Privacy Policy

Introduction

Holistic AI LLC Doing Business as Transformational AI LLC ("TAI," "we," "us," or "our") operates the TAI journaling application. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile application and related services.

Contact: privacy@transformationalai.world
Holistic AI LLC Doing Business as Transformational AI LLC, 1196 Timberline Terrace, Ashland, OR, 97520, USA

Information We Collect

Information You Provide

• Account information (email address, display name)
• Journal entries (text and voice recordings)
• Feedback and support communications
• Survey responses and preferences

Information Collected Automatically

• Device identifiers and browser information
• Usage data (features used, session duration)
• Crash logs and diagnostic data
• IP address and approximate location

Sensitive Personal Information

TAI may collect sensitive personal information including: content of journal entries that may contain mental health information, and voice recordings for transcription purposes. We do NOT create voiceprints or biometric identifiers from your voice—audio is processed solely for speech-to-text conversion and deleted immediately after transcription. See our Biometric Data Policy for details on voice data handling.

How We Use AI to Process Your Journal Entries

TAI uses artificial intelligence to provide personalized insights and support your journaling journey. Here's how it works:

1. When you submit a journal entry, it is sent to our AI partner (Anthropic Claude) for processing.
2. Before sending, we remove your identifying information (email, name, user ID). The AI only sees the text content of your entry.
3. Anthropic provides Zero Data Retention (ZDR) for API usage—your journal content is processed and immediately discarded, never stored or used to train their models (per Anthropic API Terms).
4. The AI-generated insights are returned to TAI, associated with your account, and stored in encrypted form.

You can disable AI features at any time in Settings > Privacy > AI Processing.

Voice Recordings and Transcription

When you use voice journaling, we collect audio recordings of your speech. These recordings are:

• Processed by Mistral AI (Voxtral) for speech-to-text transcription
• Transmitted using encrypted connections
• Deleted immediately after transcription completes
• Never stored on TAI servers—only the text transcript is saved

We do not create, store, or use "voiceprints" (biometric identifiers derived from unique characteristics of your voice) for identification purposes.

Third-Party Services

We share data with the following service providers to operate TAI:

Data Retention

Your Privacy Rights

Depending on your location, you may have the following rights:

All Users

• Access your personal information
• Correct inaccurate information
• Delete your account and data
• Export your journal entries
• Withdraw consent for optional processing

California Residents (CCPA/CPRA)

• Know what personal information we collect, use, and share
• Delete your personal information
• Opt-out of the sale/sharing of personal information
• Limit use of sensitive personal information
• Non-discrimination for exercising your rights

European Union Residents (GDPR)

• Access, correct, or delete your personal information
• Restrict or object to processing
• Data portability
• Withdraw consent
• Lodge a complaint with a supervisory authority

To exercise any right, email privacy@transformationalai.world with subject "Privacy Rights Request" and we will respond within 30 days. For more details, see our Data Rights page.

Your Right to Data Erasure (GDPR Article 17)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the right to request erasure of your personal data.

How to Request Erasure

You can delete your account at any time from Settings > Privacy > Delete Account, or email privacy@transformationalai.world. We will:

1. Verify your identity within 2 business days
2. Process your request within 30 days
3. Send confirmation when erasure is complete

What Gets Deleted

• All journal entries (encrypted database records)
• AI-generated conversation history
• Voice transcripts (audio already deleted after transcription)
• Generated images
• Memories and personal insights
• Account profile information

What We Retain

• Anonymized usage analytics (no personal identifiers, 13 months)
• Financial records for tax/legal compliance (7 years)
• Security audit logs (90 days)

Third-Party Notification

When you delete your account, we notify our AI providers to delete any cached data:

• Anthropic Claude — Zero Data Retention policy (no data stored)
• Mistral AI — Zero Data Retention policy (no data stored)
• Google Cloud — Image data not retained after generation

Exceptions to Erasure

We may retain data if required to:

• Comply with legal obligations (tax records, court orders)
• Establish, exercise, or defend legal claims
• Protect vital interests of another person

If we cannot fully erase your data, we will explain why and inform you of your right to lodge a complaint with your supervisory authority.

Consent Revocation

When you revoke consent for a feature (like AI or Voice), this takes effect immediately for all future operations. Operations that were already in progress when you revoked consent will complete normally. You can manage your consent preferences at any time from Settings > Privacy.

How We Protect Your Data

TAI uses multiple layers of security to protect your journal entries:

• All data is encrypted in transit using TLS 1.3
• Journal entries are encrypted at rest using AES-256-GCM encryption
• Application-level encryption with user-derived keys—even TAI staff cannot read your entries
• Role-based access controls for TAI team members
• Regular security assessments and vulnerability scanning

Breach Notification

In compliance with the FTC Health Breach Notification Rule (16 CFR Part 318) and applicable state laws, if we discover a breach of unsecured personal health information, we will:

• Notify affected users without unreasonable delay, and no later than 60 days after discovery
• Provide clear description of what information was involved
• Describe steps we are taking to investigate and mitigate the breach
• Provide contact information for questions
• If 500 or more users are affected, notify the Federal Trade Commission and prominent media outlets as required by law

Notifications will be sent via email to the address associated with your account. If we cannot reach you by email, we will post a notice on our website.

International Data Transfers

TAI is based in the United States. If you are located outside the United States, your personal information will be transferred to and processed in the United States. For European Users, we rely on Standard Contractual Clauses (SCCs) to ensure adequate protection.

Children's Privacy

TAI is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@transformationalai.world.

Updates to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date and notify you by email and/or in-app notification at least 30 days before changes take effect.

Contact Us

For questions about this Privacy Policy or your personal data, contact us at:

Holistic AI LLC Doing Business as Transformational AI LLC
Attn: Privacy Officer
1196 Timberline Terrace
Ashland, OR, 97520, USA
Email: privacy@transformationalai.world