Privacy Policy for Therapeak

Effective: January 2026

This Privacy Policy applies to all personal data we collect through our website, mobile apps, email, telephone, AI consultations and any other interaction with Therapeak. We are Therapeak. We are committed to protecting and respecting your privacy. This policy explains how we collect, use, store, and share your personal data, and your rights regarding this information. By visiting our website, using our services, or providing us with your personal information, you agree to the processing described in this policy. We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. When we make material changes, we will notify you via email or through a prominent notice on our website.

Privacy at a Glance

  • We only collect information needed to provide AI assistance, such as coaching and related services.
  • We never sell your data.
  • Wellness data is processed only with your explicit consent.
  • You can access, correct, or delete your data at any time.
  • We keep your data secure with encryption, access controls, and regular security reviews.
  • You can withdraw consent at any time without affecting your right to use our standard services.

What Personal Data We Collect

We may collect the following categories of personal data when you create an account, contact us, or use our services:

  • Identity Data: name, date of birth, gender
  • Contact Data: address, email, phone number
  • Financial Data: payment information (processed securely by our payment providers)
  • Transaction Data: details of orders and payments
  • Technical Data: IP address, browser type, device identifiers
  • Profile Data: preferences, survey responses
  • Usage Data: how you use our website and apps
  • Marketing Data: your communication and marketing preferences
  • Special Categories (Wellness data): only with your explicit consent, e.g. lifestyle information, dietary habits, mindset. Providing wellness data is voluntary.

Why We Use Your Data (Legal Basis)

We process your personal data only when a legal basis applies:

  • To perform our contract with you (subscription, customer support)
  • To comply with legal obligations (e.g. tax and accounting rules)
  • With your explicit consent (particularly for wellness data)
  • For our legitimate interests (e.g. service improvement, fraud prevention), provided your rights override these interests
  • To protect your vital interests in emergencies
  • For scientific and statistical research, where legally permitted and subject to safeguards

Special Categories: Wellness Data

  • Processed only with your explicit consent (Article 9 GDPR).
  • Used exclusively to generate appropriate coaching responses.
  • Stored separately from other personal data with enhanced security.

AI and Machine Learning

We may use your data in anonymised or pseudonymised form to train and improve our algorithms and recommendation systems.

  • We will never use identifiable health or genetic data for AI training without your explicit consent.
  • Where possible, we aggregate and de-identify data before use.

Data Sharing

We share your personal data only with trusted third-party providers needed to deliver our services, such as:

  • Secure payment processors
  • Secured server environments

These providers act only on our instructions and are contractually bound to protect your data.

We do not share your data with third parties for their own marketing.

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • Your explicit consent, after being informed of the potential risks

Details of relevant countries and service providers are available upon request.

Data Retention

We keep your personal data only as long as necessary for the purposes for which it was collected. For example:

  • Wellness data is deleted or anonymised 6 months after the last use of our services, unless we are required by law to retain it longer.
  • Transaction and accounting data is kept as required by financial legislation.

Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion ("right to be forgotten")
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time
  • Complain to your local data protection authority

You can exercise these rights by contacting us at info@therapeak.com.

Automated Decision-Making

There is no automated decision-making in any of our processes. Coaching responses are generated from the information you provide. No independent decisions are made by our AI coaches.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal data from children. If we become aware that we have collected such data, we will delete it immediately.

Cookies

We use cookies to improve your experience, analyse usage, and remember your preferences. You can disable cookies in your browser settings, though some features may not function properly.

Marketing

We will send you marketing communications only if you have agreed to receive them.

  • You can opt out at any time via the unsubscribe link in our emails or by contacting us.
  • We will never use health or genetic data for marketing profiling without your explicit consent.

Security

We use appropriate technical and organisational measures to protect your personal data, including encryption, restricted access, and regular security reviews. We do not store full credit card details.

Updates

We may update this Privacy Policy to reflect changes in our practices or for legal reasons. If we make material changes, we will notify you by email or through a notice on our website.