๐Ÿ‘‹ Overview

Chillpy ("the App") is operated by ZenDevs ("we", "us", or "our"). This Privacy Policy explains what personal information we collect, why we collect it, and how we use and protect it when you use our mobile application and website.

By downloading or using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App.

Short version: We collect only the data necessary to run the app. We do not sell your personal data. You can request deletion of your account and data at any time.

๐Ÿ“‹ Information We Collect

1. Account Information

When you create an account, we collect:

2. App Usage Data

To provide the core features, we store:

3. Social Features Data

If you use social features, we store:

4. Purchase & Subscription Data

In-app purchases and subscriptions (Capy Plus) are processed through Apple App Store or Google Play. We receive purchase confirmation and entitlement status from these platforms but do not store your credit card or payment details.

5. Device & Technical Data

6. Data You Do Not Provide

We do not collect:

๐ŸŽฏ How We Use Your Information

We use collected data exclusively to:

We do not use your data for advertising profiling or behavioral tracking.

๐Ÿค Third-Party Services

The App uses the following third-party services, each with its own privacy policy:

Supabase

Our backend database and authentication provider. Your account data and app progress are stored on Supabase-managed PostgreSQL servers. Supabase Privacy Policy

Cloudflare

We route all API requests through a Cloudflare Worker, which acts as a security proxy. Cloudflare may process request metadata (IP, headers) for DDoS protection and rate limiting. Cloudflare Privacy Policy

RevenueCat

Manages our in-app purchase validation and subscription status. RevenueCat receives purchase receipt data from Apple/Google to verify entitlements. RevenueCat Privacy Policy

Apple App Store / Google Play

Handle all payment processing for purchases. We receive only the result of the transaction (success/failure and entitlement). Apple's and Google's own privacy policies govern your payment data.

Expo / React Native

The app is built using the Expo framework. Expo may collect anonymized crash reports to support the framework. Expo Privacy Policy

Google AI (Gemini)

The optional Chat with Capy feature uses Google's Gemini large language model to generate responses. When you use the chat, the content of your messages and a non-identifying aggregated profile (described below) are sent to Google's servers for processing. Google may process this data in accordance with its own terms. Google Privacy Policy ยท Gemini API Terms

๐Ÿ’ฌ Chat with Capy โ€” What We Send to the AI

Chat with Capy is an optional, paid AI companion feature. Because it is powered by a third-party large language model (Google Gemini), we want to be explicit about what leaves the App when you use it.

What we DO send to the AI provider

What we DO NOT send to the AI provider

Consent

The first time you open Chat with Capy, you must explicitly accept (a) that Capy is not a health professional, and (b) that chat content is processed by a third-party AI provider. You cannot use the chat without this acceptance. You can revoke consent by deleting your chat history from within the App.

Storage and retention

Chat messages, the rolling conversation summary, and the aggregated profile snapshot are stored on our backend (Supabase) under the same Row-Level Security rules as the rest of your data. Only you can read them. You can wipe your chat history at any time from the chat screen; doing so deletes the messages, the summary, and the snapshot from our servers. Note that messages already sent to the AI provider may be retained by them according to their own policies, which are outside our control.

Reminder: Capy is a wellness companion based on mindfulness practices. It is not a therapist or medical professional, and it does not provide medical advice, diagnosis, or treatment. If you are in crisis, please contact a qualified professional or your local emergency services.

๐Ÿ”’ Data Security

We take reasonable technical and organizational measures to protect your data:

No method of transmission over the internet is 100% secure. In the event of a data breach that affects your rights, we will notify affected users as required by applicable law.

๐Ÿ‘จโ€๐Ÿ‘ฉโ€๐Ÿ‘ง Children's Privacy

Chillpy is not directed at children under 13 years of age (or under 16 in the European Economic Area). We do not knowingly collect personal information from children under these ages.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@chillpy.com and we will delete it promptly.

๐ŸŒ Data Transfers

Your data may be stored and processed in the United States or other countries where our service providers operate. By using the App, you consent to these transfers. We ensure that third-party providers maintain appropriate safeguards.

โœ… Your Rights & Choices

You have the right to:

To exercise any of these rights, email us at support@chillpy.com. We will respond within 30 days.

Account deletion: When you delete your account, we remove your personal information, habit history, emotion records, and social connections from our servers within 30 days. Aggregated, anonymized analytics data may be retained.

๐Ÿช Cookies & Local Storage

The mobile app does not use browser cookies. We use device local storage (AsyncStorage) to cache your session token and app preferences for a faster experience. This data stays on your device and is cleared when you log out or uninstall the app.

Our website (this landing page) does not use tracking cookies or analytics scripts.

๐Ÿ“ฌ Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

๐Ÿ”„ Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date at the top of this page and, where appropriate, by sending a push notification or in-app message.

Continued use of the App after changes take effect constitutes your acceptance of the updated policy.