Privacy Policy

1. Information we collect

• Onboarding responses: quiz answers, reflections, and free-text descriptions you provide during assessment.
• Generated profile data: attachment-related insights, blueprint content, triggers, repair scripts, and daily mirror text produced for you (including via automated AI systems).
• Usage & progress data stored locally: blueprint worksheet answers, chapter completion, trigger journal logs, regulation check-ins, and daily nudge preferences — stored on your device.
• Subscription status: we receive entitlement and purchase information from RevenueCat and your app store to determine whether you have an active subscription or trial.
• Device & usage data: basic technical data such as app version, platform, and crash or performance logs to keep the Service reliable.

We do not require account sign-in today; data is primarily stored locally on your device unless described below.

2. How we use information

• To personalize your Healing Blueprint, insights, triggers, and related content.
• To process subscriptions, restore purchases, and enforce access to paid features.
• To deliver daily nudges, optional push reminders, and refreshed mirror content.
• To improve the Service, fix bugs, and understand aggregate usage patterns.
• To comply with legal obligations and protect the security of our users and systems.

3. AI processing & third parties

When you complete onboarding or refresh certain content, relevant text may be sent to our servers (hosted on Vercel) and processed by OpenAI or similar providers to generate personalized copy. We send only what is needed for that feature — not your full device contents.

RevenueCat processes subscription and device identifiers to manage billing and entitlements.

Apple App Store / Google Play process payments under their own privacy policies.

If you enable push reminders, Apple or Google notification services deliver scheduled local notifications on your device.

We do not sell your personal information.

4. Storage & retention

Your AI profile, onboarding completion flag, trigger journal, regulation progress, nudge preferences, and blueprint worksheet progress are stored on your device using local storage (AsyncStorage).

Server-side API requests are processed to return results; we aim to minimize retention of raw request content on our infrastructure. Operational logs may be kept for a limited period for security and debugging.

If you delete the app or use "Retake Assessment," locally stored profile and progress data can be cleared as described in the app.

5. Your choices

• You can cancel a subscription or trial through your App Store or Google Play account settings.
• You can retake the assessment from Profile, which clears your saved local profile as indicated in the app.
• You can disable push reminders anytime in the Insights tab of the app.
• You may contact us to request access, correction, or deletion of information we control, subject to applicable law.

6. Security

We use industry-standard measures such as HTTPS for API traffic and restrict API keys to server-side environments. No method of transmission or storage is 100% secure.

7. Children

Attachment Mirror is not intended for users under 18. We do not knowingly collect information from children.

8. International users

If you use the Service from outside your home country, your information may be processed in countries where our providers operate, including the United States.

9. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will change when we do. Continued use after updates means you accept the revised policy.

10. Contact

Privacy questions or requests: privacy@attachmentmirror.com

General support: support@attachmentmirror.com