top of page
Symbol-white.png
Full-Vertical-colour.png

Privacy Policy

Effective Date: October 21, 2025

 

We value your privacy and want to explain how Havn Wellness protects your personal information in clear, simple terms. Whether you’re an employee using Havn through your workplace or an employer providing Havn to your team, our goal is that everyone feels secure and at peace with how data is handled. 


Information We Collect

  1. Personal Data: When you sign up for Havn or are enrolled by your employer, we may collect basic personal details such as your name (or an alias), email address, and contact information. We use this information for account creation, authentication, and customer support. We do not require sensitive identifiers like government ID numbers or detailed medical records for you to use Havn.

  2. Demographic Information: We may request non-specific demographic data such as your age range or general location. Providing this information is optional. We use it in aggregate form to improve the user experience (for example, ensuring our content is relevant to different age groups).

  3. Wellbeing Interaction Data: Havn’s AI chatbot and wellness features (including the FeelLog journaling function) collect data you voluntarily provide about your feelings, mood, or situations. This can include text inputs, selected emotion tags, or keywords related to your emotional or situational context. FeelLog Journal Entries are private reflections you record; these entries are encrypted and accessible only to you through your account. They are intended for personal insight and are not considered medical or clinical records. (In other words, your FeelLog is for your own well-being tracking and is not a medical-grade health record.) You can export your FeelLog entries at any time for personal use or to share with a healthcare provider, but Havn does not share them with anyone else unless you choose to do so.

  4. Usage Data: We collect information about how you use the Havn app or website (such as which features you use, session duration, and general usage metrics). This data is typically collected in an anonymized or aggregated form and helps us improve the platform’s performance and content. For example, we may note which exercises or AI guide characters are most popular overall in order to enhance those features.
     

Device and App Permissions


With your consent, Havn may request certain permissions from your device to enable specific features:

  1. Microphone: If you choose to use voice input to converse with Havn’s AI, we will request access to your microphone. We only capture your voice during that interaction, and the audio is used solely to generate a response. We do not use or store your voice data for any other purpose.

  2. Camera/Photo Library: If you decide to upload a profile picture or save FeelLog milestone images, we will ask for access to your device’s camera or photo library at that time. We only access your camera or photos when you explicitly choose to do so (for example, to take a new profile photo or to save an image from the app). We do not scan or import your entire photo library; images are stored only if you choose to save them within the app for your own use.

  3. Biometric Login: For convenience, Havn may offer the option to log in using your device’s biometric authentication (e.g., fingerprint or Face ID). This process is handled entirely by your device’s operating system. Havn does not receive or store any of your biometric data; we only receive a confirmation from your device’s system that authentication was successful.
     

Data We Do Not Collect


We intentionally do not collect certain sensitive data that are not necessary for Havn’s wellbeing services. For example, we do not ask for or collect your precise geolocation, government-issued identification numbers, personal health diagnoses, or financial account information. Havn’s focus is on emotional wellness and coaching.

 

Any health-related insights you discuss with the AI remain self-reported by you and are not augmented with external medical records. We also do not target or profile users based on sensitive characteristics such as race, religion, or political affiliation when providing our services.

 

How We Use Your Information


Havn uses the collected information to provide and improve our services, always with respect for your privacy. Key uses of your data include:

  1. Providing the Service: We use personal data like your login credentials to create, maintain, and secure your account. Your interaction data (e.g., your conversations with the Havn AI) is processed to generate appropriate responses and wellbeing insights for you. For example, if you journal about feeling stressed, the AI will use that information to provide helpful tips or exercises in real time.

  2. Enhancing User Experience: Aggregated demographic and usage data help us understand our user base and improve the platform. For instance, knowing that users in a certain age group prefer mindfulness exercises might guide us in creating more of that content. Any such analysis is done on anonymised or aggregate data without identifying individual users.

