Last Updated: October 1, 2025
Nafsy is a mental-wellness companion for iOS (not a medical device or therapy). We collect only what we need, treat wellness data as sensitive, run no third-party ad trackers, and never sell personal data. Voice sessions are ephemeral—no recordings, transcripts, or stored voice content. You can delete your account anytime and request a copy of your data by email.
This Privacy Policy applies to the Nafsy iOS app and related in-app services operated by NUNE LLC (the "Service"). It explains what we collect, how we use it, and the choices you have. This Policy is also available at a public link so you can read it outside the app.
"Personal data" means information that identifies you or can reasonably be linked to you. "Wellness data" includes mood entries, wellness-related chat content, and activity in wellness exercises.
Email, display name, language/locale, time zone, and authentication identifiers from our sign-in provider (e.g., user ID, session tokens).
Chat content with AI companions; mood entries (ratings/tags/notes/timestamps); exercise usage (types, completion, streaks, timers); weekly summaries we generate to personalize your prompts; goals/journaling you create; in-app feedback/support messages.
During a voice session, your microphone audio is processed in real time to generate a response. We do not record audio, create transcripts, or store any voice content after the session ends. Limited technical connection logs (e.g., IP address, timestamp) may exist briefly for security and reliability, but no voice content or transcripts are retained.
Device model, OS and app version, language/region, push token (if enabled), crash logs, error reports, and performance metrics used to keep the app reliable.
We do not collect: GPS/precise location, contact lists, your photos/media unless you choose to upload, browsing history outside the app, cross-app data, or biometric templates. We do not use third-party advertising identifiers.
Automated decisions: We do not make decisions with legal or similarly significant effects solely by automated means.
We use trusted AI providers (e.g., model hosting APIs) to generate responses, perform safety checks, and create your weekly summaries. We instruct providers not to use your identifiable data to train their models. Some providers may retain limited logs solely for abuse detection and security and then delete them (for example, many APIs remove inputs/outputs after ~30 days; zero-data-retention options may be available on eligible endpoints). We keep a current list of providers and retention windows at a public link.
Voice: audio is handled ephemerally to deliver a response and is not recorded or transcribed. No voice content is retained after the session ends.
Recent data is stored on your device for offline use and syncs securely when online. Account and historical data are stored on secure cloud infrastructure. When you delete your account, cloud data is deleted or anonymized within 60 days, and removed from backups within 90 days as backup cycles roll over.
We do not sell personal data. We share only with: (a) processors/service providers (hosting, authentication, messaging, analytics/telemetry, content safety, AI) bound to confidentiality and instructions; (b) legal recipients where required by law or to protect rights and safety; (c) business-transfer recipients (e.g., merger or acquisition) with equivalent protections; and (d) recipients of aggregated/de-identified statistics that cannot identify you.
Settings → Account → Delete. We delete or anonymize cloud data within 60 days. Local data remains until you uninstall the app.
Email contact@nafsyapp.org to request a readable copy of your data (CSV/JSON). We'll verify your identity and respond within a reasonable timeframe.
Delete your account to withdraw consent for wellness data processing. Prior processing remains lawful.
Depending on your location, you may have additional privacy rights such as the right to request correction of your data, restrict certain processing, or object to data use. Contact us at contact@nafsyapp.org to exercise any applicable rights. We'll verify your identity and respond within the timeframes required by applicable law.
We use industry-standard safeguards: encryption in transit and at rest, least-privilege access, audit logging, rate limiting, and automated monitoring. No system is perfect—use a device passcode/biometrics and keep your OS updated.
We may process data outside your country. When we do, we implement appropriate safeguards to protect your data and limit access to what's necessary to provide the Service. We comply with applicable data protection laws in your jurisdiction.
The Service is for users 18+. If a minor's data is identified, contact us and we will take appropriate action.
We maintain incident response procedures. Where required by law, we will notify affected users/authorities within applicable statutory timelines and describe actions taken.
We may update this Policy. If changes are material, we'll notify you in-app or by other reasonable means. Your continued use after the effective date means you accept the updated Policy.
Email: contact@nafsyapp.org