Privacy Policy
Last updated February 28, 2026
This Privacy Policy for relif, LLC ("Company," "we," "us," or "our"), a Delaware limited liability company, describes how and why we may access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:
- Download and use our mobile application (relif) or any other application linked to this Privacy Policy
- Visit our website at https://myrelif.com
- Access our community features, forums, or subscription services
- Engage with us in other ways (e.g., sales, marketing, or events)
Questions or concerns? Reading this Privacy Policy will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. For any inquiries, see How Can You Contact Us About This Notice?.
Table of Contents
- What Information Do We Collect?
- How Do We Process Your Information?
- What Legal Bases Do We Rely on to Process Your Information?
- When and With Whom Do We Share Your Personal Information?
- Do We Use Cookies and Other Tracking Technologies?
- Do We Offer Artificial Intelligence-Based Products?
- How Do We Handle Your Social Logins?
- How Long Do We Keep Your Information?
- How Do We Keep Your Information Safe?
- What Are Your Privacy Rights?
- Controls for Do-Not-Track Features
- Do United States Residents Have Specific Privacy Rights?
- Children's Privacy (COPPA Compliance)
- Do Israeli Residents Have Specific Privacy Rights?
- Do Other Regions Have Specific Privacy Rights?
- Community and Subscription Services
- Do We Make Updates to This Notice?
- How Can You Contact Us About This Notice?
- How Can You Review, Update, or Delete the Data We Collect From You?
What Information Do We Collect?
Personal Information You Disclose to Us
In Short: We collect personal information that you voluntarily provide.
We collect information when you register on our Services, express interest in our products, participate in our activities, use our community features, or otherwise contact us.
Examples include:
- Names
- Phone numbers
- Email addresses
- Mailing addresses
- Usernames
- Passwords
- Contact or authentication data
- Billing addresses and payment information
- Profile pictures
- Community posts and contributions
Sensitive Information
We process certain categories of sensitive information in connection with our mental health and wellness services:
- Health-related information: Mood tracking data, anxiety levels, breathing exercise usage, and wellness progress you voluntarily share
This sensitive information is processed with your explicit consent and is essential for providing our core wellness services. We apply enhanced security measures to protect this data.
Social Media Login Data
You may register using social media accounts (e.g., Google, Apple, Facebook). In such cases, we collect basic profile information as detailed in How Do We Handle Your Social Logins?.
Application Data
If you use our application(s), we may also collect:
- Mobile Device Access: Permission to access device features (e.g., camera, storage, notifications).
- Mobile Device Data: Automatically collected device details (e.g., device ID, model, OS, IP address, etc.).
- Push Notifications: We may send notifications regarding your account, wellness reminders, or features. You can disable these in your device's settings.
All information provided must be accurate and updated as needed.
Information Automatically Collected
In Short: Some data—such as your IP address and device characteristics—is collected automatically.
This includes:
- Log and Usage Data: Diagnostic and performance information (e.g., IP address, browser type, timestamps, etc.).
- Device Data: Data about your device (e.g., IP, device ID, etc.).
- Usage Patterns: How you interact with our Services, including feature usage and session duration.
Google API: Our use of data from Google APIs follows the Google API Services User Data Policy.
How Do We Process Your Information?
In Short: We process your data to provide, improve, and administer our Services, communicate with you, ensure security, prevent fraud, and comply with laws. We may also process your information for other purposes with your consent.
We process your personal information to:
- Facilitate account creation, authentication, and management
- Provide personalized wellness recommendations based on your usage patterns
- Deliver AI-powered chat companion interactions
- Identify usage trends to improve our Services
- Send you wellness reminders and notifications (with your consent)
- Process subscription payments and manage billing
- Moderate community content and ensure safe interactions
- Protect vital interests (e.g., crisis detection for user safety)
- Comply with legal obligations
What Legal Bases Do We Rely on to Process Your Information?
In Short: We only process your personal information when a valid legal basis exists.
For Users in the EU or UK (GDPR):
- Consent: Processing based on your explicit permission (withdrawable at any time).
- Performance of a Contract: Processing necessary to fulfill our contractual obligations to you.
- Legitimate Interests: When necessary for our legitimate business interests that do not override your rights.
- Legal Obligations: To comply with the law.
- Vital Interests: To protect your or another's vital interests.
For Users in Israel (Privacy Protection Law, Amendment 13):
Effective August 14, 2025, we comply with Israel's enhanced privacy regulations:
- Consent: We obtain explicit, informed consent for processing personal data, clearly distinguishing primary and secondary purposes.
- Purpose Limitation: We use your data only for the specific purposes disclosed at collection.
- Data Subject Rights: You have rights to access, rectify, delete, and port your personal data.