  3. Personalisation: Havn may use your past interactions (such as topics you’ve discussed with the AI or your mood check-in history) to personalise your experience. This could include suggesting relevant content, adjusting the tone or style of AI interactions to suit you, or reminding you of positive progress you’ve made. All personalisation happens within the app and is visible only to you.

  4. Account Communications: We use your email address or other contact info to send you important notices about the service. These include things like sign-up confirmations, password change alerts, updates about changes to our policies or features, and responses to customer support inquiries. We will not send you marketing emails or newsletters unless you have opted in. (If you do subscribe to wellbeing tips or a newsletter, you can opt out at any time.)

  5. Security and Fraud Prevention: We may use technical information (like device identifiers or IP addresses) to protect the security of user accounts and our platform. For example, this data can help us detect unusual account activity, prevent unauthorised access, and combat abuse of the platform (such as detecting bot usage or fraud attempts).

  6. Research and Development: As a research-driven platform, we continuously work to improve our AI and wellness strategies. We may analyze anonymized usage patterns and outcomes (for example, overall trends in mood improvements among users) to see if our approach is effective and to find ways to enhance our services. Any research or analytical findings are only reported in aggregate form and will never identify any individual user. (On the rare occasion we might want to highlight a specific user’s success story or feedback, we would only do so with that user’s explicit consent.)
     

Data Storage & Security


We take robust measures to protect and secure your data:

  1. Secure Cloud Infrastructure & Conversation Privacy: Your data is stored on secure servers with state-of-the-art cloud security measures. Importantly, the content of your conversations with the Havn AI and your FeelLog journal entries are stored in encrypted form. This encryption is configured such that only you can access these conversations and entries, even Havn’s team cannot read your private conversations or journals without your permission. After your real-time session with the AI concludes, the conversation is saved solely in your secure account storage. Havn’s operational systems do not keep an accessible copy of those conversation details, ensuring your personal reflections and chats remain confidential to you.

  2. Encryption in Transit and at Rest: We use strong encryption protocols for all data transmission and storage. For example, we enforce HTTPS for all communication between the app and our servers (encryption in transit), and we encrypt data when it’s stored on our servers (encryption at rest). This means that whether your data is being sent or saved, it’s protected from unauthorised access.

  3. Access Controls: Within our organisation, access to personal data is restricted to authorised personnel who need it to perform their job. For example, a customer support agent helping you with a technical issue might access the minimal account details necessary to assist you. All staff with such access are trained in confidentiality and are bound by strict privacy obligations.

  4. Data Retention: We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. For instance, if you or your employer terminates your Havn subscription, we will delete or anonymise personal data associated with your account after a defined period, unless we are legally required to keep it longer. (We may continue to retain aggregated, non-identifiable data to improve our services, as this data no longer identifies you.) If you wish to have your data deleted sooner, you have the right to request deletion at any time (see the “Your Rights and Choices” section below).

  5. Global Operations and Data Transfers: Havn is used by a global user base, and we may use servers located in various countries to ensure our service is reliable and efficient. If we transfer your personal data across national borders (for example, from the EU to another country), we will do so in compliance with applicable data protection laws. This means we rely on approved legal mechanisms (such as standard contractual clauses or adequacy decisions) to ensure your information remains protected to the standards required by your region’s laws.

  6. Data Breach Response: We have strict protocols in place to detect and respond to potential security incidents. In the unlikely event of a data breach that affects your personal data, we will notify you and the appropriate regulatory authorities as required by law. We will also take all necessary steps to contain the breach and prevent further unauthorised access, as well as to mitigate any potential harm.
     

Data Sharing and Employer Access


We do not sell, rent, or trade your personal information to third parties. We understand that the information you share with Havn is sensitive, and we treat it with the utmost confidentiality. Here’s how we handle sharing of data:

  1. Third-Party Service Providers: We use a few trusted external service providers to help us run Havn (for example, cloud storage providers or email delivery services). These providers only process your data on our behalf and under our instructions. They cannot use your information for their own purposes. We ensure each of these partners is bound by strict confidentiality and data protection agreements to safeguard your information.

