🍪

1. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service. You can set your browser to refuse cookies, but some features may not work properly without them.

🔗

2. Third-Party Links

Our Service may contain links to third-party sites. We are not responsible for their content or privacy practices. Please review their policies before using their services.

👶

3. Age Requirements & Children's Privacy

MiAngel is NOT available to children under 13 years of age under any circumstances. We do not knowingly collect, use, or disclose personal information from anyone under 13. If we discover that a user under 13 has provided personal information, we will immediately delete the account and all associated data. Users aged 13-17 (minors) MUST have verifiable parental or legal guardian consent to use MiAngel. Parents/guardians may revoke consent at any time by contacting legal@miangel.ai, which will result in immediate account deletion. We reserve the right to request proof of age and parental consent at any time. By using MiAngel, minors and their parents/guardians acknowledge that health and biometric data will be collected and processed as described in this Privacy Policy.

🌍

4. International Data Transfers & Health Data Compliance

Your data may be stored and processed in the United States and other jurisdictions where our service providers operate. By using MiAngel, you consent to these transfers. We implement appropriate safeguards including Standard Contractual Clauses (SCCs) and ensure compliance with GDPR (European Union), CCPA (California), and other applicable data protection laws. Health Data Regulations: While MiAngel is not a covered entity under HIPAA, we implement HIPAA-equivalent security standards for all health and biometric data. We are designed to support HIPAA Business Associate Agreements (BAAs) for healthcare providers using our clinical dashboard. MiAngel is not a medical device and does not provide medical diagnoses or treatment. Our predictive analytics are for informational and wellness purposes only.

✉️

5. Contact Us

If you have questions about this Privacy Policy, reach us at legal@miangel.ai
📝

6. Changes to This Privacy Policy

We may update this policy from time to time. Check this page for updates. Continued use of the Service implies acceptance of the current policy.

📊

7. Information We Collect

  • personal: Personal Information: Name, email, demographic data, and other details you provide during registration or profile setup.
  • chat: Chat Data: Content of your conversations with MiAngel, including emotional states, mental health check-ins, and AI-generated insights.
  • usage: Usage Data: Device information, IP address, browser type, log data, interaction patterns, and feature usage analytics.
  • health: Health & Biometric Data: With your explicit consent, we collect health data from connected wearable devices and health platforms (including but not limited to Fitbit, Oura Ring, Apple Health, Google Fit) such as: heart rate, heart rate variability (HRV), sleep duration and quality, activity levels, steps, calories burned, stress indicators, blood oxygen levels (SpO2), body temperature, and other biometric measurements provided by your connected devices.
  • mood: Emotional Wellness Data: Mood logs, journal entries, emotional patterns, wellness goals, progress milestones, and self-reported mental health indicators.
  • predictive: Derived Insights: AI-generated predictions, risk assessments, pattern correlations, and wellness recommendations based on your aggregated data (mood + biometrics + behavior).
  • emergency: Emergency Contact Information: If you opt-in to the MiAngel Safety Net feature, we collect the name, phone number, email, and relationship of your designated emergency contact(s). This information is used exclusively for proactive crisis intervention notifications and is encrypted at rest.
🔍

8. How We Use Your Information

  • Service Delivery: To provide core features including AI chat, mood tracking, journaling, and personalized wellness insights.
  • Health Analytics: To analyze patterns between your emotional state, biometric data, and behavior to provide predictive wellness insights (e.g., panic attack forecasting, depressive episode prediction, stress pattern recognition).
  • Personalization: To tailor AI responses, wellness recommendations, and intervention timing based on your unique health profile and emotional patterns.
  • Research & Development: To train and improve AI models using anonymized, aggregated, and de-identified data. Individual identities are never included in training datasets.
  • Risk Management: To detect potential mental health crises and provide appropriate escalation to human support or emergency services when needed.
  • MiAngel Safety Net Emergency Contact Notification: If you opt-in, we use your emergency contact information to proactively notify your designated contact(s) when we detect signs of severe distress (self-harm language, declining mental health patterns over 2+ weeks, physiological anomalies, concerning absence). This is intervention BEFORE crisis escalation, not reactive response. Notification may take minutes to hours and requires your explicit, revocable consent.
  • Platform Integration: To sync data with connected wearable devices (Fitbit, Oura, Apple Health, etc.) via their authorized APIs to maintain accurate health profiles.
  • Clinical Support: With your explicit consent, to share longitudinal wellness data with your healthcare providers through our HIPAA-compliant clinical dashboard.
  • Product Improvement: To analyze feature usage, identify bugs, and enhance user experience across the platform.
🔐

