Privacy Policy
Introduction
At MiraTalk, we value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect your data when you use our app and services.
Our mission at MiraTalk is to enhance your wellbeing with AI-powered guidance and coaching. To provide you with a highly personalized and meaningful experience, we need to collect and process certain information about you. We take your privacy seriously and strive to handle your data with the utmost care and transparency.
By using MiraTalk, you agree to the collection and use of your information in accordance with this Privacy Policy. We encourage you to read this policy carefully to understand our practices regarding your personal data and how we treat it.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at support@miratalkapp.com.
No personally identifiable information is gathered from the application by default. Users are automatically signed in anonymously and their entries are stored in our secure database under a random, pseudonymous identifier.
We do NOT sell your personal data to anyone, including data brokers, insurance companies, and social media companies.
What Data We Collect
At MiraTalk, we collect various types of information to provide and enhance our personalized AI wellbeing coaching services. This section explains what data we collect, how we collect it, and why we need it.
Types of Data Collected
Personal Information
We collect personal information that you provide to us during the onboarding process. This includes:
- Display name (required during onboarding - this is a mandatory field to personalize your experience)
Display Name: Your display name is required during onboarding to provide personalized AI coaching. The AI coach uses your display name to address you personally in conversations. You can update your display name at any time through the app's Settings.
During onboarding, we also collect your confirmations that you are 18 years or older, understand that AI responses may have limitations, and acknowledge that MiraTalk is not a licensed therapy or crisis service. These confirmations are part of accepting our Terms of Service and help ensure appropriate use of the app.
We also inform you during onboarding that anonymized chat data may be used for AI model training to improve our services. You can opt out of AI model training at any time through the app's Settings under "Data & Privacy" section.
For anonymous users, we collect a Firebase-generated user ID and your display name. When you choose to link your account with Google or Apple, we also collect your email address to enable cross-device access.
Chat Data
When you use MiraTalk to engage in AI chats, we collect the content you provide, including chat conversations with your AI coach.
Metadata
We collect metadata related to your use of MiraTalk, which includes:
- Time stamps of your interactions
- Basic device information (e.g., device type, operating system)
Location Data
We do not collect precise location data. We only collect timezone information (e.g., "America/New_York") when you enable push notifications. This allows us to schedule notification reminders at appropriate times for your location.
Consent: Timezone information is collected and stored when you enable push notifications. This allows us to schedule notifications at the appropriate time for your location. If you disable notifications, we stop using your timezone for scheduling, but the stored timezone value may remain in your profile. You can request deletion of this data by contacting us at support@miratalkapp.com. We don't track your physical location.
Photos (Journal Entries)
When you add photos to your journal entries, we access your device's photo library or camera with your permission. This permission is requested through your device's system prompt when you first attempt to add a photo. You can manage this permission at any time through your device's Settings → MiraTalk → Photos.
We only access photos that you explicitly choose to add to your journal entries. We do not automatically scan or access your entire photo library. Photos are stored securely in Firebase Storage and are only accessible to you.
You can revoke photo access at any time through your device settings, but this will prevent you from adding new photos to journal entries until you grant permission again.
Subscription Data
When you purchase a PRO subscription, we collect and store subscription-related information to manage your subscription and comply with financial regulations. This includes subscription status, expiration date, transaction information, and payment provider details. We do not store or have access to your payment card details - all payment processing is handled by Apple.
Push Notifications
If you enable push notifications, we collect notification preferences and timezone information to schedule notifications at appropriate times. Notification permission is requested through your device's system prompt when you first attempt to enable notifications. You can manage notification settings at any time through the app's Settings or through your device's Settings → MiraTalk → Notifications. You can disable notifications at any time, which will stop us from sending push notifications to your device.
Account Linking (Email/Apple ID/Google ID)
When you choose to link your account with Google or Apple, we collect your email address and account identifier to enable cross-device synchronization. Linking your account is optional and requires your explicit consent. You can use MiraTalk without linking an account by using anonymous authentication. To unlink your account, you can delete your account through the app's Settings → Data & Privacy → Delete Account.
Support Communications
If you contact us via email (support@miratalkapp.com), we collect and process the information you provide in your message, including your email address and message content. We use this information to respond to your inquiries and provide support. We retain support communications for as long as necessary to resolve your inquiry and for record-keeping purposes.
Third-Party Services
We use the following third-party services to provide and improve MiraTalk:
Firebase (Google Cloud Platform)
We use Firebase for cloud storage and database services. Firebase stores your data, including chat conversations, journal entries, goals, and practices.
OpenAI
We use OpenAI's AI models to power our chat features and generate personalized responses.
Google Analytics
We use Google Analytics to understand how users interact with the app and improve our services.
