Privacy Policy

Effective date: March 2, 2026

QiGuide ("we", "us", "our") is an AI-powered mindfulness companion operated by an independent developer based in Australia. This policy explains what data we collect, why, and how we protect it.

We take your privacy seriously. We collect only what is necessary to provide and improve QiGuide, and we never sell your personal data.

1. What We Collect

Account information: When you create an account, we collect your email address. If you sign in with Google or Apple, we receive your name and email address from your authentication provider. We do not receive or store your Google or Apple password.

Conversations: Your chat messages with QiGuide are stored so the AI companion can provide continuity across sessions. This includes message content, timestamps, and which AI model generated the response.

Mood and practice tracking: If you use mood check-ins or log practices, we store this data to personalise your experience and help you track your progress over time.

Payment information: If you subscribe to a paid plan, payment processing is handled entirely by Stripe. We do not store your credit card number, bank details, or other financial information on our servers. We retain only your Stripe customer ID and subscription status to manage your account tier.

Usage data: We track basic usage metrics such as message counts and session frequency. This helps us monitor service health, enforce rate limits, and understand how QiGuide is used.

Analytics: We may use privacy-respecting analytics tools to understand how visitors interact with our website. This may include page views, referral sources, and general device/browser information. We do not use analytics data to build individual user profiles.

2. How We Use Your Data

• To provide and personalise the QiGuide experience, including AI conversations and practice recommendations
• To maintain continuity across sessions (your AI companion remembers your journey)
• To manage your account, subscription tier, and rate limits
• To process payments via Stripe
• To monitor service health and fix technical issues
• To improve QiGuide based on aggregate usage patterns (never by reading individual conversations)

3. AI Processing

Your messages are sent to third-party AI providers (currently Anthropic's Claude API) to generate responses. These providers process your messages according to their own privacy policies. We send only the content needed for the conversation — your recent messages, a brief context summary, and the system prompt. We do not send your email, name, or account details to AI providers.

A compact summary of your interaction history (themes discussed, practice preferences, experience level) is maintained to personalise responses across sessions. This summary contains no identifying information and is typically under 100 words.

4. Data Storage and Security

Your data is stored in Supabase, a managed database platform with encryption at rest, SSL/TLS for all connections, and row-level security ensuring you can only access your own data. Our infrastructure is hosted in the United States (West US region).

API keys and credentials are stored as environment variables in our deployment platform and are never exposed in frontend code or version control.

5. Data Sharing

We do not sell, rent, or trade your personal data. We share data only with:

• AI providers (currently Anthropic) — to generate conversation responses, as described above
• Stripe — to process payments, if you subscribe to a paid plan
• Supabase — our database and authentication provider
• Vercel — our frontend hosting provider

We may also disclose data if required by law or to protect the safety of our users.

6. Cookies

QiGuide uses essential cookies and local storage to maintain your login session and application state. We may use privacy-respecting analytics that do not require cookie consent under most jurisdictions. We do not use advertising cookies or third-party tracking cookies.

7. Your Rights

You can:

• Access your data: View your conversations, mood entries, and profile information within the app
• Delete your account: Request deletion of your account and all associated data by contacting us at the email below. Account deletion removes all your conversations, mood entries, practice logs, and profile data
• Export your data: Request a copy of your data by contacting us
• Update your information: Edit your profile and preferences within the app at any time

If you are in the European Economic Area, United Kingdom, or another jurisdiction with data protection laws, you may have additional rights including the right to restrict processing and the right to lodge a complaint with your local data protection authority.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently removed from our systems. Backups that may contain your data are rotated and deleted within 30 days of account deletion.

9. Children's Privacy

QiGuide is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this policy from time to time. If we make significant changes, we will notify you via the app or email. The effective date at the top of this page indicates when the policy was last updated.

11. Contact

For any privacy questions, data requests, or concerns:

Email: privacy@qiguide.app