Privacy Policy

Last Updated: January 19, 2026

Your Privacy Matters

Shift is built for mental health. We take your privacy seriously. Your data is encrypted, never sold, and used only to help you regulate your nervous system.

What We Collect

  • Account Info: Email, password (encrypted), name
  • Usage Data: Which modes you use, how often, session duration
  • Progress Data: Your regulation patterns over time
  • Device Info: Device type, OS version, app version
  • Optional: AI chat messages (only if you use Premium AI features)

What We DON'T Collect

  • We don't collect your location
  • We don't access your contacts or photos
  • We don't track you across other apps or websites
  • We don't sell your data to third parties

How We Use Your Data

  • Provide and improve the app
  • Show you your progress over time
  • Personalize AI recommendations (Premium only)
  • Send important updates about your account
  • Analyze aggregated (anonymous) usage trends

Security & Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256).

We're HIPAA compliant for enterprise customers.

We use industry-standard security practices including regular security audits and penetration testing.

Data Sharing

We share your data with:

  • Apple/Google: For payment processing (they don't get health data)
  • Analytics: Aggregated, anonymous usage data only
  • AI Provider: If you use Premium AI features (messages are encrypted)
  • Law Enforcement: Only if legally required (e.g., court order)

We NEVER sell your data to advertisers or third parties.

Your Rights

  • Access: Request a copy of your data anytime
  • Delete: Delete your account and all data
  • Export: Download your progress data
  • Opt-Out: Unsubscribe from emails anytime

Email support@themindshiftapp.com to exercise these rights.

Children's Privacy

Shift is designed for users 13+. We don't knowingly collect data from children under 13.

For users 13-17, we require parental consent for data collection.

International Users

Shift is based in the USA. If you're outside the USA, your data may be transferred to and processed in the USA.

We comply with GDPR for EU users and provide the same privacy protections globally.

Changes to This Policy

We'll notify you of major changes via email and in-app notification.

Continued use of Shift after changes means you accept the new policy.

Contact Us

Questions about privacy? Email privacy@themindshiftapp.com