Privacy Policy

Last updated: 2026-05-19

1. Who we are

Yaara is an emotional coaching application. This Privacy Policy explains what personal data we collect when you use Yaara, why we collect it, who we share it with, and the rights you have over it.

Contact for privacy questions: privacy@yaara.online.

2. What we collect

When you create an account and use Yaara, we collect:

  • Account data: name, email, year of birth, password hash, profile photo (optional).
  • Coaching content: emotional check-ins, reflections, goals, conversations with the coach (text and audio transcripts).
  • Generated insights: profile summaries, weekly and monthly narratives, notes, suggested replies, all derived from the coaching content you provided.
  • Operational metadata: timestamps, IP addresses (for authentication and abuse prevention), device type, basic interaction events.
  • Safety signals: if the crisis-language detector matches your message (server-side), we store the matched phrase, the message text, and a timestamp. See “Crisis-language detection” below.

We do not sell or rent your data.

3. Sub-processors

We use the following sub-processors to deliver the service. Each is contractually bound to handle your data consistent with this policy and applicable law.

  • Google LLC. Firebase Authentication, Firestore (database), Cloud Storage (media), Firebase App Hosting (compute). Data is processed under Google’s Cloud Data Processing Addendum. cloud.google.com/terms/data-processing-addendum
  • Google Generative AI (Gemini). Processes your messages and reflections to generate coach replies, summaries, notes, and live voice sessions. Your conversation text is sent to Google’s Gemini API. Inputs and outputs may be used briefly by Google for abuse monitoring; they are not used to train Google’s models when accessed via the API at our usage tier.
  • Resend Inc. Delivery of transactional and notification emails (check-in reminders, weekly summaries, account-deletion confirmations, safety alerts). Resend receives your email address and the message content for the emails we send you. resend.com/legal/privacy-policy
  • Sentry (Functional Software, Inc.). Error monitoring. We send scrubbed error context to Sentry (user UID, request route, error message). We strip request bodies, cookies, and PII fields server-side before transmission.

We do not send your coaching content or reflections to any third party beyond Google (for Gemini processing and storage). Any future sub-processor will be added here in advance of activation.

4. Crisis-language detection

Yaara coaches sensitive emotional topics. To help us catch cases where a user is in acute distress, we run a conservative regex against each chat message server-side for phrases that indicate suicidal ideation or self-harm. When a phrase matches, we record an event containing the matched phrase, the message text, your user ID, and a timestamp. These records are visible only to authorized staff on a dedicated “Safety” review page, and we email a safety inbox so a human is paged in real time.

We do this because the alternative, not noticing someone in crisis, is unacceptable for an app of this kind. Staff access is logged, reviewed, and restricted to follow-up purposes only.

5. Retention

We retain personal data only as long as needed:

  • Chat messages: 90 days from creation, then automatically deleted.
  • Recommendation telemetry: 180 days.
  • Crisis-detection events: 365 days (longer to allow a follow-up review tail).
  • Live-voice session resumption handles: 24 hours.
  • Profile, goals, insights, check-ins, and aggregate summaries: retained for the life of your account, unless you delete the account or specific data sooner.
  • Audit log entries (admin actions, deletion requests, safety access): retained as long as the relevant data they describe.

When you delete your account (see below), we hold your data for a 30-day grace period in case you change your mind, then permanently delete it.

6. Your rights

Depending on where you live, you have one or more of the following rights:

  • Access & export. Download every piece of data we hold about you in machine-readable form: Profile → Privacy & Security → Download my data.
  • Deletion. Request permanent deletion: Profile → Privacy & Security → Delete Account. We hold the account for 30 days as a grace window; after that the data is gone.
  • Correction. Edit your profile, goals, and check-ins at any time from within the app.
  • Withdraw consent / unsubscribe. Adjust notification preferences in Settings, or use the “Unsubscribe” link in any email.
  • Object / restrict processing. Email privacy@yaara.online.
  • Lodge a complaint. EU/EEA/UK users may complain to their local data-protection authority.

7. Security

Data is encrypted in transit (TLS 1.2+) and at rest (Firestore and Cloud Storage default encryption). We apply per-user data isolation in our database rules, server-side validation of every privileged action, per-user rate limits on paid-API endpoints, and a 30-day audit window on every admin mutation. We do not store unhashed passwords; authentication is delegated to Firebase Authentication.

8. Cookies

Yaara uses strictly-necessary cookies (or browser storage) to keep you signed in. We do not currently run third-party analytics or advertising trackers. If we add any in the future, we will request your consent first via the in-app banner before they load.

9. Children

Yaara is intended for users aged 13 and over. We do not knowingly collect data from anyone younger. If you believe a child has signed up, please contact us at privacy@yaara.online.

10. International transfers

Our primary Firebase region is us-central1(United States). If you access Yaara from outside the United States, your data is transferred to and processed in the United States under appropriate safeguards (the Google Cloud DPA includes Standard Contractual Clauses for transfers from the EU/EEA/UK).

11. Breach notification

If we discover a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours as required under GDPR Article 33, and notify affected users without undue delay.

12. Changes to this policy

Material changes will be announced via in-app notification and email at least 14 days before they take effect. Continued use after the effective date constitutes acceptance of the updated policy.