All interactions with these third-party services are secured via HTTPS to protect your data during transmission and processing.
How We Use Your Data
We use the data we collect to provide, personalize, and improve our services. This section explains how we use your data, the role of AI in processing your data, and the legal basis for these activities.
Personalization
We use the data you generate in MiraTalk, including chat conversations and journal entries, to create a highly personalized experience. Our AI-driven features remember what you share and use this information to provide relevant responses and insights in future interactions.
AI Processing
Our AI, powered by OpenAI models, processes your data to generate contextually relevant responses. This includes engaging in personal chat sessions, providing coaching, and supporting your personal growth and emotional wellbeing. We use conversation history analysis to pull in relevant context from your past journal entries and discussions, ensuring the AI's responses are helpful.
Model Training and Improvement
To continuously improve our AI coaching capabilities, we may use anonymized chat data for model training purposes. Your messages are anonymized (your user ID is replaced with a random identifier) and stored separately for this purpose. This helps us enhance the quality of our AI responses while protecting your privacy.
Data Used for Training
We only use anonymized chat conversations and practice interactions for model training. We do not use personal information (names, emails), photos, or mood data for training purposes. All training data is completely anonymized and cannot be traced back to individual users.
Your Control
You can opt out of having your anonymized data used for model training at any time through the app's Settings under "Data & Privacy" section. You can also contact us at support@miratalkapp.com if you have any questions. However, please note that opting out will not affect data that has already been anonymized and archived.
Guided Experiences
MiraTalk offers structured, interactive sessions called "Practices." These practices use your data to provide step-by-step guidance for your specific situation and goals. We also track practice feedback (feeling better/same/worse) to improve future recommendations.
Message Limits and Subscription Features
MiraTalk implements daily message limits for free users to manage service capacity and ensure quality experience. Free users have limited daily messages, goals, and check-ins. We track message usage to manage these features and provide appropriate service levels.
Analytics and Improvements
We use aggregated and anonymized data for product analytics and to understand usage patterns. This helps us improve MiraTalk and optimize its features.
Why We Need Your Data
The legal basis for processing your personal data explains why and how we are allowed to use your information under applicable data protection laws. Depending on the type of data and the specific purpose for which it is used, we rely on different legal grounds, including contractual necessity, legitimate interest, consent, and compliance with legal obligations.
This ensures that our data processing practices are lawful, transparent, and respect your privacy rights. Below, we explain each of these legal bases in more detail to help you understand our approach to handling your personal data.
Contractual Necessity
This legal basis applies when we need to process your personal data to fulfill the terms of service agreement you enter into with us when you use MiraTalk. For instance, when you link your account with Google or Apple, we process your email address to authenticate your account and provide you access to our services. Without this data, we wouldn't be able to offer you the core functionalities of the MiraTalk app.
Legitimate Interest
We process certain data under the basis of legitimate interest, which means we use your data in ways that you would reasonably expect and that have a minimal impact on your privacy. For example, we use data from your chat conversations and journal entries to personalize your experience and improve our app's functionality. This processing is necessary for us to provide a tailored and efficient service, enhancing your overall experience with MiraTalk.
Consent
In some cases, we rely on your consent to process your personal data. This means we ask for your explicit permission before collecting or using your information for specific purposes, such as sending you push notifications or using your photos for journal entries. For photos, permission is requested through your device's system prompt when you first attempt to add a photo to a journal entry. You have the right to withdraw your consent at any time, which means we will stop processing your data for those purposes.
Compliance with Legal Obligations
This legal basis applies when we need to process your personal data to comply with a legal obligation. For example, we may need to retain certain data to comply with tax laws, financial regulations, or respond to lawful requests from public authorities. This includes keeping records of subscription purchases as required by applicable laws. Payment transaction records are stored by Apple in App Store Connect.
