Newsletter

Privacy Policy

1. Overview

Heard is a wellness and recovery app designed to support survivors through journaling, reflection, and guided healing tools. Your privacy and safety are at the heart of everything we do.
This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the Heard mobile app, website, and related services (collectively, the “Service”).

By downloading or using Heard, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.

 

2. Who We Are

Heard is operated by Heard Collective Pty Ltd, an Australian-based company supporting users worldwide through trauma-informed technology.
We comply with international privacy standards, including:

  • GDPR (European Union & UK)
  • CCPA/CPRA (California, USA)
  • Australian Privacy Act 1988 (Cth)
  • PIPEDA (Canada)
  • Other equivalent global data protection laws

 

3. Information We Collect

We only collect what’s necessary to provide a safe, secure, and meaningful experience.
The types of information we may collect include:

  1. Information You Provide
  • Account details: name, email, password, or sign-in credentials via Apple/Google.
  • Journal entries, reflections, or notes you write within the app.
  • Optional media uploads (e.g., images, audio recordings) where supported.
  • Subscription information if you upgrade to Heard Echo (premium).
  • Support communications you send to us.

Automatically Collected Data

  • Device data: device type, operating system, app version, and language settings.
  • Usage analytics: frequency of use, session duration, feature interactions (aggregated and anonymized).
  • Crash or performance logs (for bug fixing and improvement).

We do not collect or track your location, contacts, camera roll, or microphone without your explicit consent.

 

4. How We Use Your Information

Your data is used only to:

  • Provide app functionality (journaling, reflections, saved entries, timeline view).
  • Generate AI reflections (powered by OpenAI or equivalent secure partners).
  • Improve the app’s performance and personalize your experience.
  • Respond to support requests or technical issues.
  • Maintain compliance with legal, accounting, and security obligations.

We never sell or share your personal data for advertising or profiling.

 

5. AI Reflections and Data Handling

When you use features like Raya’s Reflection or AI-based journaling responses, your text input may be securely transmitted to an AI service provider (such as OpenAI or its approved affiliates) for processing.

  • Data is not used to train AI models or stored for future learning.
  • Your identity is never linked to your AI interactions.
  • Entries remain encrypted and private to your account.

 

6. Data Storage and Security

  • All personal data and journal content are stored securely using encrypted databases.
  • We implement industry-standard security measures, including encryption in transit (TLS/SSL) and at rest (AES-256).
  • Only authorized team members bound by confidentiality agreements can access data for troubleshooting or compliance.
  • Backups are encrypted and routinely rotated.

If a data breach occurs, you will be notified promptly in accordance with applicable law.

 

7. International Data Transfers

  • As Heard is used globally, your data may be processed in Australia, the United States, the United Kingdom, or other regions where our service providers operate.
    All transfers comply with GDPR-approved mechanisms such as Standard Contractual Clauses (SCCs) to ensure your data remains protected no matter where it is processed.

 

8. Your Rights

Depending on your location, you may have the right to:

  • Access a copy of your personal data.
  • Request correction or deletion of your information.
  • Withdraw consent or object to processing.
  • Export your data (data portability).
  • File a complaint with your local data authority.

To exercise any of these rights, contact hello@heard-app.com and include your registered email address.

 

9. Retention

We retain your journal entries and account data for as long as your account is active.
If you delete your account, all personal data and entries will be permanently deleted from our servers (subject to legal retention requirements for payment or security records).

 

10. Third-Party Services

We may use trusted third-party providers to deliver parts of the Service, such as:

  • OpenAI (AI reflections)
  • Stripe / Apple / Google (subscriptions and payments)
  • Firebase / Bubble / AWS (secure app hosting and analytics)

Each provider complies with strong security and privacy standards. Links to their policies are available upon request.

 

11. Children’s Privacy

Heard is not designed for users under 16 years old (or the minimum age in your jurisdiction).
We do not knowingly collect personal data from children. If we learn that a child’s data has been submitted, it will be deleted immediately.

 

12. Sensitive Content & Safety Notice

Heard is a wellness support tool, not a substitute for professional therapy or crisis support.
If you are in danger or feel unsafe, please contact local emergency services or a crisis hotline in your country.
In Australia: 1800 RESPECT (1800 737 732)
In the U.S.: National Domestic Violence Hotline — 1-800-799-SAFE

 

13. Changes to This Policy

We may occasionally update this Privacy Policy to reflect legal or operational changes.
If significant updates occur, you will be notified in-app or by email. Continued use of Heard constitutes acceptance of any revised policy.

 

14. Contact Us

If you have any questions or privacy concerns, please contact:
hello@heard-app.com
Heard Collective Pty Ltd
Gold Coast, Queensland, Australia