9. Ownership of Data & Retention

You own your personal data. MiAngel is the custodian of your data and may process it as described in this policy. We retain your data for as long as your account is active or as needed to provide services. Health and biometric data is retained for up to 5 years to enable longitudinal trend analysis unless you request deletion. Anonymized, de-identified data may be retained indefinitely for research and AI model training. Upon account deletion, personally identifiable information is permanently removed within 30 days, though anonymized data may persist in training datasets. You can request a complete data export or deletion at any time.

🤝

10. Data Sharing and Disclosure

  • intro: We do not sell your personal or health data. Period. We may share data only in the following circumstances:
  • providers: Service Providers: We use trusted third-party services for cloud storage (Firebase), analytics, AI processing (OpenAI, Anthropic), and infrastructure. These providers are contractually bound to protect your data and may not use it for their own purposes.
  • wearables: Wearable Device Providers: When you connect a wearable device (Fitbit, Oura, Apple Health, Google Fit), we access your health data through their authorized APIs. We only request the minimum necessary permissions, and you can revoke access at any time. These providers have their own privacy policies governing data collection.
  • healthcare: Healthcare Providers: With your explicit, revocable consent, we may share longitudinal wellness data with your doctors, therapists, or mental health professionals through our secure clinical dashboard. You control exactly what is shared and with whom.
  • legal: Legal Compliance: We may disclose information if required by law, court order, subpoena, or government authority. We will notify you unless legally prohibited.
  • protection: Safety & Protection: We may share information to prevent imminent harm, protect our rights, investigate fraud, or enforce our Terms of Service. This includes the MiAngel Safety Net Emergency Contact Notification feature: if you opt-in and we detect signs of severe distress (self-harm language, declining patterns, physiological anomalies, concerning absence), we will proactively notify your designated emergency contact(s) with relevant context to enable intervention BEFORE a crisis escalates. This notification is opt-in, requires your explicit consent, and can be disabled at any time.
  • business: Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred. You will be notified, and the same privacy protections will apply.
  • research: Research Partners: We may share fully anonymized, aggregated, de-identified data with academic or research institutions for mental health research. No individual identities are ever disclosed.
🛡️

11. Data Security & Guardian Middleware AI™

Your data is protected by Guardian Middleware AI™, our patented cryptographic trust layer. Every interaction is: (1) Cryptographically Authenticated: Biometric or device attestation verifies your identity before accessing sensitive data. (2) Policy-Bound: AI interactions are governed by machine-enforced behavioral policies that cannot be overridden. (3) Audit-Trail Protected: Every data access is logged in a tamper-evident audit chain for accountability. (4) Deny-by-Default: Private memory and health data remain encrypted and inaccessible without verified authentication. Additionally, we employ: AES-256 encryption for data at rest, TLS 1.3 for data in transit, regular security audits and penetration testing, role-based access controls (RBAC) for internal systems, automated threat detection and monitoring, and secure API integrations with third-party health platforms. While no system is 100% secure, Guardian Middleware AI™ provides enterprise-grade, verifiable protection designed for regulated healthcare environments.

⚙️

12. Your Choices & Data Rights

  • access: Access & Export: You can request a complete copy of all your data (personal, health, chat logs, mood history) in machine-readable format at any time through your account settings or by contacting legal@miangel.ai.
  • delete: Deletion: You can request full account deletion, which will permanently remove all personally identifiable information within 30 days. Note: Anonymized data used in AI training cannot be extracted once de-identified.
  • wearables: Disconnect Wearables: You can disconnect any linked wearable device (Fitbit, Oura, Apple Health, etc.) at any time from your account settings. Past data will be retained but no new data will be collected from that device.
  • consent: Manage Consent: You can revoke consent for clinical data sharing with healthcare providers at any time. This will immediately stop future data sharing but cannot recall information already shared.
  • optOut: Marketing & Communications: Unsubscribe from promotional emails, push notifications, or marketing communications. Service-critical notifications (security alerts, policy updates) cannot be disabled.
  • portability: Data Portability: You have the right to receive your data in a structured, commonly used format and transmit it to another service provider.
🛡️

Questions About Your Privacy?

Our team is here to help. We believe in complete transparency and your right to understand exactly how your data is protected.

Contact Legal Team