How We Protect Your Data With Care

Last update: 19.03.2026

Important: Eiren AI is designed to support mindfulness, self-reflection, and personal growth. It is not a substitute for professional therapy, counseling, or medical advice. This app is not a medical device and does not diagnose, treat, or prevent any condition.

If you are experiencing emotional distress, mental health challenges, or medical conditions, we encourage you to seek help from a qualified healthcare provider. See a list here:
https://findahelpline.com/

Content generated through Eiren AI (including AI conversations, journaling prompts, and meditations) is intended for general well-being support and should not be considered professional guidance or a diagnostic tool.

By using Eiren AI, you acknowledge that you are responsible for your own mental and emotional well-being.

Now that we got that out of the way, let's dive deeper:

Introduction

At Eiren AI, your privacy and the security of your data are our top priorities. This Privacy Policy outlines how we collect, use, store, retain, and protect your personal information when you use our services, including the Eiren AI app and website. This policy ensures compliance with the Swiss Federal Act on Data Protection (nFADP), the EU General Data Protection Regulation (GDPR), and other relevant global data protection regulations.

Eiren AI is designed for users aged 18 and above. By accessing our services, you confirm that you meet this age requirement.

For any inquiries, privacy requests, or concerns regarding this policy, please contact tobias@eiren.ai.

Account and Data Deletion

You can delete your account and all associated data at any time in the Eiren AI app (Settings > Profile Settings > Delete Profile and ALL Data).

When you delete your account, all your personal data (including journal entries, mood logs, visions, goals, tasks, and profile information) is permanently deleted from our database immediately. Automated database backups that may contain your data are retained for up to 90 days for disaster recovery purposes and are then automatically purged. See the "Data Retention and Deletion" section below for full details.

Information We Collect

When you use our website or app, we may collect the following data:

Account Data: Your email address, collected when you sign up in our app or subscribe to the newsletter on our website. Consent is requested on the login screen upon sign-up.

Health and Well-Being Data: Eiren AI collects and stores the following well-being-related data that you voluntarily provide through your use of the app:

• Mood entries (mood ratings, associated activities, and notes you log throughout the day)

• Journal entries that may contain reflections on your emotional state

• Meditation usage (topics and preferences you choose when generating meditations)
  
  

This data is used solely to provide you with personalized app features such as mood insights, meditation generation, and journaling analysis. We do not use this data for advertising, profiling, or sharing with third parties. We do not analyze or share the personal content you create in the app (journals, visions, goals, tasks, mood notes) with any external parties.

AI Chat Data: Conversations with the AI Coach are stored temporarily and automatically deleted after 30 days. This data is used only to provide the coaching experience within the app.

Interaction Data: Anonymous app-usage events (such as install counts, screen opens, feature usage) collected via Google Analytics 4 SDK.

User Content (Journaling and Media) — Your Responsibility

To run the app, your content (such as journal entries, visions, goals, tasks, mood notes, and journal background images) is stored in our cloud database hosted on Firebase (Google Cloud, Zürich, Switzerland, region europe-west6).

Please avoid including sensitive personal information in journals or images (such as health diagnoses, government IDs, precise addresses, or biometric data). Do not upload graphic, explicit, or illegal images. Such content is strictly prohibited.

While we use strong security controls, no storage or transmission system is 100% secure. By uploading content, you accept the residual risk of unauthorized access or disclosure and are responsible for what you choose to store.

You can delete entries and media at any time within the app. Automated database backups may retain deleted content for up to 90 days before being purged.

How We Use Your Data

We use your data for the following purposes:

App Functionality: Your account data, user content, and well-being data are used to provide the core app experience, including personalized meditations, journaling features, mood tracking insights, AI coaching, and goal planning.

Email Notifications and Updates: When you sign up in the app or subscribe to the newsletter on our website, your email address is stored and mainly used to send you our exclusive uplifting weekly emails related to mindfulness, personal growth, and spiritual development. These emails are managed and delivered through Kit (formerly ConvertKit). You can review Kit's privacy policy here: https://kit.com/privacy. You can unsubscribe at any time via the link in every email.

