Privacy Policy (Draft)

1. Who we are

MindfulWave is a product operated by Enovera Ltd. (“we”, “us”). This Privacy Policy explains how we collect, use, and protect information when you use MindfulWave (the “Service”).

2. What we collect

We collect the minimum information needed to operate the Service.

2.1 Account information

  • Email address
  • Authentication identifiers required to sign you in

2.2 Wellness content you provide

  • Journal entries and reflections
  • Mood and trigger tracking data
  • Optional voice journal transcripts (if you use voice features)

2.3 AI-generated outputs

  • AI summaries, patterns, and suggestions generated from your content
  • Optional evidence excerpts (only if you enable an “include evidence” option)

2.4 Usage and device information

  • Basic usage analytics (e.g., feature usage, performance metrics)
  • Approximate device/browser information

We do not intentionally collect sensitive identifiers such as government IDs.

3. How we use your information

  • Provide and maintain the Service
  • Generate insights and reflections you request
  • Improve reliability, performance, and safety of the Service
  • Communicate with you about account or support requests
  • Process subscriptions and provide billing support

4. How AI processing works (high level)

When you request an insight, we process the relevant content to generate an output. We use trusted AI systems and apply safety guardrails and data minimization. AI outputs are stored so you can view them later.

5. Encryption and security

  • Data is transmitted using HTTPS.
  • Sensitive content (such as journal text and AI outputs) is encrypted in storage using strong encryption.
  • We use access controls to restrict who can access systems and data.

No system is 100% secure, but we work to protect your information using reasonable technical and organizational measures.

6. Sharing and disclosure

6.1 Service providers

We use service providers to help run the Service (e.g., hosting, databases, payments, email, analytics). They may process information on our behalf and are required to protect it.

6.2 Legal requirements

We may disclose information if required by law, or to protect rights, safety, and security.

6.3 Business transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction.

7. We don’t sell your personal data

We do not sell your personal data.

8. Your choices and rights

Depending on your location, you may have rights to:

  • Access, correct, or delete your information
  • Export your data
  • Object to or restrict certain processing

You can request help by contacting us at our support email.

9. Data retention

We retain information as long as needed to provide the Service and for legitimate business purposes (e.g., security, compliance). You can delete your content or account, which will remove or anonymize associated data subject to legal requirements.

10. Age restriction (18+)

The Service is intended for users 18 years of age or older. We do not knowingly collect personal data from anyone under 18. If you believe a person under 18 has provided us personal data, contact us and we will take steps to delete the information.

11. International transfers

If you access the Service from outside the country where our systems are located, your information may be processed in other countries. We take steps to protect information consistent with this policy.

12. Changes to this policy

We may update this policy from time to time. We will post the updated version and revise the effective date.

13. Contact

If you have questions or requests, contact us at: support@enovera.ai