Privacy Policy

Introduction

IFS Voice ("we," "our," or "us") is operated by Aiden Buis, located at Gansstraat 170, 3582 EP Utrecht, The Netherlands. We are committed to protecting your privacy and being transparent about how we handle your data.

This Privacy Policy explains how we collect, use, and protect your information when you use the IFS Voice mobile application. By using IFS Voice, you agree to the data practices described in this policy.

Our Privacy-First Approach

IFS Voice is designed with your privacy as a core principle:

• Your conversations are not saved by us. Session transcripts and messages are stored encrypted on your device only.
• No personal identification required. We use anonymous device identifiers, never collecting your name, email, or other identifying information.
• Audio is processed, not stored. Voice recordings are immediately deleted after transcription and speech synthesis.
• You control your data. All personal session data remains on your device and can be deleted at any time through the app settings.

Information We Collect

1. Data Stored Locally on Your Device (Encrypted)

The following information is stored only on your device using industry-standard encryption (SQLCipher):

• Session transcripts and conversation history
• Identified IFS parts and their attributes
• Session insights and notes
• App preferences and settings
• First name (if provided during onboarding)

Important: This data never leaves your device except during real-time processing (see below) and is never stored on our servers.

2. Data Temporarily Processed (Not Stored)

During active sessions, the following data is processed in real-time but immediately deleted:

• Voice recordings: Sent to DeepInfra for speech-to-text transcription, then immediately deleted
• Conversation context: Sent to DeepInfra for AI response generation, then immediately deleted
• Text responses: Sent to DeepInfra for text-to-speech synthesis, then immediately deleted

3. Anonymous Usage Data (Stored on Backend)

To provide the service and manage usage limits, we collect minimal anonymous data:

• Device identifier: Anonymous unique ID (not linked to your identity)
• Session duration: Total minutes used per day
• Session count: Number of sessions started
• Subscription status: Trial, active, or expired (via RevenueCat)
• Deep Dive token balance: Remaining special session credits
• Timezone: For accurate daily usage tracking
• Last seen timestamp: When you last used the app

Note: This data contains no conversation content, personal information, or identifying details beyond the anonymous device ID.

4. Analytics and Crash Reports

We use PostHog for anonymous analytics and crash reporting to improve app stability and user experience. This includes:

• App crashes and errors (no personal data included)
• Feature usage patterns (anonymous)
• Device type and operating system version

5. Payment Information

Subscription payments are processed through RevenueCat and Apple's App Store (or Google Play Store). We never see or store your payment card details. RevenueCat may share subscription status (active, trial, expired) with us to enable features based on your subscription tier.

How We Use Your Information

We use the collected information solely to:

• Provide voice-guided IFS therapy sessions
• Enforce daily usage limits and Deep Dive token system
• Manage subscription access and trials
• Improve app performance and fix bugs
• Understand anonymous usage patterns to enhance features

We never: Sell your data, use it for advertising, share conversation content with third parties, or train AI models on your sessions.

Third-Party Services

IFS Voice integrates with the following third-party services:

DeepInfra (AI Processing)

We use DeepInfra for:

• Speech-to-text transcription (Mistral Voxtral)
• AI-powered IFS guidance (DeepSeek-V3.1)
• Text-to-speech synthesis (Kokoro TTS)

Audio and text are sent to DeepInfra's API, processed in real-time, and immediately deleted. DeepInfra does not store your data. See their privacy policy at: https://deepinfra.com/privacy

RevenueCat (Subscription Management)

We use RevenueCat to manage subscriptions and trials. They process purchase data from the App Store/Play Store and share subscription status with us. See their privacy policy at: https://www.revenuecat.com/privacy

PostHog (Analytics)

We use PostHog for anonymous crash reporting and usage analytics. No personal or conversation data is sent. See their privacy policy at: https://posthog.com/privacy

Apple App Store / Google Play Store

Payment processing and subscription management are handled by Apple/Google. We receive only subscription status information.

Data Security

We implement industry-standard security measures:

• Local encryption: All session data on your device is encrypted using SQLCipher
• HTTPS/TLS: All data transmission is encrypted in transit
• Minimal data retention: We only store anonymous usage statistics, never conversation content
• Secure API communication: Backend uses JWT authentication and rate limiting

While we take extensive precautions, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but continuously work to protect your data.

Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR) and other privacy laws, you have the following rights:

• Right to Access: Request a copy of any data we hold about you (limited to anonymous usage data)
• Right to Deletion: Request deletion of your data through the app's "Delete Account" feature
• Right to Rectification: Correct inaccurate data (though we collect minimal personal information)
• Right to Data Portability: Export your locally stored session data from the app
• Right to Object: Object to processing of your data
• Right to Withdraw Consent: Stop using the app at any time

To exercise these rights, contact us at hello@aidenbuis.com or use the in-app account deletion feature.

Data Deletion

You can delete your data in two ways:

• Delete local data: Uninstall the app to permanently remove all encrypted session data from your device
• Delete account: Use the "Delete Account" feature in app settings to remove both local data and backend usage statistics

After account deletion, all anonymous usage data associated with your device ID will be permanently deleted within 30 days.

Data Retention

• Local device data: Stored until you delete the app or use account deletion
• Anonymous usage statistics: Retained for 12 months for analytics purposes
• Inactive accounts: Anonymous data for devices not seen in 24 months may be automatically deleted

Children's Privacy

IFS Voice is not intended for users under the age of 17. We do not knowingly collect data from children under 17. If you believe a child has provided us with personal information, please contact us at hello@aidenbuis.com.

International Data Transfers

Our backend servers are located in the United States. By using IFS Voice, you consent to the transfer of anonymous usage data to servers outside the European Union. We ensure appropriate safeguards are in place through our service providers' compliance with GDPR and standard contractual clauses.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Updating the "Last Updated" date at the top of this policy
• Displaying an in-app notification about material changes
• Requiring acceptance of updated terms for continued use (for major changes)

Your continued use of IFS Voice after changes constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Supervisory Authority

If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens: https://autoriteitpersoonsgegevens.nl