Privacy Policy

Effective date: March 1, 2026

This Privacy Policy explains how Inner Child Care (the “App”) and the website at innerchild.care (the “Website”) collect, use, share, and protect information.

Operator / Data Controller: Ruslan Kalinovych (Poland) Contact (privacy & support): myinnerchild.hq@gmail.com
Service regions (initial release): United States, Poland, Ukraine

1) Who this is for (Adults Only)

The App and Website are intended for adults 18 years and older. The App uses an age-gating screen to restrict access to adults. If you are under 18, do not use the Services.

2) Information we collect

We collect information you provide, information generated through your use of the Services, and limited technical data needed to operate, secure, and improve the Services.

A) Account and authentication

When you create and use an account, we collect:

  • Email address (for email/password sign-in)
  • Account identifiers (e.g., internal user ID)
  • Session/authentication data (e.g., tokens needed to keep you signed in)

If you use Google or Apple sign-in (when enabled), those providers share information needed to authenticate you (typically a stable account identifier and, depending on your provider settings, your email address).

We do not store your password in plain text.

B) Profile and preferences

We may collect:

  • Profile details you choose to provide (e.g., username)
  • App preferences and settings (e.g., language)

C) Self-reflection and wellbeing-related content (sensitive by nature)

The App may collect and store content you submit such as:

  • Onboarding answers (self-reflection)
  • Daily task answers (text)
  • Interactions (e.g., whether a task was completed)
  • Derived labels or groupings that the App generates from your responses (e.g., category tags)

Important: The App is for self-care and reflection. Please avoid entering medical records or diagnostic information. The App is not for emergencies.

D) Photos and file attachments

If you upload photos or files (for example, as part of a task report or when sending feedback), we collect and store those uploads along with basic metadata (such as upload time and the related feature/task).

Access control intent: Uploads are intended to be accessible only by you and, if needed, authorized personnel for support and security purposes.

E) Feedback and support

If you contact us or submit feedback, we may collect:

  • Your message content
  • Attachments you include (e.g., screenshots)
  • Basic technical context related to your request (e.g., app version)

F) Website contact form

If you contact us on the Website, we collect:

  • Name (if provided)
  • Email address
  • Message content and any details you submit

G) Careers / job applications (Website)

If you apply for a job, we may collect:

  • Name and email address
  • Phone number (optional)
  • Application answers
  • Resume/CV or other files you upload (optional)

H) Device, usage, diagnostics, and logs

We (and our service providers) may collect technical information such as:

  • Device/app/browser information (e.g., OS, app version, language/locale)
  • Request/security data (e.g., IP address and user agent) for security, fraud prevention, and troubleshooting
  • Operational metrics and error logs
  • Crash and diagnostic information used to detect, prioritize, and fix app stability issues
  • App usage information such as screen views and interaction events
  • Session replay / session capture data that may record how users navigate and interact with the App, such as screen visits, taps, clicks, scrolling, and similar usage events

Limited logging of snippets/metadata: For debugging and reliability, we may log limited snippets or metadata related to certain operations (for example: identifiers like task/report IDs, timing, and limited content metadata). We do not aim to log full private reflections unless necessary to diagnose an issue you report.

Important: Session replay / session capture is intended for product analytics and troubleshooting. Because these tools can capture detailed interaction data, you should avoid entering medical or diagnostic information into the App.

3) How we use information

We use information to:

  • Provide and operate the App and Website
  • Create and manage accounts and sessions
  • Save your progress and personalize your experience
  • Store and display your content to you within the App
  • Respond to support requests and feedback
  • Process and manage job applications
  • Maintain security, prevent abuse, troubleshoot issues, and improve performance
  • Monitor reliability and diagnose crashes and errors
  • Understand usage of the App and Website, including screen flows and feature interactions, so we can improve the product and user experience

4) Legal bases for processing (EEA/UK)

If you are located in the European Economic Area (EEA) or the UK, we process personal data under the following legal bases (as applicable):

  • Contract: to provide the Services you request (account access, saving content, core app functionality).
  • Legitimate interests: to secure the Services, prevent abuse, troubleshoot issues, maintain quality, analyze product performance, and improve reliability and user experience.
  • Consent: for cookies/trackers where required (especially for EU/UK Website visitors), and for any optional features or processing activities where consent is required by law.
  • Legal obligation: to comply with applicable laws and lawful requests.

