Privacy Policy
This policy applies to all Viverio Ltd products. Almost all health data stays entirely on your device. The only exception is optional AI features — and even then, only the text you type for that feature is ever sent.
1. About This Policy
This Privacy Policy applies to all applications, websites, and services operated by Viverio Ltd (“we”, “us”, “our”). Viverio Ltd is registered in England and Wales (Companies House no. 17224919) and is registered with the Information Commissioner’s Office (ICO) as a data controller. ICO registration number: ZC149799. Contact: privacy@viverio.net
2. Scope
This policy covers all Viverio Ltd mobile applications (current and future), the Viverio Ltd website (viverio.net), and any other digital services operated by Viverio Ltd.
3. Our Privacy Architecture
Viverio Ltd products are built privacy-first. Health data is stored on your device only and is never transmitted to Viverio Ltd servers. The only data ever sent externally is: text you choose to submit to optional AI features; transaction identifiers for subscription management; and your email address if you join our mailing list.
4. What Data We Collect
4.1 Data stored on your device only
The following are stored exclusively on your device and never transmitted:
- Health and wellbeing data (mood logs, journal entries, screening scores, sleep data, substance tracking, safety plan content)
- Therapy module progress and content
- Medication lists, reminders, and adherence logs
- Goals, appointments, and habits
- Emergency contact details
- All in-app settings and preferences
4.2 AI feature data (optional, consent-gated)
When you use optional AI reflection features and have given explicit consent, only the text you type for that specific feature is forwarded to our secure server proxy and then to Anthropic’s Claude model. This text is not stored by our proxy or retained by Anthropic after generating a response. No other app data is ever sent to Anthropic.
4.3 Subscription data
If you purchase a paid subscription, Apple or Google processes your payment. A purchase transaction identifier (not health data, not your name or card details) is shared with RevenueCat, Inc. solely to verify your subscription status.
4.4 Website and waitlist data
If you visit viverio.net or sign up to a Viverio Ltd waitlist or mailing list, your email address is stored in MailerLite UAB. This is entirely separate from your in-app health data. You may unsubscribe at any time.
5. Legal Basis for Processing
| Data type | Legal basis | UK GDPR article |
|---|---|---|
| Health data (on-device) | Explicit consent | Art. 9(2)(a) |
| AI feature text | Explicit consent | Art. 6(1)(a) + 9(2)(a) |
| Subscription transaction ID | Contract performance | Art. 6(1)(b) |
| Waitlist / mailing list email | Consent | Art. 6(1)(a) |
6. How We Use Your Data
- To provide and improve the features and content of our products
- To generate AI-assisted reflections (with your explicit consent)
- To verify your subscription status (if applicable)
- To send you product updates and information (if you have subscribed — you may unsubscribe at any time)
- We do not use your data for advertising, profiling, or any commercial purpose
7. Data Retention
On-device data: retained until you delete it within the application or uninstall it. Viverio Ltd has no access to this data and cannot delete it remotely.
AI feature text: not retained — discarded after generating a response.
Subscription transaction data: retained by RevenueCat in accordance with their privacy policy.
Waitlist and mailing list data: retained until you unsubscribe or request deletion at privacy@viverio.net.
8. International Data Transfers
AI feature text and subscription data are transferred to the United States (Anthropic, Inc. and RevenueCat, Inc.). Waitlist email data is processed by MailerLite UAB in Lithuania (EU). All US transfers are made under Standard Contractual Clauses (SCCs) approved by the ICO.
9. Your Rights Under UK GDPR
- Right to access: all health data is visible directly within each application
- Right to erasure: use Reset App Data within the application; for email data, contact privacy@viverio.net
- Right to portability: use the health export feature within each application
- Right to withdraw AI consent: revocable at any time in Privacy Settings
- Right to rectification: edit any entry directly within the application
- Right to object: contact privacy@viverio.net
We will respond to any rights request within one calendar month.
10. Third-Party Data Processors
| Processor | Purpose and data shared | Safeguard |
|---|---|---|
| Anthropic, Inc. (USA) | AI text inference — only text you type for AI features. Optional; consent-gated. Not retained after response. | SCCs |
| RevenueCat, Inc. (USA) | Subscription management — purchase transaction ID only. Only if you purchase a paid subscription. | SCCs |
| MailerLite UAB (Lithuania, EU) | Waitlist and email communications — email address only. Only if you subscribe. | DPA in place |
| Railway.app | Server proxy hosting — AI feature text in transit only; not stored. | Transient only |
| Apple Inc. | App distribution (App Store); subscription billing where applicable. | Apple Privacy Policy |
| Google LLC | App distribution (Google Play, where applicable); subscription billing where applicable. | Google Privacy Policy |
11. Security
Your data is protected by your device passcode and biometrics. Viverio Ltd never transmits your personal health data to its own servers. AI feature text and subscription data are transmitted over HTTPS (TLS 1.2+). No third-party analytics, advertising SDKs, or tracking pixels are used in any Viverio Ltd application.
12. Children
All Viverio Ltd products are designed for adults aged 18 and over. We do not knowingly collect or process data from anyone under 18. If you believe a child has used a Viverio Ltd product, contact privacy@viverio.net.
13. Changes to This Policy
Material changes will be communicated within affected applications at least 14 days before they take effect.
14. Contact and Complaints
Privacy queries: privacy@viverio.net
General support: support@viverio.net
Security: report@viverio.net
ICO (data protection regulator): ico.org.uk/make-a-complaint · 0303 123 1113
This Privacy Policy was last updated in May 2026.