Privacy policy.

1. Introduction

Welcome to Peachy Life. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website, mobile applications, and related services (collectively referred to as "Services"). By using our Services, you agree to this Privacy Policy.

We are committed to complying with applicable privacy regulations, including the Australian Privacy Act 1988, the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (GDPR), and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).

2. Information We Collect

2.1 Personal Data

We collect various types of personal information, including:

  • Contact Information: Name, email address, and profile details.

  • Mental Health Data: Information related to your emotional state (moods, journal entries, insights from CBT, DBT, and emotional intelligence).

  • Personality and Psychometric Data: Results from personality tests and psychometric assessments.

  • Audio Recordings: Audio journal entries converted to text using speech-to-text technology. Audio files are stored temporarily, and transcriptions may be retained for analysis.

2.2 Wearable Device Data

If you sync a wearable device (e.g., Garmin), we may collect:

  • Biometric Data: Including heart rate, activity levels, and sleep patterns for mental and physical well-being recommendations.

2.3 Automatically Collected Data

  • App Usage Data: Information about how you interact with the app, such as time spent on features and usage patterns.

  • Device Information: IP address, operating system, and device identifiers.

  • Cookies and Tracking Technologies: To gather data for enhancing user experience.

2.4 Unsolicited Information

If we receive unsolicited personal information, we will determine whether it could have been lawfully collected. If not, we will destroy or de-identify the information.

3. Legal Basis for Processing (EU and UK GDPR)

We process personal data under the following legal bases:

  • Consent: When you have provided consent for us to process your personal information for specific purposes.

  • Contractual Obligations: When the processing is necessary for the performance of a contract with you.

  • Legitimate Interests: Where we process your data based on our legitimate interests (e.g., improving the app), provided that these are not overridden by your rights.

  • Legal Obligations: Where processing is necessary to comply with a legal obligation.

4. How We Use Your Information

We use the information collected for the following purposes:

4.1 Personalized Services

  • To create and manage your account.

  • To provide personalized mental health insights and recommendations based on your data.

  • To analyse biometric data from wearables for mental and physical health advice.

4.2 AI Assistant

  • To analyse and provide personalized feedback based on your inputted data (moods, goals, and personality insights) via an AI assistant powered by ChatGPT.

4.3 Improving Services

  • To analyze app usage data to improve and optimize the user experience.

4.4 Communication

  • To provide updates, technical notices, and support services.

  • To notify you about new features or offerings.

4.5 Cross-border Transfers (EU, UK, Canada)

If personal data is transferred outside your jurisdiction, we ensure that it is protected in line with the applicable privacy laws. For transfers outside the UK, EU, or Canada, we use appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs): For transfers outside of the European Economic Area (EEA) and the UK.

  • Adequacy Decisions: For transfers to countries that have been deemed by relevant authorities (e.g., the European Commission or UK authorities) to provide an adequate level of data protection.

5. How We Share Your Information

5.1 Third-Party Service Providers

We may share your data with third-party service providers to assist in providing our Services:

  • Wearable Device APIs: To collect biomarker data from your devices.

  • Speech-to-Text Services: For converting audio recordings.

  • OpenAI (ChatGPT): For providing personalized insights and advice.

These third parties are bound by strict confidentiality agreements and only use your data to fulfill their specific functions.

5.2 Cross-Border Data Transfers

We may transfer your personal data to other countries for processing, including to the United States or other jurisdictions. These transfers are made in compliance with applicable privacy laws, such as the GDPR, UK GDPR, and PIPEDA.

5.3 Legal Compliance

We may disclose your personal information when required by law or to protect the rights, privacy, safety, or property of Peachy Life, its users, or the public.

6. Data Security

We take steps to protect your personal information from misuse, loss, unauthorized access, modification, or disclosure. We use encryption, secure data storage, and access control measures. While we take reasonable precautions, no data transmission over the internet is fully secure.

7. User Rights

7.1 Access, Correction, and Deletion

You have the right to:

  • Access: Request access to your personal information.

  • Correction: Request corrections if your data is inaccurate or incomplete.

  • Deletion: Request the deletion of your data, including your account, journal entries, and biometric information.

7.2 Data Portability

You may request a copy of your data in a structured, commonly used, machine-readable format.

7.3 Consent Withdrawal

If you have provided consent for the collection or processing of your personal information, you may withdraw your consent at any time.

7.4 Right to Object (EU, UK GDPR)

You have the right to object to the processing of your personal data for specific purposes, including direct marketing and profiling.

7.5 Complaint

If you are not satisfied with how we handle your personal data, you may lodge a complaint with:

  • Australia: Office of the Australian Information Commissioner (OAIC)

  • UK: Information Commissioner’s Office (ICO)

  • EU: Data Protection Authority (DPA) in your respective country

  • Canada: Office of the Privacy Commissioner of Canada (OPC)

8. Cross-Border Data Transfers (International)

If we transfer your personal data outside of your jurisdiction (e.g., to third-party providers in other countries), we ensure that such transfers comply with applicable privacy laws and use appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs) (for EU/UK transfers)

  • Adequacy Decisions: For transfers to jurisdictions with an adequacy decision under the GDPR or UK GDPR.

9. Children’s Privacy

Our Services are not intended for individuals under the age of 13. We do not knowingly collect personal information from children under this age. If we become aware that we have inadvertently collected such data, we will delete it immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal obligations. Any significant changes will be communicated to you through our app or website. We encourage you to review this policy regularly.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, you can contact us at:

You may also contact your local data protection authority to escalate any unresolved concerns.

Effective Date: 06-Sep-2024
Last Updated: 06-Sep-2024