Privacy Policy
Who We Are
Anticipa Health, Inc. ("Anticipa", "we", "us", "our") operates the Anticipa mental wellness platform, accessible at anticipahealth.com and via our iOS application. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services.
By using Anticipa, you agree to the practices described in this policy. If you do not agree, please discontinue use of the service.
For privacy inquiries: [email protected]
Information We Collect
Information you provide directly
- Account: Email address used to create and authenticate your account
- Events & schedule data: Upcoming events you enter for anxiety forecasting
- Mood & check-ins: Anxiety ratings, daily check-in responses, emotional patterns
- Journal entries: Reflections, CBT thought logs, and personal notes
- AI chat messages: Conversations with the Sage AI coping coach
- Survey responses: Onboarding questions about your anxiety type and triggers
Automatically collected
- Device type, operating system, and browser information
- App usage patterns (which tools you use, session frequency)
- Error logs for debugging and stability purposes
What we do NOT collect
- Your full name or physical address
- Precise or approximate location
- Payment card numbers (handled entirely by Apple or PayPal)
- Photos, videos, or audio recordings
- Contacts or calendar data from your device
How We Use Your Information
- To generate personalized anxiety forecasts and high-risk window alerts
- To power AI-generated coping recommendations tailored to your patterns
- To sync your data across devices (Pro feature)
- To determine your subscription status and deliver Pro features
- To send transactional emails (verification codes, account notices) — never marketing without explicit consent
- To improve app stability, performance, and features using anonymized, aggregated data
- To comply with legal obligations
We do not use your mental health data to train AI models shared externally. AI conversations are processed in real time and are not retained on our servers beyond your active session.
Third-Party Service Providers
We share limited data with trusted third-party providers strictly to operate the service. Each provider is bound by data processing agreements.
| Provider | Purpose | Data shared |
|---|---|---|
| Supabase | Authentication, database storage | Email, user ID, pro status, app data |
| Anthropic | AI chat processing (Claude) | Chat messages (not linked to identity) |
| Cloudflare | Hosting, API gateway, data sync | Request data, synced app data |
| Resend | Transactional email delivery | Email address, verification code |
| Apple | iOS in-app purchase processing | Purchase confirmation (no card data) |
| PayPal | Web subscription billing | Subscription ID, email (for verification) |
We do not sell, rent, or share your personal data with advertisers, data brokers, or any party not listed above.
Data Security
We implement industry-standard security controls to protect your data:
- Encryption in transit: All data is transmitted over TLS 1.3
- Encryption at rest: Database contents are encrypted at the storage level
- Access controls: Row-level security (RLS) ensures users can only access their own data
- Authentication: Secure JWT-based authentication with token expiration
- API protection: Rate limiting, CORS restrictions, and server-side authorization on all endpoints
Anticipa is a self-help wellness tool and is not a HIPAA-covered entity. While we apply rigorous security practices for sensitive mental health data, we are not subject to HIPAA regulations. If you have clinical-level privacy needs, please consult a licensed provider.
Data Retention
We retain your data for as long as your account is active. Specifically:
- Account data: Retained until you request deletion
- AI chat messages: Not stored on our servers — processed in real time only
- Cloud sync data: Stored for up to 90 days from last sync; refreshed on each sync
- Email verification codes: Deleted immediately upon use or after 10 minutes
- Billing records: Retained as required by applicable law (typically 7 years)
Upon account deletion, all personal data is permanently removed within 30 days, except where retention is required by law.
Cookies & Local Storage
Anticipa uses browser localStorage to store your preferences and app state locally on your device. This includes:
- Theme preference (light/dark)
- Onboarding completion status
- Usage counters for AI features
- Cached app data for offline use
We do not use third-party tracking cookies or advertising pixels. No data stored in localStorage is transmitted to third parties without your knowledge.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of all data we hold about you
- Deletion: Request permanent deletion of your account and all associated data
- Portability: Receive your data in a machine-readable format
- Correction: Update or correct inaccurate personal information
- Restriction: Request we limit how we process your data
- Objection: Object to processing based on legitimate interests
California residents (CCPA)
California residents have the right to know what personal information is collected, to delete personal information, to opt out of the sale of personal information (we do not sell data), and to non-discrimination for exercising these rights.
EEA/UK residents (GDPR)
If you are located in the European Economic Area or United Kingdom, you have rights under the GDPR including the right to lodge a complaint with your local supervisory authority.
To exercise any of these rights, email [email protected]. We will respond within 30 days.
Children's Privacy
Anticipa requires users to be at least 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us immediately at [email protected] and we will delete it promptly.
Users between 13 and 18 should obtain parental or guardian consent before using the service.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy at this URL with an updated effective date. Continued use of the service after changes constitutes acceptance of the updated policy.
For significant changes affecting how we use your health data, we will provide notice via email (if you have an account) at least 30 days before the change takes effect.
Contact Us
Anticipa Health, Inc.
Privacy inquiries: [email protected]
Data deletion requests: [email protected]
Support center: anticipahealth.com/support