Analytics: We may use aggregated, anonymous data to analyze how users interact with our app and website, which helps us improve your experience. We keep account data only while your Eiren AI account is active. Aggregated analytics in Google Analytics 4 are automatically deleted after 14 months (GA4 default).

Legal Basis for Processing

We process your data based on your explicit consent, which is required by both nFADP and GDPR. By submitting your information through our newsletter signup or app login forms, you agree to our collection and use of your data as outlined in this policy. (Consent mentioned in the app upon login.) You can withdraw your consent at any time.

By providing your data, you confirm that you are at least 18 years old, as required for explicit consent under applicable data protection laws.

Third-Party Services and Data Sharing

Your personal information is never sold or traded. We only share data with third-party services when necessary to operate the app. Below is a complete list of third-party services we use:

Firebase / Google Cloud (Zürich, Switzerland): Database, authentication, and file storage. Stores account data, user content, and well-being data.
Privacy policy: https://firebase.google.com/support/privacy

Google Gemini: AI-generated meditations, journal analysis, and AI coaching. Receives text prompts you provide (anonymized, no account identifiers sent). We do not use your data to train AI models. Privacy policy: https://ai.google.dev/gemini-api/terms

ElevenLabs: AI voice generation for meditations. Receives text prompts for voice generation (no personal data sent). Privacy policy: https://elevenlabs.io/privacy

RevenueCat: Subscription management. Receives subscription status and anonymous user identifiers. Privacy policy: https://www.revenuecat.com/privacy

Kit (formerly ConvertKit): Email newsletter delivery. Receives your email address. Privacy policy: https://kit.com/privacy

Google Analytics 4: Anonymous usage analytics. Receives anonymous usage events (no personal identifiers). Privacy policy: https://policies.google.com/privacy

Apple (iOS only): In-app purchases and refund processing. Receives purchase and usage data as required by Apple's policies. Privacy policy: https://www.apple.com/privacy

Subscription Management

Our app uses RevenueCat to manage in-app subscriptions and entitlements. RevenueCat collects and processes data such as subscription status and user identifiers to enable seamless subscription management. RevenueCat complies with GDPR and other applicable privacy regulations. You can find more information in RevenueCat's Privacy Policy.

iOS users only: By using our app and making in-app purchases, you consent to our sharing of data regarding your usage and consumption of purchased content with Apple, as part of our efforts to resolve refund requests. This information may include details about how you have accessed and interacted with the purchased content. The purpose of sharing this data is to help Apple make an informed decision regarding refund requests. We ensure that such data sharing is done in compliance with Apple's policies and only as necessary to process your requests.

Children's Data

Eiren AI does not knowingly collect or process personal data from individuals under the age of 18. If we become aware that such data has been collected, it will be deleted promptly. Parents or guardians can contact us at tobias@eiren.ai to address any concerns about data from minors.

Cookies

We use cookies to enhance your experience and analyze website usage. By using our website, you agree to our use of cookies. You can manage cookie preferences in your browser settings or at the end of the page by clicking on "cookie settings."

You can also install Google's GA Opt-out browser add-on if you prefer to disable analytics cookies entirely.

Your Rights

Under both Swiss data protection law (nFADP) and GDPR, you have the following rights:

Right of Access: You can request a copy of the data we hold on you.

Right to Rectification: You can ask us to correct any inaccurate or incomplete data.

Right to Erasure (Right to be Forgotten): You can request that we delete your personal data if it is no longer needed or if you withdraw your consent. You can also delete your account directly in the app.

Right to Data Portability: You can request your data in a structured, commonly used format for transfer to another service provider.

Right to Restrict Processing: You may ask us to suspend processing of your data while a complaint is investigated.

Right to Object: You can object to the processing of your data, particularly for direct marketing purposes.