- Data Protection: We implement appropriate technical and organizational measures as required by Amendment 13.
For Users in Canada:
Processing occurs with your express or implied consent. In exceptional cases, processing may occur without consent if permitted by law.
When and With Whom Do We Share Your Personal Information?
In Short: We may share your data in specific situations.
Examples include:
- Service Providers: Third-party vendors who help us provide our Services (e.g., payment processors, cloud storage, analytics).
- Business Transfers: During mergers, asset sales, financing, or acquisitions.
- Legal Requirements: When required by law or to protect our rights.
- With Your Consent: In other situations where you have given us explicit permission.
We do not sell your personal information.
Third-Party Service Providers
We use the following third-party processors to operate our Services:
| Provider | Purpose | Data Shared | Location |
|---|---|---|---|
| OpenAI | AI companion (Liam) responses | Conversation messages and account context needed to respond | United States |
| Firebase (Google) | Authentication, database, analytics, crash reporting, cloud functions | Account data, usage data, crash logs | United States |
| RevenueCat | Subscription management | Purchase receipts, subscription status | United States |
| Mixpanel | Product analytics | Usage events, device info | United States |
| UXCam | Session recording (schematic only) | Screen interactions (sensitive screens occluded) | United States |
| AppsFlyer | Attribution and campaign measurement (when enabled) | Device identifiers, install source, attribution events | Germany (EU) |
| Meta (Facebook App Events) | Campaign measurement (when enabled) | App events, purchase events, device identifiers | United States |
| Brevo (Sendinblue) | Transactional email | Email address, name | France (EU) |
| Sentry | Error monitoring | Error logs, device info | United States |
| Stripe | Payment processing (website) | Payment details (processed by Stripe, not stored by us) | United States |
Each provider processes data only as necessary to perform their specific function and is bound by data processing agreements. AppsFlyer and Meta campaign-measurement features are only used when you enable Marketing Measurement in the app. On iPhone, app tracking remains subject to Apple's App Tracking Transparency permission.
Do We Use Cookies and Other Tracking Technologies?
In Short: Yes, for security, performance, and analytics.
We use cookies, web beacons, and similar technologies to:
- Ensure website functionality and security
- Save your preferences
- Support analytics and understand usage patterns
- Remember your login status
For details, see our Cookie Policy.
Google Analytics: We may share your data with Google Analytics. To opt out, visit https://tools.google.com/dlpage/gaoptout.
Do We Offer Artificial Intelligence-Based Products?
In Short: Yes, we offer AI-powered products, features, and tools.
Use of AI Technologies
We provide AI products through third-party providers (e.g., OpenAI). Your inputs, outputs, and personal data may be shared with these providers for the purpose of delivering our AI companion chat feature.
Our AI Products
- AI Chat Companion: An empathetic AI assistant designed to help you process thoughts and feelings
- Intelligent Recommendations: Personalized wellness technique suggestions based on your patterns
Entity Memory & Personalization
To provide a more personalized experience, Liam extracts conversation themes from your interactions, including:
- Anxiety triggers and patterns you mention
- Techniques and coping strategies that resonate with you
- Communication preferences and emotional style
This "entity memory" data is stored in your account and used solely to personalize Liam's responses. You can view and delete this data at any time in Settings > Privacy > "View What Liam Remembers."
Crisis Detection
Our AI companion includes automated crisis detection across all 8 supported languages (English, Hebrew, Arabic, German, Spanish, French, Portuguese, Russian). When crisis indicators are detected in conversation:
- Crisis hotline resources are automatically displayed
- The detection event is logged (timestamp, language, action taken — not the message content)
- No human staff are alerted, and no external parties are contacted
Crisis detection events are logged for aggregate compliance reporting (required by California SB 243) and system improvement. Individual message content that triggered detection is never stored in the audit log.
For full details, see our Crisis Protocol.
How We Process Your Data Using AI
- All data processed through our AI products is handled according to this Privacy Policy and our agreements with third-party AI providers.
- We do not use your personal conversations to train AI models without your explicit consent.
- AI interactions are stored to provide continuity in your wellness journey but can be deleted upon request.
AI Disclosure (Israel Amendment 13 Compliance)
In accordance with Israeli privacy regulations, we disclose that:
- Automated decision-making is used to provide personalized wellness recommendations
- You have the right to request human review of automated decisions that significantly affect you
- You can turn off Personalized Experience in Settings > Privacy while continuing to use Liam's core chat functionality
How Do We Handle Your Social Logins?
In Short: If you use a social media account to register or log in, we may access certain profile information.
When you log in using social media credentials, we receive:
- Your name
- Email address
- Profile picture (if available)
Your social media data is used solely for the purposes described in this Privacy Policy. We do not post to your social media accounts without your explicit permission.