  2. Employer Access (for Enterprise Users): If you are using Havn through an employer-sponsored wellness program, your employer will not have access to any of your individual personal entries, journals, or conversations. We maintain a strict separation to protect your privacy. Your personal interactions with the Havn AI (for example, what you journal or discuss) remain private and encrypted. Havn will never share these specifics with your employer. Instead, if we report back to your employer, we provide only anonymized, aggregate data for program evaluation. For example, an employer might receive a report saying, “X% of employees used Havn this month, and the average self-reported stress level decreased by Y%.” These insights are about the workforce as a whole and cannot be linked to any specific employee. We also make sure that any aggregate data is based on a sufficient number of users to prevent anyone from guessing an individual’s identity. (For instance, if only a very small number of employees use Havn in a given period, we would not provide detailed statistics that could inadvertently single someone out.) This approach allows employers to gauge the overall benefits of the wellness program while fully protecting individual privacy.

  3. Legal Compliance: In the event we are required by law to disclose data (for example, in response to a court order or other legal process), we will carefully review the request to ensure it is legitimate. We will only provide the minimum amount of information necessary to comply with the law. Where permitted, we will also inform you that such a request was made. Apart from such rare circumstances, we will not release your personal data to government or law enforcement without your consent.

  4. No Advertising or Tracking Sharing: Havn’s platform is focused on your wellbeing, not advertising. We do not use third-party advertising networks or trackers that collect your data through our app. We also do not share your usage data with third parties for marketing or advertising purposes. In short, you will not see ads on other sites or apps just because of something you did or shared on Havn.
     

Your Rights and Choices


We strive to give you control over your personal data. No matter where you live, you have certain rights regarding the information we hold about you. These include:

  1. Access & Portability: You have the right to request a copy of the personal data we hold about you. We will provide this to you in a common electronic format. For example, you can request an export of your FeelLog journal entries or your conversation history with the AI (note that you can also directly download your FeelLog entries from the app at any time). If technically feasible, you can also ask that we transfer your data to another service.

  2. Correction (Rectification): If any of your personal information is incorrect or outdated (for instance, if you change your email address), you have the right to have it corrected or updated. You can usually update basic information through your account settings, or you can contact us and we will help ensure your data is accurate.

  3. Deletion (Right to be Forgotten): You can request that we delete your personal data. For example, if you decide to stop using Havn, you can ask us to remove your account and associated information. Keep in mind that if you use Havn through an employer’s program, we may need to confirm that your participation has ended before processing the deletion. Also note that after deletion, your data (including conversations and journals) cannot be recovered—so be sure to export any information you want to keep beforehand. We may retain certain information if required by law or continue to use anonymised data (which no longer identifies you) for our legitimate business purposes.

  4. Restriction of Processing: In certain situations, you have the right to ask us to limit how we are using your data. For instance, if you contest the accuracy of your data or have objected to our processing, you can request that we “freeze” your data (stop any active use) until your concern is resolved. During this restriction period, we can still store your data but won’t use it in other ways until the issue is resolved.

  5. Objection to Processing: If we ever process your data under a legal basis of “legitimate interests” (as opposed to your consent or a contract with you), you have the right to object to that use. In the context of Havn, most data processing is based on your consent (you choose to provide information for our wellness services) or on fulfilling our contract to provide you with the service. If you believe we are using your data in a way that impacts your rights or privacy, you can object. We will review your objection and, unless we have a compelling legal reason to continue that processing, we will stop using your data in that manner.

  6. Withdrawal of Consent: If you have given consent for optional aspects of our service (for example, receiving wellbeing tip emails or allowing analytics tracking), you can withdraw your consent at any time. You can change your preferences in the app settings or use the “unsubscribe” link in emails. Withdrawing consent will not affect the lawfulness of any data use that happened before you withdrew consent. Do note that if you withdraw consent for certain features (like microphone access for voice input), those features may no longer work, but you can typically continue to use other aspects of Havn.

