Privacy Policy

Recovery Compass is operated by:

Recovery Compass LLP

Registered in India

Email: support@recoverycompass.co

This Privacy Policy applies to:

• the Recovery Compass mobile app
• the Recovery Compass website
• our account, purchase, subscription, support, and email flows
• our educational citations and legal pages

Your use of the Services is also governed by our Terms & Conditions.

Depending on how you use the Services, we may collect:

• account data such as email address, display name, login provider, and optional phone number
• optional profile image uploads
• onboarding and questionnaire answers
• recommended program or journey selections generated from your responses
• program progress, completion state, and active program preferences
• journal entries, reflections, moods, cravings, physical symptoms, and related check-in data
• step-count and movement data if you enable Motion & Fitness or Health Connect features
• notification preferences, push opt-in state, and push token identifiers
• subscription, entitlement, and purchase state, including store product identifiers and RevenueCat customer identifiers
• diet-plan questionnaire responses, fulfilment status, and claim or recovery link metadata for supported website flows
• in-app analytics events such as card progress, day progress, notification taps, and related product usage events
• client-side error and diagnostic reports linked to your account when you are signed in
• support messages, enquiry submissions, and operational email records
• website checkout information for web purchases, including order and payment verification details

We do not store your Apple, Google, card, or bank passwords.

We collect data when you:

• create an account or sign in with email, Google, or Apple
• complete onboarding, questionnaires, and journal prompts
• use program content, reminders, and progress features
• enable profile photo upload, notifications, or step tracking
• purchase a program or add-on through the app stores or the website
• complete a diet-plan questionnaire or resume a diet-plan order through a claim link
• contact us through support or enquiry forms

Authentication and primary app data storage are handled through Supabase.

We may automatically collect technical information such as:

• device type, operating system, app version, and browser details
• IP address and basic request metadata
• session and authentication state needed to keep you signed in
• website performance and usage telemetry used to improve reliability
• in-app event telemetry and error diagnostics used to improve stability, performance, and support
• server-side logs for security, fraud prevention, debugging, and webhook processing

The app may request access to selected device capabilities:

• Photos to let you choose a profile image
• Notifications to deliver reminders if you opt in
• Motion & Fitness / Health Connect step data to show daily movement progress if you enable step tracking

We do not request camera access for core app use, and microphone access is disabled in the current build.

Some in-program screens may also use device-level privacy protection, such as restricting screenshots or obscuring app previews, to reduce accidental exposure of sensitive wellness content.

Program purchases, add-ons, subscriptions if offered, and supported website checkouts may be processed through:

• Apple App Store
• Google Play Store
• Razorpay for website purchases

Purchase validation, entitlement syncing, and restore flows may be handled through RevenueCat.

We use data to:

• create and manage your account
• deliver onboarding, program access, journal history, and progress features
• generate recommendations and personalize your experience
• restore purchases and validate subscription or entitlement access
• fulfil diet-plan orders, generate related outputs, and deliver fulfilment emails or claim links
• send service-related emails and reminders
• provide support and respond to deletion requests
• detect abuse, prevent fraud, and secure the platform
• improve product quality, stability, and operational visibility
• comply with legal obligations

We do not sell your personal data.

We share data only as needed to run the Services, including with:

• Supabase for authentication, database, storage, and server-side functions
• RevenueCat for purchase restoration, subscription, and entitlement management
• Apple and Google for in-app purchase processing
• Razorpay for website payment processing
• Resend for transactional email delivery
• Vercel for website hosting and performance telemetry
• Google or Anthropic for diet-plan generation workflows when enabled
• law enforcement or regulators where required by law

We do not rent or broker personal data.

On the website, we use cookies, local storage, and related technologies for:

• authentication and session continuity
• security and fraud prevention
• basic functional preferences
• site performance measurement and operational insights

You can manage cookie settings through your browser, but blocking essential cookies may affect sign-in or checkout flows.

We retain data for as long as needed to operate the Services, including:

• while your account remains active
• to preserve subscription, financial, fraud-prevention, and audit records where required
• to resolve disputes and support requests

When you request deletion, we delete or de-identify data unless limited retention is required for legal, billing, security, or fraud-prevention purposes.

Subject to applicable law, you may have the right to:

• access your personal data
• request correction of inaccurate information
• request deletion of your account and associated data
• withdraw consent for optional permissions such as notifications, photos, or step tracking
• raise a support or privacy complaint

You can manage some permissions directly through your device settings. You can also contact support@recoverycompass.co.

You can request deletion in either of these ways:

• inside the app through Account → Settings → Permanently Delete Account
• through our public deletion instructions page at /delete-account

If you cannot access the app, email support@recoverycompass.co from the email address linked to your account.

We use reasonable technical and organizational safeguards, including:

• HTTPS/TLS for data in transit
• authenticated access controls
• role-based backend access
• managed cloud infrastructure and secure storage controls

No system can guarantee absolute security, so you should also protect your device and account credentials.

Some of our service providers may process data outside your state or country. Where this happens, we rely on the provider’s standard protections and contractual safeguards as applicable.

Recovery Compass is intended for adults and is not designed for children under 18.

If we learn that we have collected personal data from a child in violation of applicable law, we will delete that data promptly.

Recovery Compass provides educational and wellness-oriented content. It is not a substitute for professional medical advice, diagnosis, or treatment.

If you have a medical condition, urgent symptoms, or a health emergency, consult a qualified healthcare professional or emergency services.

The current Services do not include a public social feed or public journal-posting feature. If we add public sharing features in the future, we will update this policy and the related in-app disclosures.

We may update this Privacy Policy from time to time. When we do, we will post the updated version on our website and may also surface updated disclosures in the app where appropriate.

For questions about this Privacy Policy or your data:

Email: support@recoverycompass.co