GA
Gentle Ally Back to Home

Privacy Policy

Last updated:

Introduction

  • Gentle Ally, operated by Rinavore Limited, an Irish limited company ("we", "us", "our"), provides a caregiver assistant app and website.
  • This Policy explains what we collect, how we use and share it, and your rights.
  • Scope: This applies to our iOS app and our website at gentleally.com.

What We Collect

  • Account Information (App): email address, authentication details (via Supabase Auth; may include OAuth sign‑in).
  • User Content (App): child profiles (e.g., display name, age band, preferences you choose to enter), translation inputs (what you type), assistant conversation messages, and resulting suggestions.
  • Usage/Diagnostics (App): basic event logs and error diagnostics required to operate and secure the service. We do not collect IDFA and do not track you across apps.
  • Website Data (Site): email addresses for waitlist/updates (via ConvertKit), standard web analytics data (via Google Analytics), cookies/similar tech for site functionality and aggregated analytics.
  • Device/Technical Info (Site): browser type, OS, and related metadata typical for web requests.

How We Use Data

  • Provide and improve the app (translations, assistant chat, history, profiles).
  • Personalize suggestions based on your provided profile preferences.
  • Operate authentication, security, fraud prevention, and service reliability.
  • Communicate with you (service notices, support). Website: marketing updates if you opt in.
  • Comply with legal obligations and enforce our terms.

Data Sharing and Processors

Service Providers (App):

  • AWS: authentication, database, and Edge Functions, hosted in EU West (Ireland). Data at rest and in transit is encrypted. AWS is GDPR-compliant.
  • Azure OpenAI: processes the text you send for translations and assistant responses via Microsoft Azure's OpenAI Service, hosted in Sweden (EU). Content is used solely to generate responses. Microsoft does not use your data to train or improve their models. Data is processed in accordance with Microsoft's Azure OpenAI data privacy commitments and EU data protection regulations.
  • PostHog: product analytics and diagnostics (e.g., crash reports, performance and usage events) to improve app reliability and user experience. Configured for app analytics only; not used for advertising or cross‑app tracking. We do not enable session replay, screen recordings, or heatmaps.

Website Tools:

  • ConvertKit (email list management) and Google Analytics (aggregated website analytics).

We do not sell your personal information and do not share data for third‑party advertising. We do not use third‑party SDKs in the iOS app for advertising or cross‑app tracking.

App Privacy Summary (Apple)

Data Linked to You (App):

  • Contact Info: email (Account Management, App Functionality).
  • Identifiers: internal user ID (App Functionality, Security).
  • User Content: child profiles, translation inputs, assistant messages, and generated suggestions (App Functionality, Personalization, Support).
  • Usage Data: product interactions and performance metrics (App Functionality, Analytics).
  • Diagnostics: crash/technical logs (App Functionality, Diagnostics).

Data Not Used for Tracking:

  • We do not use data to track you across apps and websites.
  • No third‑party advertising SDKs in the iOS app.
  • No session replay, screen recordings, or heatmaps are collected.

Your Choices and Controls

  • In‑App Controls: you can update or delete child profiles and past translations/conversations where provided in the app UI.
  • Account Deletion: request account deletion and associated data by contacting us (see Contact Us). We’ll verify your request and delete data unless retention is required by law or for legitimate security/fraud prevention.
  • Marketing Emails (Website): unsubscribe anytime via email footer links or by contacting us.

Data Retention

  • We retain app data for your account as long as it’s needed to provide the service or until you delete it. Backup copies may persist for a limited period consistent with our backup and disaster recovery practices.
  • Website marketing data is retained until you unsubscribe or request deletion.

Children’s Privacy

  • Gentle Ally is designed for caregivers. It is not directed to children under 13, and we do not knowingly collect personal information directly from children.
  • If you believe a child has provided us personal information, contact us and we will delete it.

Security

  • We use industry‑standard safeguards, including encryption in transit (TLS) and encryption at rest provided by our cloud vendors, access controls, and auditing.
  • No method of transmission or storage is 100% secure, but we continuously work to protect your data.

Data Storage & Processing

  • All app data processing occurs within the European Union.
  • Database and authentication: AWS servers in EU West (Ireland).
  • AI processing: Azure OpenAI in Sweden.
  • We process personal data in full compliance with GDPR.
  • You have rights to access, correct, delete, restrict processing, and port your data.

Your Rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal data, and to object to certain processing.

To exercise rights, contact us (see Contact Us). We may request verification.

Cookies (Website)

We use cookies and similar technologies for site functionality and aggregated analytics. You can control cookies via your browser settings; some features may not work without them.

Changes to This Policy

We may update this Policy from time to time. We will post the updated version with a new “Last updated” date. Material changes may also be communicated in‑app or by email.

Contact Us

Email: info@gentleally.com