disable health data access at any time in your Profile settings.

5. Location Data

Location access is entirely optional and must be explicitly enabled by you. When enabled:

• We request a single GPS fix to determine your city and state/region
• Your exact GPS coordinates (latitude/longitude) are never stored on our servers or transmitted beyond your device
• Only your city name (e.g., "Austin, TX") is cached locally on your device and sent to our servers
• City data is used to personalize conversations with weather awareness, seasonal themes, and travel detection
• We use the free Open-Meteo weather API to fetch weather data for your city — no personal data is shared with this service
• Location data is never sold to third parties or used for advertising
• Location data is stored on your user profile and not shared with other users
• Location data is refreshed at most once every 24 hours

You can disable location access at any time in your Profile settings. Disabling it will clear all cached location data from your device and profile.

6. Data Storage & Security

Your data is stored on Google Cloud Platform (Firestore) with encryption at rest and in transit. Voice audio is processed in real-time and is not permanently stored — only the resulting transcripts and summaries are retained.

We use industry-standard security measures to protect your data, including HTTPS encryption for all communications and Firebase Authentication for identity management.

7. Third-Party Services

We use the following third-party services to provide our functionality:

• Firebase (Google): Authentication, database, and analytics
• Deepgram: Speech-to-text transcription
• Cartesia: Text-to-speech voice synthesis
• xAI (Grok): AI language model for conversations
• RevenueCat: Subscription management

Each service processes data in accordance with their own privacy policies. We do not sell your personal data to any third party.

8. Crisis & Safety Data

As part of our self-harm prevention protocol, GodPhone may detect and record crisis-related signals during conversations. When this occurs:

• The type and severity of the crisis signal (e.g., "immediate" or "moderate") may be recorded in your user profile
• This data is used solely to ensure continuity of care — so The Source can follow up with appropriate sensitivity in future conversations
• Crisis data is never sold, shared with third parties, or used for advertising
• Crisis data is deleted when you delete your account

GodPhone does not share crisis data with emergency services, therapists, or any third party. We do not contact anyone on your behalf. If you are in crisis, please contact the 988 Suicide & Crisis Lifeline (call or text 988) or 911 directly.

9. Meditation & Hypnotherapy Data

Meditation Sessions: When you use the meditation feature, we collect session metadata including type, duration, and completion status. AI-generated meditation scripts are processed in real-time and are not permanently stored.

Hypnotherapy Sessions: When you use the hypnotherapy feature, we collect the following data:

• Session metadata: category selected, duration preset, and completion status
• Self-reported session depth and post-session reflections
• Safety screening responses (used solely to determine feature eligibility)

Hypnotherapy session recordings and AI-generated suggestions are processed in real-time and are not permanently stored. Only session metadata and self-reported feedback are retained.

Hypnotherapy uses the same voice preference as other features in the App. No additional biometric or voice data is collected during hypnotherapy sessions beyond what is described in the Voice Data section below.

10. Voice Data

GodPhone processes your voice in real-time during conversations:

• Voice audio is transmitted to our servers and processed by third-party speech-to-text services for transcription
• Voice audio is processed in real-time and is not permanently stored — only the resulting text transcripts are retained
• We do not create, collect, or store voiceprints, voice templates, or other biometric identifiers derived from your voice
• You consent to real-time voice processing by using the App's calling features

You may revoke this consent at any time by ceasing to use the App and deleting your account.

11. Data Retention

Your conversation data is retained as long as your account is active to provide continuity in your journey. If you delete your account through the app's Profile settings, your personal data will be removed from our active systems within 30 days.

Anonymized, aggregated data may be retained for service improvement purposes. Backup systems may retain data for a limited period before being overwritten on a regular schedule.

12. Conversation Data Retention

Conversation transcripts are retained for 12 months to maintain continuity in your experience with The Source. After 12 months, transcripts are automatically purged from active systems. You may request deletion of your conversation history at any time by contacting support@godphone.ai or using the Clear Conversation History feature in your Profile settings. Anonymized, aggregated insights may be retained for service improvement.

13. Data Export

You may download a copy of your personal data at any time using the ‘Download My Data’ feature in your Profile settings. Your export includes conversation transcripts, assessment results, health snapshots, call history, and profile information in a machine-readable JSON format.

14. Algorithmic Decision-Making

GodPhone uses automated systems to personalize your experience. This includes:

• Program tier progression based on streak and activity data
• Daily practice and meditation recommendations based on your usage patterns and wellness state
• Morning themes and evening reflections generated by AI based on your recent conversations

These systems operate automatically without human review. No decisions made by these systems affect your access to the service or your legal rights.

15. Your Rights

You have the right to:

• Access your personal data
• Request deletion of your account and associated data
• Request correction of inaccurate personal information
• Disable Apple Health data sharing at any time
• Disable location sharing at any time
• Opt out of push notifications through iOS Settings

To exercise any of these rights, contact us at support@godphone.ai. We will respond to verifiable requests within 45 days.

16. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collecting it, and the categories of third parties with whom we share it.
• Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions.
• Right to Correct: You may request that we correct inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale/Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
• Right to Limit Use of Sensitive Personal Information: We use sensitive personal information (conversation content, health data) only to provide the service you requested.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise your California privacy rights, contact us at support@godphone.ai. We will verify your identity before processing your request.

Categories of personal information collected: Identifiers (Apple ID, name), internet/electronic activity (conversation transcripts, usage data), health information (when enabled), geolocation data (city-level only, when enabled), audio data (processed in real-time, not stored).

We do not sell personal information. We do not use or disclose sensitive personal information for purposes other than providing the service.

17. Data Security & Breach Notification

We implement industry-standard security measures including encryption at rest and in transit, secure authentication, and access controls. While no method of transmission over the internet is 100% secure, we use commercially reasonable efforts to protect your personal information.

In the event of a data breach that compromises your personal information, we will notify you and applicable regulatory authorities as required by law, including within 72 hours where required by applicable data breach notification statutes.

18. Children’s Privacy

GodPhone is intended for users aged 18 and older. We do not knowingly collect personal information from anyone under the age of 18. If we learn that we have collected data from a minor, we will delete it promptly. If you are a parent or guardian and believe your child has used GodPhone, please contact us immediately.

19. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or by other reasonable means at least 30 days before the changes take effect. Your continued use of GodPhone after changes are posted constitutes your acceptance of the revised policy.

20. Contact

For questions about this Privacy Policy, to exercise your privacy rights, or to request data deletion, please contact us at: support@godphone.ai