Back to Home

Privacy Policy

Last Updated: January 31, 2026

TheraBesty ("we," "us," or "our") operates the TheraBesty mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the App.

1. Important Notice About Mental Health Data

TheraBesty is a mental wellness and self-improvement application. It is not a medical device, healthcare provider, or licensed therapy service. However, we recognize that the information you share through our App may be sensitive in nature, including thoughts, feelings, moods, and personal reflections related to your mental and emotional well-being.

We treat all such information with the highest level of care and confidentiality. We do not sell your personal or mental health data. We do not use your conversations or mental health information for advertising purposes.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Email address, password (stored in hashed form), and full name.
  • Authentication Data: If you sign in via Apple or Google, we receive your name, email, and a unique identifier from the provider. We do not receive or store your Apple or Google password.
  • Profile Information: Gender, age, preferred language (English or Arabic), relationship status, therapy goals, communication style preferences, focus areas, and emotional context.
  • Chat and Conversation Data: Messages you send during AI therapy sessions, journal responses, assessment answers, and session results.
  • Stranger Chat Data: Messages exchanged during anonymous peer support sessions, selected topic, gender matching preference, and session feedback (helpful/not helpful).
  • Couples Therapy Data: Messages exchanged during couples therapy sessions (including private messages shared only with the AI during individual turns), session progress, and exercise responses.
  • Mood Data: Daily mood check-ins and mood history.
  • Reports and Feedback: If you report another user, the reason and description you provide.

2.2 Information Collected Automatically

  • Device Information: Device type, operating system, and push notification token.
  • Session Data: IP address, user agent string, session creation and expiration timestamps.
  • Usage Data: Daily feature usage counts (e.g., number of AI chat sessions, stranger chat sessions), streak tracking (consecutive active days), and room interaction statistics.

2.3 Information We Do NOT Collect

  • Medical diagnoses or medical records
  • Health insurance information
  • Medication information
  • Biometric data (fingerprints, facial recognition data)
  • Precise geolocation data
  • Financial information (payment processing is handled entirely by Apple App Store, Google Play Store, or RevenueCat)
  • Contacts or address book data

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing Core Services

  • Delivering AI-powered therapy conversations personalized to your profile (name, age, gender, relationship status, goals, and communication style)
  • Matching you with anonymous peers for stranger chat sessions
  • Facilitating couples therapy exercises
  • Generating journal analysis and assessment results
  • Tracking your daily mood and engagement streaks

3.2 Safety and Content Moderation

  • Screening messages in stranger chat for inappropriate content, including personal information sharing (phone numbers, social media handles, email addresses), harassment, profanity, and sexual content
  • Reviewing flagged content and user reports to maintain a safe community
  • Enforcing bans against users who violate community guidelines

3.3 Service Improvement

  • Analyzing aggregated, de-identified usage patterns to improve features
  • Tracking feature popularity and user satisfaction ratings
  • Identifying and fixing technical issues

3.4 Communication

  • Sending push notifications related to your sessions (e.g., match found, session ending)
  • Sending service-related announcements

3.5 Subscription Management

  • Verifying your subscription status and entitlements
  • Processing subscription events (purchases, renewals, cancellations)

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share information only in the following limited circumstances:

4.1 AI Service Providers

To provide AI-powered therapy features, we send conversation data to:

  • Google (Gemini API): For generating AI therapy responses. Data sent includes your conversation history during a session and limited profile context (name, age, gender, relationship status) to personalize responses.
  • OpenAI: For journal analysis and content moderation. Data sent includes your journal responses and, for moderation, the text of stranger chat messages.

These providers process data according to their respective privacy policies and data processing agreements. We use their API services, which means your data is processed for the purpose of generating responses and is subject to their API data usage policies.

4.2 Subscription Provider

  • RevenueCat: Manages in-app subscriptions. RevenueCat receives your anonymized user identifier, subscription status, and transaction details. RevenueCat does not receive your name, email, or conversation data.

4.3 Push Notification Service

  • Expo Push Notification Service: Receives your device push token and notification content to deliver push notifications to your device.

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency), or if we believe disclosure is necessary to:

  • Comply with a legal obligation
  • Protect and defend our rights or property
  • Prevent or investigate possible wrongdoing in connection with the App
  • Protect the personal safety of users or the public

4.5 Anonymous Peer Interactions

During stranger chat sessions, your messages are shared with your matched peer. Your real name, email, and profile information are never revealed to other users in stranger chat. Only your messages are visible.

During couples therapy sessions, messages are shared with your partner as part of the therapy exercise, except for private messages which are only processed by the AI.

5. Data Storage and Security

5.1 Storage

Your data is stored on secure servers using PostgreSQL databases. Session tokens and sensitive credentials on your device are encrypted using AES-256 encryption and stored in platform-secure storage (iOS Keychain / Android Keystore).