5) Cookies and similar technologies (Website)

We use cookies and similar technologies for:

  • Essential functionality (e.g., authentication/session handling)
  • Remembering certain interactions (e.g., local storage markers such as “viewed jobs”)
  • Performance measurement (e.g., Website performance metrics)

EU/UK cookie choices

We plan to provide a cookie banner for EU/UK visitors and will request consent where required by law for non-essential cookies/trackers.

6) Analytics and diagnostics

Website

The Website uses Vercel Speed Insights to measure performance and improve the Website experience. This may involve collecting performance metrics and technical data needed to deliver and measure the Website.

App

The App uses third-party analytics and diagnostic tools to help us understand usage, improve the App, and identify stability problems.

These tools may collect information such as:

  • screen views and navigation flow,
  • interaction events (such as taps, clicks, and similar UI interactions),
  • technical/device information,
  • crash reports and related diagnostic data, and
  • session replay / session capture data showing how users move through and interact with the App.

These tools are used for product analytics, debugging, troubleshooting, and improving reliability and usability.

7) How we share information

We do not sell personal data.

We share information only as needed to operate the Services, including with service providers such as:

  • Supabase (authentication, database, file storage)
  • Vercel (Website hosting and performance monitoring)
  • Resend (sending emails related to Website contact and careers communications)
  • Analytics and diagnostics providers that help us understand product usage and app stability
  • Google / Apple (only if you use their sign-in methods)

We may also share information:

  • If required by law, regulation, or legal process
  • To protect the security and integrity of the Services
  • To investigate abuse or enforce our rights

8) Data retention

We retain information only as long as needed for the purposes described in this Policy.

  • Account and App content: we retain your account data and App content until you request deletion or delete your account in the App.
  • Support messages: retained as needed to address your request and maintain support history; you may request deletion.
  • Careers applications: typically retained for up to 12 months after the hiring process ends (or longer if required by law), unless you request deletion sooner.
  • Security and access logs: IP address and user-agent/platform logs may be retained for up to 30 days for security and troubleshooting. Some non-identifying operational logs may be retained longer as needed.
  • Analytics and diagnostic data: retained for as long as reasonably needed for troubleshooting, fraud prevention, product improvement, and service reliability, subject to provider retention settings and applicable law.

Backups

Even after deletion, residual copies of certain data may remain in backups for a limited period and be removed as backups rotate.

9) Account deletion and your choices

How to delete your account

You can delete your account in the App by going to Settings > Account > Delete Account and confirming the deletion.

You can also contact us at myinnerchild.hq@gmail.com if you need help with deletion.

What happens after deletion

When you delete your account in the App, the deletion of your account and associated in-app data is initiated immediately.

However, we may retain limited information where necessary to:

  • comply with law,
  • resolve disputes,
  • enforce our agreements,
  • maintain security records, or
  • allow residual copies in backups to expire in the normal backup cycle.

Some analytics, diagnostic, or log records generated before deletion may remain for a limited period in backups, aggregated reports, or provider systems, depending on how those systems operate and applicable law.

10) Your privacy rights

EEA/UK rights

If you are in the EEA/UK, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Restrict or object to certain processing
  • Data portability (where applicable)
  • Withdraw consent (where processing is based on consent)

You can exercise these rights by emailing myinnerchild.hq@gmail.com.

You also have the right to lodge a complaint with your local data protection authority. In Poland, the supervisory authority is the President of the Personal Data Protection Office (UODO).

U.S. / California (if applicable)

Depending on your location and applicable laws, you may have additional rights regarding access, deletion, and information about disclosures. You can contact us at myinnerchild.hq@gmail.com.

11) International processing and transfers

We operate from Poland and use service providers that may process data in other countries (including the United States and countries in the EU/EEA). Where required, we use appropriate safeguards for cross-border transfers (such as contractual protections).

12) Security

We use reasonable safeguards to protect information, including secure connections and access controls.

Administrative access: Production access to user data is restricted to the CEO only.

No method of transmission or storage is completely secure; therefore, we cannot guarantee absolute security.

13) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the effective date.

14) Contact

For privacy questions, support, or deletion requests, contact: myinnerchild.hq@gmail.com