How Long Do We Keep Your Information?
In Short: We retain your data only as long as necessary for the purposes described or as required by law.
Specific retention periods:
- Account data: For the duration of your account plus 30 days after deletion request
- Chat messages: Indefinitely while account is active (AES-256 encrypted), deleted upon account deletion
- Mood tracking entries: Indefinitely while account is active, deleted upon account deletion
- Entity memory (Liam memory): Indefinitely until manually deleted via Settings or account deletion
- Thought Garden (community): Shared thoughts visible in community stream for 7 days; personal copy retained indefinitely
- Wellness/therapeutic data: As long as your account is active, unless you request earlier deletion
- Payment records: 7 years for tax and legal compliance
- Analytics data: Up to 26 months; some de-identified or aggregate analytics may be retained longer
- Crisis detection audit logs: 3 years for regulatory compliance reporting
When no longer needed, your information will be securely deleted or anonymized.
How Do We Keep Your Information Safe?
In Short: We use technical and organizational measures to protect your data.
We implement:
- AES-256 encryption for data at rest
- TLS 1.3 encryption for data in transit
- Secure cloud infrastructure with regular security audits
- Access controls limiting who can view your data
- Regular security training for our team
Session Recording (UXCam)
To improve our app's usability, we use UXCam for schematic session recordings. These recordings capture screen interactions in a wireframe-like format — not actual screenshots or video of your screen.
Occluded (never recorded) screens:
- Chat conversations with Liam
- Journaling screens (gratitude, victories, free-flow)
- Mood tracking input
- Thought release input
- Thought reframe sessions
- Account settings with personal information
- Payment and subscription screens
- Password and authentication screens
- Crisis support screens
Session recording is disabled by default and requires your explicit consent. You can control this in Settings > Privacy > "Session Recording."
No method is 100% secure; therefore, we cannot guarantee complete security. We encourage you to use strong passwords and enable biometric authentication where available.
What Are Your Privacy Rights?
In Short: Depending on your location, you may have rights such as accessing, correcting, or deleting your personal information.
General Rights
You may request:
- Access to your personal data
- Correction or deletion of your data
- Restriction or objection to processing
- Data portability (receive your data in a structured format)
How to Exercise Your Rights
- In-App: Use Settings > Privacy > Data Management
- Email: Contact support@myrelif.com
- Mail: Write to our address listed below
Additionally:
- Withdrawing Consent: You may withdraw consent at any time through app settings or by contacting us.
- Opting Out of Marketing: You can unsubscribe from promotional communications via the link in any email.
- Account Deletion: You may request account deletion via Settings > Account > Delete Account or by contacting support.
Controls for Do-Not-Track Features
Many browsers and mobile OSs include a Do-Not-Track (DNT) setting. We honor Global Privacy Control (GPC) signals as required by applicable law. For DNT signals, no uniform standard exists; thus, we do not currently respond to DNT browser signals.
Do United States Residents Have Specific Privacy Rights?
In Short: Certain U.S. states grant additional rights regarding personal data.
Delaware Personal Data Privacy Act (DPDPA) - Effective January 1, 2025
If you are a Delaware resident, you have the following rights:
- Right to Know: What personal data we collect and process
- Right to Access: Obtain a copy of your personal data
- Right to Correct: Request correction of inaccurate data
- Right to Delete: Request deletion of your personal data
- Right to Opt-Out: Of sale of personal data, targeted advertising, and profiling
We do not sell your personal data.
To exercise these rights, contact us at support@myrelif.com or use the in-app privacy controls.
California Consumer Privacy Act (CCPA/CPRA)
California residents have additional rights including:
- Right to Know: What categories and specific pieces of personal information we collect, use, disclose, and sell
- Right to Delete: Request deletion of personal information we have collected
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out: Of sale or sharing of personal information. Use the "Do Not Sell or Share My Personal Information" toggle in Settings > Privacy > Privacy Choices
- Right to Limit: Use of sensitive personal information to purposes necessary to provide our Services
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
We do not sell your personal information. We do not use or disclose sensitive personal information for purposes other than providing and improving our Services.
To exercise these rights: use the in-app privacy controls at Settings > Privacy, email support@myrelif.com, or write to our address listed below. We will verify your identity before processing your request and respond within 45 days.
California "Shine The Light" Law: California residents may request details regarding data disclosed to third parties for marketing purposes.
California SB 243 (Mental Health Digital Services): As a digital mental health service operating in California, we comply with SB 243 requirements including: prominent AI disclosure, crisis detection and resource provision, session time awareness features for minors, and annual compliance reporting.
