How Hey Otis handles your data.

Hey Otis collects only the data you provide directly:

• Your name and relationship profile (attachment style, love language, conflict style, body response, core need)
• Session messages and reflections you write during guided conversations
• Emotional check-in scores you record
• Partner observations and relationship patterns you add to your learnings
• Your email address (if you create an account)

We do not collect location data, contact lists, browsing history, or any data from other apps on your device.

Hey Otis uses Anthropic's Claude AI to power guided conversations and generate insights.

• Your session messages are sent to the Anthropic API to generate responses during active conversations.
• Session summaries and memory narratives are generated by the AI to provide continuity across sessions.
• Your data is not used to train AI models. Anthropic's API usage policy explicitly states that API inputs and outputs are not used for model training.
• Each conversation is processed independently. The AI does not retain information between API calls beyond what Hey Otis explicitly provides as context.
• AI responses are suggestions for self-reflection, not clinical diagnoses or professional advice.

Your data is protected through the following layers:

• Authentication tokens are stored in your device's secure keychain (iOS Keychain / Android Keystore via expo-secure-store), using hardware-backed encryption where available.
• Data transmitted to our servers uses TLS 1.2+ encryption in transit.
• Server-side data is stored in Supabase (EU region) with AES-256 encryption at rest and row-level security policies, ensuring you can only access your own data.
• Your vent sessions and private reflections are never visible to your partner, even if you are connected. This is enforced at the database layer.

Session content and profile data are also cached locally on your device so the app works offline. On iOS and Android this cache is protected by the operating system's app sandbox — other apps cannot read it. The cache is cleared when you sign out or delete your account.

We do not sell, rent, or share your personal data with third parties.

• Your data is never sold to advertisers or data brokers.
• We do not share your data with third-party analytics or marketing platforms.
• The only external service that processes your data is Anthropic's Claude API, solely for generating AI responses during your sessions, under a Data Processing Agreement.
• If you connect with a partner, only your name and profile-type results are shared with them. Your session content remains private.

If your input matches one of the crisis patterns documented in our safety framework (suicide, self-harm, abuse, child safety, psychosis, substance crisis, or eating-disorder crisis), Hey Otis will:

• Surface country-appropriate helpline resources immediately.
• Skip the AI response entirely — your message is not sent to the language model.
• Record the event category (not the message content) in an internal audit log so we can review pattern coverage.

The audit log stores the category, timestamp, and a 120-character excerpt of the input — it never stores the full conversation content.

Under applicable data protection laws (including GDPR), you have the following rights:

• Right of access: You can view all your data within the app at any time. Use “Export my data” in Settings to download a complete copy.
• Right to deletion: You can delete all your data at any time using “Delete all my data” in Settings. This permanently removes your account, sessions, messages, learnings, and profile data.
• Right to portability: The data export feature provides your data in a standard JSON format that you can take with you.
• Right to rectification: You can update your profile information at any time by retaking onboarding or editing your settings.
• Right to withdraw consent: You can stop using AI features at any time. Deleting your account removes all data from our systems.
• Right to lodge a complaint: You can complain to your local data protection authority if you believe we have not handled your data properly.

We use the following sub-processors to deliver Hey Otis. Each is bound by a Data Processing Agreement and EU-aligned data handling.

• Supabase (EU region, Frankfurt) — database, authentication, edge functions
• Anthropic — Claude AI for guided conversations, under zero-retention API terms
• Vercel — hosting for this website
• Apple App Store / Google Play — app distribution

To permanently delete all your data:

1. Open Hey Otis and go to Settings.
2. Scroll to “Privacy and safety”.
3. Tap “Delete all my data”.
4. Confirm the deletion.

This action is irreversible. All your sessions, messages, learnings, profile data, and account will be permanently removed within 30 days.

If you cannot access the app, email privacy@heyotis.app and we will action the deletion within 30 days.

Hey Otis is intended for adults aged 18 and over. The app is not designed for, marketed to, or appropriate for minors. If you believe a child has created an account, please contact us at privacy@heyotis.app and we will remove the account.

We may update this policy occasionally. Material changes will be communicated in-app and via email. The “effective date” at the top reflects the latest revision.

For questions about your privacy or to exercise your data rights:

Email: privacy@heyotis.app

We aim to respond to all privacy-related enquiries within 30 days.

Data controller: Hey Otis (10 8 City B.V.), Amsterdam, Netherlands. EU representative details are available on request.