We rely on several legal bases for processing your personal data, depending on the type of data and the purpose of processing. The table below summarizes these bases:
Core (default — no account required)
| Category of Personal Data | Purpose of Processing | Legal Basis |
|---|---|---|
| Pseudonymous App ID | Link entries to a user/session without PII; secure storage | Legitimate interest |
| Display Name | Personalization of AI coaching (AI addresses you by name) | Legitimate interest |
| Chat | Provide core service; AI-guided prompts/insights | Legitimate interest |
| Journal Data | Provide core service | Legitimate interest |
| Photos (in Journal) | Attach images to entries; richer journaling | Consent, Legitimate interest |
| Timezone | Notification scheduling | Legitimate interest, Consent |
| Device Metadata (model, OS, app version) | Diagnostics, security, fraud prevention | Legitimate interest |
| Analytics Data (aggregate, de-identified) | App improvement and usage patterns | Legitimate interest |
Optional (opt-in features)
| Category of Personal Data | Purpose of Processing | Legal Basis |
|---|---|---|
| Email Address / Apple or Google Account ID | Account linking and cross-device sync | Contractual necessity, Consent |
| AI Feature Content (data sent to AI vendors) | Process prompts to deliver AI features | Contractual necessity, Legitimate interest |
| AI Training Data (anonymized chat conversations) | Improve AI model responses and coaching quality | Legitimate interest |
| Support Emails/Messages | Handle support requests and follow-ups | Legitimate interest, Contractual necessity |
| Subscription Data (Status, Expiration, Transaction IDs, Provider) | Manage subscriptions, process payments, comply with financial regulations | Contractual necessity, Compliance with legal obligations |
Sharing Your Data
We share your data with trusted third-party service providers to provide and improve MiraTalk. We share data with Firebase (for data storage), OpenAI (for AI processing), and Google Analytics (for analytics). All data transfers are secured via HTTPS to protect your data during transmission and processing. See the "Third-Party Services" section above for more details.
Payments
We offer paid subscription products within the Service. We use Apple's In-App Purchase (IAP) system for payment processing. We do not store or collect your payment card details - all payment information is provided directly to Apple. We only receive transaction information from Apple (such as transaction IDs and subscription status) to manage your subscription and provide you with access to PRO features.
Data Transfer
We operate globally and may transfer your personal data to other countries for processing. Specifically, data is transferred internationally to the United States for AI processing by OpenAI. We ensure that any data transfers comply with applicable data protection laws to protect your privacy.
Firebase Infrastructure
Our primary data storage is located in Firebase's secure data centers, which are part of Google Cloud Platform infrastructure. This includes our application database (Firestore), user authentication, and file storage.
Data Storage Location: United States.
We use Firebase's standard Terms of Service which automatically include Data Processing Terms and Standard Contractual Clauses (SCC) to ensure compliance with international data protection regulations when transferring personal data to Firebase's servers. These safeguards are automatically applied to all Firebase services and require no additional acceptance.
OpenAI Processing
The AI services provided by OpenAI are currently hosted in the United States. To ensure compliance with GDPR and other international data protection regulations, we have implemented standard contractual clauses (SCCs) and data processing addenda with OpenAI.
Google Analytics
We use Google Analytics 4 (GA4) to collect minimal, aggregated analytics data through Google's secure infrastructure. This includes user engagement tracking, app usage analytics, and performance monitoring.
Data Storage Location: United States (Google Cloud infrastructure).
We use Google Analytics' standard Terms of Service which automatically include Data Processing Terms and Standard Contractual Clauses (SCC) to ensure compliance with international data protection regulations when transferring analytics data to Google's servers. These safeguards are automatically applied to all Google Analytics services and require no additional acceptance.
Keeping Your Data Safe
We take the security of your data seriously. This section explains where your data is stored, the measures we take to protect it, and how we ensure the security of data during transmission.
Storage Locations
Your data is stored in Firebase (Google Cloud Platform) cloud infrastructure. See the "Data Transfer" section above for details about data storage locations.
Security Measures
We implement a variety of security measures to protect your personal data:
Encryption
All data stored on our servers and transmitted between your device and our servers is encrypted using industry-standard encryption protocols (e.g., HTTPS, TLS).
Access Controls
We use strict access control mechanisms to ensure that only authorized personnel can access your data. This includes role-based access controls and regular audits of access logs.
Authentication
We use secure authentication to ensure that all data exchanges are protected from unauthorized access.
Data During Transmission
All data transmitted between your device and our servers is secured using HTTPS, ensuring that your information is encrypted during transfer. This helps protect your data from interception or unauthorized access while it is being transmitted over the internet.
Internal Data Access
We respect your privacy and ensure that your personal data and content are not accessed by our internal team without your explicit consent. Any access to user data for support purposes is conducted only with the user's permission and solely to resolve specific issues.
Additional Security Practices
- Security Training: Our team undergoes regular security training to stay updated on best practices and emerging threats.
Your Privacy Rights
As a user of MiraTalk, you have specific rights regarding your personal data. This section outlines your rights, what they mean, and how you can exercise them easily through the MiraTalk app.
Right to Access
You have the right to request access to the personal data we hold about you. This includes the right to ask for copies of your personal data.
How to Exercise: You can contact us at support@miratalkapp.com. We will respond to your request within 30 days.
Right to Rectification
If you believe that any of your personal data is inaccurate or incomplete, you have the right to request that we correct or update it.
