Educational Tool: Process is built to be a resource or bridge to professional mental health care, not to replace it. Crisis resources here.

logo Process

Privacy Policy

Last updated: July 31, 2025

Introduction

At Process, your privacy and emotional safety are our highest priorities. This Privacy Policy explains how we collect, use, protect, and handle your personal information when you use our trauma-informed AI emotional support application.

We understand the sensitive nature of trauma and emotional processing. Your trust is sacred to us, and we are committed to transparency about our data practices.

Information We Collect

Personal Information

  • Account Data: Email address, first name, last name (encrypted in database)
  • Authentication: Password (hashed), multi-factor authentication codes, refresh tokens
  • Subscription Data: Stripe customer ID, subscription status, payment information

Usage and Conversation Data

  • Chat Conversations: All messages, conversation history, and emotional content (encrypted)
  • Usage Analytics: Session events, user engagement metrics
  • Technical Data: IP addresses, device information, login timestamps, geographic location

What We Do NOT Collect

  • Explicit age verification data
  • Sensitive health diagnoses or medical records
  • Third-party tracking beyond essential services

How We Use Your Information

Primary Uses

  • Service Provision: To provide emotional support and trauma-informed emotional processing
  • Account Management: To create and maintain your account, process payments
  • AI Processing: To enable Claude AI to provide personalized emotional support
  • Communication: To send important notifications and support emails

Analytics and Improvement

  • To improve our AI responses and emotional support capabilities
  • To analyze usage patterns and enhance user experience
  • To ensure system security and prevent abuse

Third-Party Services

Essential Services

  • Stripe: Payment processing and subscription management
  • Mailjet: Email delivery for notifications and support
  • Claude AI (Anthropic): AI processing for emotional support conversations
  • AWS: Backend infrastructure and data storage (US East 1 region)
  • MongoDB: Database storage
  • ElevenLabs: Voice synthesis (if voice features are enabled)

Data Sharing with Third Parties

We only share your data with third parties in these specific circumstances:

  • Service Providers: To process payments, send emails, and provide AI services
  • Legal Requirements: When required by law or to protect our rights
  • Emergency Situations: In crisis situations where professional help is needed

We do NOT share your data with:

  • Third-party analytics services
  • Advertising networks
  • Social media platforms
  • Unauthorized third parties

Data Storage and Security

Storage Location

  • Primary Storage: AWS US East 1 region (United States)
  • Database: MongoDB hosted on AWS infrastructure
  • Backup: AWS infrastructure with standard redundancy

Security Measures

  • Encryption at Rest: All sensitive data encrypted using industry-standard encryption
  • Encryption in Transit: HTTPS/TLS for all communications
  • Password Security: Bcrypt hashing with salt factor of 10
  • Authentication: JWT tokens, multi-factor authentication, rate limiting
  • Infrastructure: AWS security groups, IAM roles, audit logging

Data Retention

Message Data

  • Automatic Deletion: Messages are automatically deleted after 365 days
  • Manual Deletion: Users can delete their account and all data immediately
  • TTL Indexes: MongoDB Time To Live indexes ensure automatic cleanup

Account Data

  • Account Persistence: User accounts remain until manually deleted
  • Token Expiration: Refresh tokens expire after 7 days
  • Audit Logs: Maintained for security purposes

Your Rights and Choices

Your Rights

  • Access: View your profile and chat history
  • Deletion: Complete account deletion with removal of all data
  • Portability: Export your chat history
  • Correction: Update your profile information
  • Withdrawal: Cancel subscriptions and delete accounts

How to Exercise Your Rights

  • Access your data through your account settings
  • Delete your account through the account deletion feature
  • Contact us at team@processit.app for assistance

AI and Machine Learning

Claude AI Processing

  • Real-time Processing: Chat messages are processed by Claude AI for emotional support
  • No Training Data: Conversations are not used to train AI models
  • Secure Transmission: Messages are encrypted before sending to AI services
  • Privacy Protection: No personal identifiers are shared with AI services

Safety Protocols

  • Crisis Detection: AI recognizes crisis indicators and provides appropriate responses
  • Grounding Techniques: Built-in safety protocols for overwhelming emotions
  • Professional Resources: Direct users to crisis hotlines when needed

Crisis and Emergency Situations

Crisis Recognition

Our AI system is trained to recognize crisis indicators including:

  • Self-harm mentions or intentions
  • Dissociation or overwhelming emotions
  • Suicidal thoughts or ideation
  • Severe emotional distress

Crisis Response

  • Immediate Response: AI provides grounding techniques and safety checks
  • Escalation: Users are directed to professional crisis resources
  • Resources Provided: Crisis hotlines and professional mental health services

Available Crisis Resources

  • National Suicide Prevention Lifeline: 1-800-273-8255
  • Crisis Text Line: Text HOME to 741741
  • SAMHSA National Helpline: 1-800-662-HELP
  • Trevor Project: For LGBTQ+ youth
  • Trans Lifeline: For transgender support

Age Restrictions and Youth Protection

Age Requirements

  • Minimum Age: 16 years old
  • Parental Consent: Recommended for users under 18 years old
  • Professional Disclaimer: This service is not a substitute for professional mental health care

Youth Safety

  • Enhanced safety protocols for younger users
  • Clear disclaimers about professional mental health care
  • Parental guidance recommendations for users under 18

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Sending you an email notification
  • Updating the "Last updated" date at the top of this policy

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: team@processit.app
  • Response Time: We aim to respond to privacy inquiries within 48 hours

Legal Basis and Compliance

This Privacy Policy complies with applicable data protection laws including:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Children's Online Privacy Protection Act (COPPA)
  • Health Insurance Portability and Accountability Act (HIPAA) considerations

Important Disclaimers

Important Disclaimer

IMPORTANT: Process is not a substitute for professional mental health care. If you are experiencing a mental health crisis, please contact emergency services or a mental health professional immediately.