Privacy Policy

How we protect and handle your data

Privacy Policy

Last Updated: February 7, 2026

MoodHero ("we," "us," or "our") is operated by Moodhero OU. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the MoodHero mobile application (the "App"). Please read this policy carefully. By using MoodHero, you consent to the practices described herein.

1. Information We Collect

We collect the following categories of personal data when you use MoodHero:

1.1 Account Information

  • Full name
  • Email address
  • Password (stored in hashed form; we never store plain-text passwords)
  • Country of residence
  • Profile picture

1.2 Partner Information

  • Partner's name
  • Relationship goals
  • Menstrual cycle data, including period start and end dates, cycle length, cycle phases, regularity patterns, and fertility/ovulation predictions

1.3 Mood Tracking Data

  • Mood logs across nine mood types: happy, good, calm, meh, sad, stressed, crying, angry, and lovely
  • Mood predictions with confidence scores
  • Personal notes associated with mood entries
  • Cycle phase data linked to mood entries

1.4 AI Chat Data

  • Conversation history and messages exchanged with the AI assistant
  • Partner context provided to personalize AI responses

1.5 Learning and Gamification Data

  • Topic and article completion status
  • Points earned and badges achieved
  • Login streak history and badge progress

1.6 Payment Information

  • Subscription status and plan type
  • Payment card details are processed exclusively by our payment provider, Stripe, and are never stored on our servers

1.7 Referral and Attribution Data

  • Affiliate codes
  • Campaign and channel attribution data

1.8 Device and Technical Data

  • Push notification tokens
  • Device platform (iOS or Android)
  • Device brand and model

2. Sensitive Health Data

Important: MoodHero collects and processes data that is classified as sensitive health information under applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

The following categories of data are considered sensitive health data:

  • Menstrual cycle data: Period dates, cycle length, phase tracking (menstruation, follicular, ovulation, luteal), and fertility/ovulation predictions
  • Mood and emotional state tracking: Records of emotional states, patterns, and mood predictions

We process this sensitive health data only with your explicit consent, which you provide when you voluntarily enter this information into the App. You may withdraw your consent at any time by deleting your data or your account through the in-app settings.

This data is used solely to provide the core functionality of MoodHero, including mood tracking, cycle phase awareness, mood forecasting, and personalized relationship insights. We do not sell sensitive health data to third parties, nor do we use it for advertising purposes.

3. How We Use Your Information

We use the information we collect for the following purposes:

Purpose Data Used Legal Basis (GDPR)
Provide and maintain the App Account, partner, mood, chat data Contract performance
Mood tracking and predictions Mood logs, cycle data Explicit consent
Cycle phase awareness Menstrual cycle data Explicit consent
AI-powered chat and suggestions Chat history, partner context Contract performance
Push notifications Push tokens, mood/cycle predictions Consent
Gamification and engagement Learning progress, streaks, badges Contract performance
Payment processing Subscription status, plan type Contract performance
Error monitoring and stability Device data, crash reports Legitimate interest
Referral and attribution Affiliate codes, campaign data Legitimate interest

4. Third-Party Services

We use the following third-party services that may receive or process your data:

4.1 Sentry (sentry.io)

We use Sentry for error monitoring, crash reporting, performance tracing, and session replay to ensure App stability and diagnose issues. Sentry may receive device information, session data, and, in some cases, personally identifiable information (PII) to assist in debugging. For more information, see Sentry's Privacy Policy.

4.2 Novu

Novu is used for push notification delivery. Novu receives push notification tokens and notification content to deliver messages to your device.

4.3 Stripe

Stripe processes all payment transactions. Stripe is PCI DSS compliant and handles payment card details directly. We do not store or have access to your full card details. For more information, see Stripe's Privacy Policy.

4.4 Branch.io

Branch.io provides deep linking functionality, attribution tracking, and affiliate link management. Branch may collect device identifiers and referral data. For more information, see Branch's Privacy Policy.

4.5 Expo

Expo provides the infrastructure for over-the-air (OTA) updates and push notification delivery. Expo may receive device identifiers and push tokens. For more information, see Expo's Privacy Policy.

4.6 Google OAuth

If you choose to sign in with Google, we receive your name, email address, and profile picture from Google to create and authenticate your account. For more information, see Google's Privacy Policy.

4.7 Apple Sign In

If you choose to sign in with Apple, we receive your name and email address (or a private relay email) from Apple to create and authenticate your account. For more information, see Apple's Privacy Policy.

5. Device Permissions

MoodHero may request the following device permissions:

Permission Purpose Required
Camera Take profile pictures Optional
Photo Library Select profile pictures from your photos Optional
Calendar Add cycle-related events and reminders Optional
Reminders Set notifications for important cycle events Optional
Push Notifications Receive mood forecasts, period predictions, and personalized suggestions Optional
Microphone Configured for potential future features; not currently used Optional

All permissions are optional. You can deny or revoke any permission at any time through your device settings. Denying a permission may limit certain App features.

6. Data Storage and Security

We implement industry-standard security measures to protect your personal data:

  • Passwords are cryptographically hashed and never stored in plain text
  • Authentication tokens are stored in device-encrypted secure storage (iOS Keychain / Android Keystore)
  • All data transmissions between the App and our servers are encrypted using TLS/SSL
  • Payment processing is handled by Stripe, a PCI DSS-compliant provider
  • Non-sensitive user preferences are stored in local device storage

While we strive to protect your personal data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security, but we are committed to maintaining robust safeguards.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. Specifically:

  • Account data: Retained until you delete your account
  • Mood and cycle data: Retained until you delete your account or remove individual entries
  • Chat history: Retained until you delete your account
  • Payment records: Retained as required by applicable tax and financial regulations
  • Error logs and crash reports: Retained for up to 90 days for diagnostic purposes

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required by law to retain certain information.

8. Your Rights

Regardless of your location, you have the following rights regarding your personal data:

  • Account deletion: You can delete your account directly within the App through the account settings
  • Data export: You may request a copy of your personal data by contacting us
  • Consent withdrawal: You may withdraw consent for data processing at any time, though this may affect App functionality
  • Permission management: You can revoke device permissions at any time through your device settings
  • Notification preferences: You can manage push notification preferences within the App

9. GDPR Rights (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete personal data
  • Right to erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to restriction: Request that we restrict the processing of your personal data in certain circumstances
  • Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format
  • Right to object: Object to the processing of your personal data based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time for processing based on consent, without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at support@moodhero.net. We will respond to your request within 30 days as required by the GDPR.

Data Controller: Moodhero OU is the data controller for the purposes of the GDPR. If you believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

10. CCPA Rights (California Users)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to know: Request information about the categories and specific pieces of personal information we have collected, the sources of collection, and the purposes for which we use it
  • Right to delete: Request deletion of personal information we have collected from you, subject to certain exceptions
  • Right to opt-out: Opt out of the sale of your personal information. We do not sell your personal information, including sensitive health data
  • Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA rights

To exercise your CCPA rights, please contact us at support@moodhero.net. We will verify your identity before processing your request and respond within 45 days.

11. Children's Privacy

MoodHero is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal data, please contact us at support@moodhero.net.

12. International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence. When we transfer data outside the EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or other legally recognized transfer mechanisms.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this policy and, where appropriate, through an in-app notification or email.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Version 2.0 | Last updated February 15, 2026