Privacy Policy

Effective Date: January 7, 2025

1. Introduction

Murva ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the Murva mobile application.

2. Age Requirements

• Users must be at least 13 years old to use Murva
• Users aged 13-17 require verifiable parental or guardian consent
• We comply with the Children's Online Privacy Protection Act (COPPA)
• We comply with the General Data Protection Regulation (GDPR)

3. Information We Collect

3.1 Personal Information You Provide:

• Email address: For account creation and authentication
• Date of birth: For age verification purposes
• User-generated content: Journal entries, mood ratings, and chat messages with our AI assistant

3.2 Automatically Collected Information:

• Device information: Device type, operating system version
• Usage data: Features used, time spent in app, interaction patterns
• Performance data: App crashes, errors, and diagnostic information

4. How We Use Your Information

We use your information to:

• Provide AI-powered mental health support through Claude API (Anthropic)
• Securely store your data in Firebase (Google Cloud Platform)
• Track mood patterns and wellness progress over time
• Send optional notifications for reminders, encouragement, and progress updates
• Improve app functionality, user experience, and feature development
• Ensure compliance with age restrictions and parental consent requirements
• Provide customer support and respond to your inquiries

5. Third-Party Services

5.1 Firebase (Google Cloud):

• User authentication services
• Cloud database storage (Firestore)
• Usage analytics and crash reporting
• Firebase Privacy Policy

5.2 Claude API (Anthropic):

• AI-powered conversational support and mental health guidance
• Your messages are transmitted to Anthropic's servers for AI processing
• Anthropic processes data in accordance with their privacy commitments
• Anthropic Privacy Policy

5.3 Railway (Backend Hosting):

• Secure backend server infrastructure
• Acts as intermediary between app and third-party AI services
• Does not permanently store user conversation data

6. Data Storage & Security

• Encryption in transit: All data transmitted using HTTPS/TLS encryption
• Encryption at rest: Data stored in Firebase is encrypted
• Server locations: United States and European Union
• Access controls: Strict internal access limitations to user data
• No data selling: We do NOT sell your data to third parties
• No advertising: We do NOT use your data for targeted advertising

7. Your Rights Under GDPR & CCPA

You have the following rights regarding your personal data:

• Right to Access: Export all your data using the "Export My Data" feature
• Right to Delete: Permanently delete your account and data via "Delete Account" in settings
• Right to Rectify: Edit and correct your information directly in the app
• Right to Data Portability: Download your data in JSON format
• Right to Withdraw Consent: Delete your account at any time
• Right to Object: Contact us to object to specific data processing

8. Data Retention

• Active accounts: Data retained for as long as your account is active
• Deleted accounts: All data permanently deleted within 30 days of account deletion
• Backup systems: Data removed from backup systems within 90 days
• Legal obligations: Some data may be retained longer if required by law

9. Children's Privacy (COPPA Compliance)

We take children's privacy seriously:

• We do not knowingly collect information from children under 13 without parental consent
• Age verification is required before account creation
• Users aged 13-17 must confirm parental consent before using the app
• If we discover unauthorized collection from a child under 13, we delete the data immediately
• Parents can contact us to review, modify, or delete their child's information

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.

11. Cookies and Tracking

Murva uses minimal tracking technologies:

• Essential cookies for authentication and app functionality
• Analytics to understand app usage and improve features
• No third-party advertising or tracking cookies

12. Your California Privacy Rights (CCPA)

California residents have additional rights:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we don't sell data)
• Right to deletion of personal information
• Right to non-discrimination for exercising CCPA rights

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by:

• Email notification to your registered email address
• In-app notification upon next app launch
• Updating the "Effective Date" at the top of this policy

Your continued use of Murva after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

• Email: info@murva.ai
• Support: chisomo@murva.ai
• Website: https://murva.ai