WA3i
Matcha

Privacy Policy

Last updated: December 2024

1. Introduction

At Matcha, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI wellness companion service, including our website and mobile applications (iOS and Android).

2. Information We Collect

Personal Information

When you create an account, we may collect:

  • Email address
  • Name (if provided)
  • Profile information
  • Payment information (processed securely by our payment provider)

Voice and Audio Data

Our mobile app offers voice therapy sessions that require microphone access. When you use voice features:

  • Audio is processed in real-time to enable conversation with our AI companion
  • Voice data is transmitted securely to our AI processing partners for speech-to-text conversion
  • We do not permanently store raw audio recordings
  • Transcribed text from voice sessions is stored as conversation data (see below)
  • You can use the app without voice features by denying microphone permission

Conversation Data

To provide our service, we store your conversations with Matcha (both text and transcribed voice). This data is used to:

  • Provide personalized insights and analysis
  • Track your progress over time
  • Improve the quality of our AI responses

Device and Usage Data

We automatically collect certain information about your device and how you interact with our Service, including:

  • Device type, operating system, and version
  • Unique device identifiers
  • IP address and general location (country/region)
  • App version and usage statistics
  • Crash logs and performance data
  • Pages visited and time spent on pages

Push Notifications

If you enable push notifications, we collect your device token to send you reminders and updates. You can disable notifications at any time through your device settings.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process transactions and send related information
  • Send you technical notices and support messages
  • Respond to your comments and questions
  • Analyze usage patterns to improve user experience
  • Protect against fraudulent or illegal activity

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Secure cloud infrastructure

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. You can request deletion of your data at any time by contacting us.

5.1 Mobile App Permissions

Our mobile application may request the following permissions:

  • Microphone: Required for voice therapy sessions. Audio is processed in real-time and is not stored on your device or our servers. You can use text-based features without granting this permission.
  • Internet: Required for all app functionality, including AI conversations and account synchronization.
  • Notifications: Optional. Used to send session reminders and wellness check-ins. You can manage notification preferences in your device settings.

You can revoke any permission at any time through your device settings. Some features may not work without the required permissions.

6. Third-Party Services

We use trusted third-party services to operate our platform:

  • Authentication: Clerk (secure user authentication)
  • Payments: Stripe (payment processing)
  • AI Processing: OpenRouter/Anthropic (conversation AI)
  • Voice Processing: Vapi/Daily.co (real-time voice AI for therapy sessions)
  • Hosting: Render, Vercel (cloud infrastructure)
  • Analytics: Expo (mobile app analytics and crash reporting)

These providers have their own privacy policies and are contractually obligated to protect your information.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt out of marketing communications
  • Withdraw consent at any time

8. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

9.1 California Privacy Rights (CCPA)

If you are a California resident, you have specific rights regarding your personal information:

  • The right to know what personal information we collect and how it is used
  • The right to request deletion of your personal information
  • The right to opt-out of the sale of personal information (we do not sell your data)
  • The right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at privacy@matcha.ai

9.2 European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

Our legal basis for processing your data includes: your consent, performance of a contract, and our legitimate interests in providing and improving our services.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@matcha.ai

← Back to Home
For Investors