Washington My Health My Data Act (MHMDA)
Washington state residents have specific rights regarding consumer health data:
- We use wellness data to provide relif, personalize the experience when you enable Personalized Experience, and generate coarse first-party derived analytics for product improvement
- Marketing Measurement and Session Recording are controlled separately in Settings > Privacy
- You can turn off Personalized Experience at any time in Settings > Privacy
- You can review and delete Liam memory in Settings > Privacy > "View What Liam Remembers"
- You can request deletion of consumer health data by contacting us or deleting your account. Some de-identified or aggregate analytics may remain after deletion
Nevada SB 370 (Mental Health Data)
Nevada residents have the right to opt out of the sale of their mental health data. We do not sell mental health data. For questions about your rights under Nevada law, contact support@myrelif.com.
Other U.S. State Laws
We comply with applicable privacy laws in Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy legislation.
Children's Privacy (COPPA Compliance)
relif is designed for users aged 13 and older. We do not knowingly collect personal information from children under 13.
- Age Verification: We verify user age during onboarding. Users who indicate they are under 13 are blocked from creating an account.
- Minor Protections (13-17): Users identified as minors receive additional protections including session time awareness reminders and enhanced AI disclaimers.
- Parental Rights: Parents or guardians of users aged 13-17 may contact us at support@myrelif.com to:
- Request access to their child's personal data
- Request deletion of their child's account and data
- Withdraw consent for data processing
- Data Minimization: We collect only the minimum data necessary from minor users and apply enhanced security measures.
If we discover that we have collected personal information from a child under 13, we will delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at support@myrelif.com.
Do Israeli Residents Have Specific Privacy Rights?
In Short: Israeli residents have enhanced privacy rights under the Privacy Protection Law, as amended by Amendment 13 (effective August 14, 2025).
Your Rights Under Israeli Law
- Right to Access: You may request access to your personal data and information about how it is processed.
- Right to Rectification: You may request correction of inaccurate or incomplete data.
- Right to Deletion: You may request deletion of your personal data, subject to legal retention requirements.
- Right to Data Portability: You may request your data in a structured, commonly used format.
- Right to Object: You may object to certain processing activities.
- Right to Withdraw Consent: You may withdraw consent at any time without affecting prior lawful processing.
Cross-Border Data Transfers
When we transfer your data outside of Israel, we ensure appropriate safeguards are in place, including:
- Adequacy decisions by the Privacy Protection Authority
- Standard contractual clauses
- Your explicit consent for specific transfers
Data Protection Officer
For questions about our data practices or to exercise your rights under Israeli law, contact our designated data protection contact at:
- Email: support@myrelif.com
Filing Complaints
You have the right to file a complaint with the Israeli Privacy Protection Authority (PPA) if you believe your privacy rights have been violated.
Do Other Regions Have Specific Privacy Rights?
In Short: Depending on your country, you may have additional rights.
European Economic Area (EEA) and United Kingdom
If you are in the EEA or UK, you have rights under the GDPR, including lodging complaints with your local data protection authority.
Australia and New Zealand
Privacy laws grant you rights to access and correct your data. Complaints can be submitted to the Office of the Australian Information Commissioner (OAIC) or the New Zealand Privacy Commissioner.
Community and Subscription Services
Community Features
Our Services may include community features such as forums, support groups, and shared experiences. When you participate:
- Public Contributions: Content you post to public areas may be visible to other users.
- Moderation: We may review and moderate community content for safety and compliance.
- User Interactions: Information you share with other community members is at your discretion.
Subscription Services
When you subscribe to our premium services:
- Payment Processing: We use secure third-party payment processors (App Store, Google Play, Stripe). We do not store full payment card details.
- Subscription Data: We maintain records of your subscription status, billing history, and feature access.
- Auto-Renewal: Subscriptions auto-renew unless cancelled. You can manage subscriptions through your app store account.
Do We Make Updates to This Notice?
In Short: Yes, we may update this notice periodically.
The "Last updated" date at the top reflects the most recent update. We will notify you of material changes through the app or via email. Please review this policy regularly.
How Can You Contact Us About This Notice?
relif, LLC
-
Email: support@myrelif.com
-
General Support: support@myrelif.com
-
Registered Address: relif, LLC 131 Continental Dr, Suite 305 Newark, DE 19713 United States
-
Mailing Address: relif, LLC 11655 Strand Way Hollywood, FL 33026 United States
How Can You Review, Update, or Delete the Data We Collect From You?
Depending on your jurisdiction, you may have the right to access, update, or delete your data.
To exercise these rights:
- In-App: Go to Settings > Privacy > Data Management
- Email: Send a request to support@myrelif.com
- Data Subject Access Request: Submit a formal request to the address above
We will respond to your request within 30 days (or sooner as required by applicable law).