  7. How to Exercise Your Rights: To exercise any of the above rights, you can contact us (see the Contact Us section below for how). For security reasons, we may need to verify your identity before fulfilling your request—this is to protect your account from unauthorized actions. We will respond to your inquiry within a reasonable timeframe and in accordance with applicable law (for example, the GDPR typically requires a response within one month). We will not charge you a fee for making a request to exercise your rights, unless a request is manifestly unfounded or excessive, in which case we will inform you of any cost involved and explain why.
     

Children’s Privacy


Havn Wellness is not directed at children, and our service is intended for users who meet the minimum age requirements of their jurisdiction. (See our Terms of Use for specific age restrictions; generally, users must be at least 16 years old, or older if required by local law.) We do not knowingly collect personal data from individuals under the age of consent. If you are a minor who is old enough to use the service with parental permission (in regions that allow this), we strongly encourage you to involve a parent or guardian in your wellness journey. If we become aware that we have inadvertently collected personal information from someone under the applicable age without proper consent, we will promptly delete that information. Parents or guardians who believe their child has used Havn and provided personal data without consent can contact us so we can remove the data and, if necessary, deactivate the child’s account.

 

International Standards Compliance


Our privacy practices are designed to meet or exceed the requirements of major privacy regulations worldwide:

  1. GDPR (EU/EEA): If you are in the European Union (or EEA), we act as the “data controller” of your personal data in Havn. We rely on your consent (e.g., when you input health-related feelings, which are considered sensitive data under GDPR) and on contract necessity (providing you the service as per our Terms of Use) as our legal bases for processing. We uphold GDPR principles like transparency, purpose limitation, data minimization, and security. You also have GDPR-specific rights (as described above in Your Rights and Choices), including the right to lodge a complaint with your local Data Protection Authority. We are committed to respecting and enforcing all of these rights.

  2. New Zealand Privacy Act: As a company operating in New Zealand, we follow the New Zealand Privacy Principles. We ensure openness about how we handle your data, give you access to and correction of your information, and only use your data for the purposes we’ve stated or those you would reasonably expect. We also meet any specific requirements of NZ law regarding data breach notifications and cross-border data protections.

  3. Other Jurisdictions: We strive to comply with all privacy laws applicable to our services. This includes regulations like the California Consumer Privacy Act (CCPA) (and its updates, such as the CPRA) for U.S. residents, the Personal Data Protection Act (PDPA) in Singapore, and other relevant laws in countries where we operate. For example, California users have the right to know what categories of personal information we collect and how it’s used or shared (as outlined in this policy), and they will not be discriminated against for exercising their privacy rights. Similarly, users in other regions will benefit from protections required by their local laws. Our goal is that no matter where you are, you can trust that your data is handled responsibly and lawfully in line with the highest privacy standards.
     

Changes to this Privacy Policy


We may update this Privacy Policy from time to time to reflect changes in our services, technology, operational practices, or legal requirements. When we make material changes (for example, if we start collecting new types of data or begin using your data in a new way), we will notify you in advance. Notification might be provided via email, an in-app message, or a prominent notice on our website. We will also update the “Effective Date” at the top of this policy so you can easily see when the latest changes were made. We encourage you to review this Policy periodically. Continued use of Havn after an update constitutes your acceptance of the new terms, to the extent permitted by law.

 

Contact Us


Your privacy is our priority. If you have any questions, concerns, or requests regarding this Privacy Policy or how your data is handled, please reach out to us. The best way to contact us is via email at info@havnwellnessai.com. We will respond as promptly as possible and do our utmost to address your inquiries and resolve any issues.

 

Thank you for trusting Havn with your wellbeing journey. We are dedicated to honouring that trust by keeping your information secure and confidential at every step.

 

By using Havn Wellness, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and storage of your information as described above. Remember, you are in control of your data, and we are here to support your privacy while you focus on your wellness.

bottom of page