For more details on your rights, you can refer to the Swiss Federal Data Protection and Information Commissioner's (FDPIC) website. To exercise any of these rights, contact us at tobias@eiren.ai. We will respond to your request within 30 days.

Data Retention and Deletion

We retain your data only as long as necessary to provide you with the services. Here are the specific retention periods for each type of data:

Account data (email, profile): Retained while your account is active. Deleted immediately from the live database upon account deletion in the app.

User content (journals, visions, goals, tasks, mood notes, images): Retained while your account is active. Deleted immediately from the live database upon account deletion. Individual entries can also be deleted within the app at any time.

Well-being data (mood entries, meditation usage): Retained while your account is active. Deleted immediately from the live database upon account deletion.

AI Chat data (conversations with AI Coach): Automatically deleted after 30 days. Not retained beyond this period.

Email newsletter subscription: Retained until you unsubscribe. Unsubscribe via the link in any email, or contact us. Note: Your newsletter subscription is managed separately from your app account. Deleting your app account does not automatically unsubscribe you from the newsletter.

Analytics data (Google Analytics 4): Automatically deleted by Google after 14 months (GA4 default). This data is anonymous and cannot be linked back to you.

Subscription records (RevenueCat): Retained while your account is active, plus up to 6 years thereafter to meet tax and legal obligations.

Database backups: Automated backups of the database are retained for up to 90 days for disaster recovery purposes and then automatically purged. These backups are encrypted and access-restricted.

What happens when you delete your account:

1. All your personal data, user content, and well-being data is permanently deleted from our live database immediately.

2. Automated database backups that may contain your data are retained for up to 90 days for disaster recovery and then purged automatically.

3. Your email newsletter subscription is separate. If you are subscribed, you need to unsubscribe separately via the unsubscribe link in any email.

4. Anonymous, aggregated analytics data that cannot be linked back to you may persist in Google Analytics until the 14-month retention period expires.

5. Subscription records in RevenueCat may be retained for up to 6 years to comply with tax obligations.
   
   

You can delete your account at any time under app Settings > Profile Settings > Delete Profile and ALL Data.

Data Security

Your data is securely stored and protected using encryption in transit (TLS/SSL) and at rest (AES-256 encryption provided by Firebase/Google Cloud). We use industry-standard security measures including access controls, secure development practices, and regular security monitoring. We run 24/7 automated security alerts.

Should a data breach occur that affects your personal data, we will notify affected users and the Swiss Federal Data Protection and Information Commissioner (FDPIC) within 72 hours, in compliance with data protection laws.

International Data Transfers

Your data is stored on Firebase servers in Switzerland (Zürich, europe-west6). When third-party services process data outside of Switzerland or the EU (such as ElevenLabs, which is US-based), we rely on Standard Contractual Clauses (SCCs) or equivalent legal safeguards to ensure your data is protected to Swiss and EU standards. No personal identifiers are sent to these AI services.

Data Protection by Design and Default

At Eiren AI, we follow the principle of privacy by design and by default, ensuring that privacy is integrated into every stage of our development and service offerings. We collect the minimum data required and ensure that your information is only used for the purposes described in this policy.

EU Representative

Name: Tobias Schär Email: tobias@eiren.ai

This representative is authorised to act on behalf of Eiren AI in relation to compliance with GDPR and related data protection obligations, including acting as a point of contact for data subjects and supervisory authorities within the EU, regarding the processing of personal data.

Data Breach and Incident Reporting

In case of a high-risk data breach that could affect your rights and freedoms, we are required to notify both you and the Federal Data Protection and Information Commissioner (FDPIC) as soon as possible. We run 24/7 automated security alerts; if a high-risk breach is detected, we will notify affected users and the Swiss FDPIC within 72 hours.

Changes to This Policy

We reserve the right to update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of any significant changes by updating this policy on our website, and you will always have the option to review the latest version.

Contact

For any questions, requests, or concerns about this Privacy Policy or your data, please contact:

Tobias Schär Email: tobias@eiren.ai