5.2 Security Measures

We implement the following security measures:

  • Passwords are cryptographically hashed (never stored in plain text)
  • All data transmitted between your device and our servers is encrypted via HTTPS/TLS
  • WebSocket connections for real-time features use secure protocols (WSS)
  • Authentication tokens are encrypted on your device
  • Role-based access controls for administrative functions
  • Session expiration (30 days) with automatic token invalidation

5.3 Limitations

No method of electronic storage or transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

6. Data Retention

  • Account Data: Retained for as long as your account is active. Upon account deletion, your account data and associated profile information are permanently deleted.
  • Conversation Data: AI chat sessions, stranger chat messages, and couples therapy messages are retained for as long as your account exists to maintain session history and enable content moderation review.
  • Session Logs: Authentication session data (IP address, user agent) is retained for security auditing purposes and expires with the session (30 days).
  • Subscription History: Subscription event records are retained for financial and compliance purposes.
  • Moderation Records: Reports and flagged content are retained as needed for safety enforcement.
  • Usage Statistics: Aggregated usage data may be retained in de-identified form indefinitely for analytics.

Upon account deletion, we will delete or de-identify your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, legal compliance).

7. Your Rights and Choices

7.1 All Users

Regardless of your location, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your account and associated personal data.
  • Push Notifications: Opt out of push notifications through your device settings at any time.
  • Account Deletion: Delete your account through the App or by contacting us at the email below.

7.2 European Economic Area (EEA) Residents — GDPR

If you are located in the EEA, you additionally have the right to:

  • Data Portability: Receive your personal data in a structured, commonly used format.
  • Restriction of Processing: Request that we limit how we use your data.
  • Object to Processing: Object to our processing of your personal data.
  • Withdraw Consent: Where processing is based on consent, withdraw that consent at any time.
  • Lodge a Complaint: File a complaint with your local data protection authority.

Our legal bases for processing are: (a) performance of our contract with you (providing the App services), (b) our legitimate interests (safety, security, service improvement), and (c) your consent (where applicable).

7.3 California Residents — CCPA

If you are a California resident, you have the right to:

  • Know: Request disclosure of the categories and specific pieces of personal information we collect.
  • Delete: Request deletion of your personal information.
  • Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
  • No Sale of Data: We do not sell your personal information.

7.4 Jordan and Middle East Residents

We comply with applicable data protection laws in Jordan and the broader Middle East region. You may exercise your rights by contacting us at the email address provided below.

8. Children's Privacy

TheraBesty is intended for users aged 18 and older. We do not knowingly collect personal information from anyone under 18 years of age. Our onboarding process includes an age verification step. If we discover that we have collected personal information from a person under 18, we will promptly delete that information. If you believe we have collected information from a minor, please contact us immediately.

9. Anonymous Peer Chat — Special Provisions

The stranger chat feature is designed to provide anonymous peer support. Special privacy measures include:

  • Anonymity: Your real identity (name, email, profile photo) is never shared with your matched peer. Only your messages are visible.
  • Content Moderation: Messages are automatically screened to prevent sharing of personal identifying information (phone numbers, social media handles, email addresses, real names). Messages that attempt to share personal information are blocked before delivery.
  • Session Limits: Sessions have time limits to protect user well-being.
  • Reporting: You can report inappropriate behavior. Reports are reviewed by our moderation team.
  • No Message History Access: You cannot access past stranger chat conversations after a session ends.

10. AI-Generated Content Disclaimer

The AI responses in TheraBesty are generated by artificial intelligence language models. These responses:

  • Are not professional medical, psychological, or therapeutic advice
  • Are not a substitute for consultation with licensed mental health professionals
  • May not always be accurate, complete, or appropriate for your specific situation
  • Are generated based on your conversation context and profile information

We do not guarantee the accuracy, reliability, or suitability of AI-generated content. If you are experiencing a mental health crisis, please contact emergency services or a licensed mental health professional immediately.

11. Third-Party Links and Services

The App may contain links to external resources, including emergency helpline numbers and mental health resources. We are not responsible for the privacy practices of third-party websites or services. We encourage you to review the privacy policies of any third-party services you access through the App.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our AI service providers (Google, OpenAI) operate servers. These countries may have data protection laws that differ from your jurisdiction. By using the App, you consent to such transfers. We ensure that appropriate safeguards are in place for international data transfers, including standard contractual clauses where applicable.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy within the App and updating the "Last Updated" date above. For significant changes, we will provide notice through the App or via email. Your continued use of the App after any changes constitutes acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have concerns about your privacy, please contact us at:

TheraBesty Email: privacy@therabesty.com

This Privacy Policy is provided in English. An Arabic translation is available within the App. In the event of any discrepancy, the English version shall prevail.