How to Exercise: To request a correction, please contact us at support@miratalkapp.com with details of the data that needs to be corrected. We will make the necessary updates as soon as possible.
Right to Erasure (Right to be Forgotten)
You have the right to request the deletion of your personal data under certain circumstances, such as when the data is no longer needed for the purposes it was collected.
How to Exercise: You can delete your data by using the "Delete Account" option in the Settings section of the app. This will permanently delete your account and all associated data.
Data Retention Periods: When you delete your account, all your personal data is deleted immediately from our active systems. However, please note that anonymized chat data may be retained for AI model training purposes (see "Model Training and Improvement" section for details). Subscription transaction records are handled and stored by Apple in App Store Connect in accordance with their terms and applicable tax laws. We do not retain separate copies of transaction records after account deletion.
Right to Restrict Processing
You can request that we restrict the processing of your personal data in certain situations, such as when you contest the accuracy of the data.
How to Exercise: Restricting processing can be achieved by using the "Delete Account" option in the Settings section of the app. Alternatively, contact us at support@miratalkapp.com specifying the reason for your request.
Right to Data Portability
You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to request that we transfer this data to another service provider.
How to Exercise: You can email us at support@miratalkapp.com. We will provide the data within 30 days.
Right to Object
You have the right to object to the processing of your personal data in certain circumstances, such as when it is used for notifications.
How to Exercise: To object to specific types of processing, you can update your preferences in the Settings section of the app. For instance, you can opt out of receiving push notifications directly through the app. Alternatively, you can contact us at support@miratalkapp.com with details of your objection. We will review your request and cease the relevant processing unless we have compelling legitimate grounds to continue.
Right to Withdraw Consent
If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
How to Exercise: To withdraw your consent, you can update your preferences in the app or email us at support@miratalkapp.com. We will stop processing your data for the purposes you previously consented to.
For photo access, you can manage permissions through your device's Settings → MiraTalk → Photos. Revoking photo access will prevent you from adding new photos to journal entries until you grant permission again. You can also opt out of AI model training through the app's Settings under "Data & Privacy" section.
Right to Lodge a Complaint
If you believe that we have violated your privacy rights, you have the right to lodge a complaint with the relevant supervisory authority.
How to Exercise: To lodge a complaint, contact your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO).
We respect your privacy and are here to help you with any questions or concerns about your data. Feel free to contact us anytime!
Cookies and Tracking
MiraTalk uses tracking technologies to analyze app usage and improve our services. We use Google Analytics to collect minimal, aggregated analytics data. If you wish to opt out of analytics data collection, please contact us at support@miratalkapp.com and we will disable analytics tracking for your account.
Currently, the MiraTalk app does not use cookies. We use user IDs for essential app functionality, authentication, and to link your data to your account.
Children's Privacy
MiraTalk is designed for users who are 13 years old and above. This age requirement is based on legal requirements in the United States (COPPA) and European Union (GDPR), where children under 13 require parental consent for data processing. We do not knowingly collect personal data from children under the age of 13. This section outlines our policies regarding children's privacy and the steps we take to protect young users.
No Data Collection from Children
MiraTalk does not target or knowingly collect personal data from children under the age of 13. If we become aware that we have inadvertently collected data from a child under 13, we will take steps to delete this information promptly.
Steps Taken to Protect Children's Privacy
- Parental Consent: If we ever offer services to children under 13, we will obtain verifiable parental consent in accordance with applicable laws.
- Reporting Mechanism: If you believe that we have mistakenly collected data from a child under 13, please contact us immediately at support@miratalkapp.com. We will take appropriate steps to investigate and delete the information.
Links to Other Sites
Our Service may contain links to other sites that are not operated by us. If you click a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
Updates to Our Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. This section explains how we will notify you of significant changes and your options.
How We Notify You
If we make any significant changes to this Privacy Policy, we will notify you through the following methods:
- In-App Notification: We will display a prominent notice within the MiraTalk app.
- Email: We will send an email to the address associated with your account.
Reviewing and Accepting Changes
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data. Your continued use of the MiraTalk app after any changes to this Privacy Policy constitutes your acceptance of the updated policy.
Important Medical Disclaimer
MiraTalk is designed for educational and self-help purposes only. It is not intended to diagnose, treat, cure, or prevent any mental health condition. The AI coach responses are not a substitute for professional medical advice, diagnosis, or treatment. Always seek the advice of qualified health providers with questions about mental health conditions.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
- For privacy-related questions or concerns: support@miratalkapp.com
- For general support inquiries: support@miratalkapp.com
Response Time
We strive to respond to all privacy-related inquiries within 30 days. Your concerns are important to us, and we are committed to addressing them promptly and thoroughly.
Supervisory Authority
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.