MindFiti ARecovery Hub Privacy Policy

Last Updated: November 20, 2025

1. Introduction

MindFiti Health ("we," "our," or "us") operates the MindFiti ARecovery Hub mobile application and web platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

2. Information We Collect

Personal Information:

• Email address and password (for account creation)
• Name and contact information (optional)
• Payment information (processed securely via Stripe and Paystack)

Health & Recovery Data:

• Assessment responses and scores
• Therapy progress and completed sessions
• Daily check-ins and mood tracking
• Worksheet responses and journal entries
• Recovery goals and milestones

Usage Data:

• Device information (type, operating system, browser)
• IP address and location data
• App usage patterns and analytics
• Crash reports and error logs

3. How We Use Your Information

• Provide personalized recovery programs and AI-powered feedback
• Track your progress and send motivational notifications
• Process payments and manage subscriptions
• Improve our services through analytics
• Communicate important updates and support messages
• Ensure platform security and prevent fraud

4. Data Storage & Security

Your data is stored securely using industry-standard encryption. We implement:

• HTTPS encryption for all data transmission
• Bcrypt password hashing
• Secure session management
• Regular security audits and updates

5. Third-Party Services

We use trusted third-party services:

• OpenAI/Replit AI: For AI-powered feedback and chat (data anonymized)
• Stripe & Paystack: For secure payment processing
• Firebase: For push notifications (mobile apps)
• Analytics Providers: For app improvement (anonymized data)

6. Data Sharing & Disclosure

We do NOT sell your personal information. We may share data only when:

• Required by law or legal process
• Necessary to protect user safety or prevent harm
• You explicitly consent to sharing
• With service providers under strict confidentiality agreements

7. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate information
• Request deletion of your account and data
• Export your recovery data
• Opt-out of marketing communications
• Withdraw consent for data processing

8. Data Retention

We retain your data for as long as your account is active. Upon account deletion:

• Personal information is deleted within 30 days
• Anonymized analytics data may be retained for service improvement
• Payment records are kept for legal/tax requirements (7 years)

9. Children's Privacy

MindFiti ARecovery Hub is intended for users 18 years and older. We do not knowingly collect data from children under 18. If we discover such data, we will delete it immediately.

10. International Data Transfers

Your data may be processed in countries outside Kenya. We ensure appropriate safeguards are in place to protect your information in compliance with applicable data protection laws.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. Continued use of our services after changes constitutes acceptance.

12. Contact Us

For privacy-related questions or to exercise your rights:

• Email: mbiti@mindfiti.health
• WhatsApp: +254 705 760 289
• Support Page: /support

13. Account Deletion

To delete your account and all associated data, visit Account Deletion or contact us directly.

By using MindFiti ARecovery Hub, you acknowledge that you have read and understood this Privacy Policy.