
Privacy Policy
1. Introduction
NinthMoon provides an AI-powered emotional wellness companion ("Nimo") and related features supporting users through sensitive reproductive and life experiences such as pregnancy, postpartum, fertility, miscarriage, and abortion. This Privacy Policy explains, in plain terms, what we collect, how we use it, who we share it with, how long we keep it, and your choices. It covers our website, mobile applications, and related services (the "Services"). NinthMoon is the data controller for the information described here.
NinthMoon provides an emotional wellness companion, not clinical healthcare services. Nimo does not provide medical advice, diagnosis, or treatment. We are not a "Covered Entity" or a "Business Associate" under the Health Insurance Portability and Accountability Act (HIPAA). Consequently, the information you share is not considered Protected Health Information (PHI) under HIPAA. However, your data is protected by the strict privacy and encryption standards outlined in this policy. Always consult a qualified healthcare provider for medical concerns.
2. Information We Collect and Store
Information you provide:
- Account details: name and email address.
- Profile photo: only if you sign in with Google or Apple and choose to share it.
- Date of birth and location: only if you choose to provide them.
- Health and reproductive information, including your last menstrual date, reproductive/journey stage, and details you share through chat, journaling, check-ins, or other in-app features.
- Voice/audio, if you use voice features.
- Content you post in community features.
- If you report community content, your name and email, submitted with the report so our team can review it.
Information collected automatically:
- Device and usage data (e.g., IP address, device type, OS, interaction logs, timestamps), push notification tokens, and cookies (see our Cookie Policy).
Information we generate:
- Nimo's responses; AI-generated summaries of your interactions ("memory," see Section 3); personalized insights; and generated content such as text-to-speech audio and generated documents.
3. Your Conversations, Memory, and What We Store
To provide the Services, we store the following in our database (hosted on Google Cloud / Firebase):
- your chat messages with Nimo and Nimo's responses;
- an AI-generated "memory" summary of your interactions — a periodically consolidated summary that may include health and emotional context (for example, pregnancy stage, mood, and recurring themes) used to personalize Nimo's support;
- community content you post;
- journaling entries, where you use journaling features;
- profile, calendar, and subscription data.
We also store content generated for you, such as text-to-speech audio and generated documents, so you can access them.
Where you upload images, or where we generate content for you (such as voice audio or generated documents), these are stored in encrypted file storage and are deleted when you delete your account. Your chat messages and Nimo's responses are encrypted with a dedicated application key before they are stored, in addition to our providers' own encryption.
When your journey changes (for example, from pregnancy to loss), we may remove or hide related content to protect you. Community content you choose to "remove" is hidden from the community but retained in our systems until you delete your account.
4. AI Features and Third Parties (Important)
OpenAI. Nimo's responses are generated using the OpenAI API. To generate a personalized response, we transmit to OpenAI: the messages you send, any content you share in a conversation, and relevant profile/health context (for example, reproductive stage or last menstrual date). We use OpenAI under its API business terms: OpenAI does not use this content to train its models, and retains it only briefly (currently up to approximately 30 days) for abuse monitoring. (We are pursuing Zero Data Retention; once enabled, OpenAI will not retain this content after a request completes.)
Safety analysis (Google). To support your wellbeing and safety, your chat and journal text may be analyzed for sentiment using Google Cloud Natural Language to detect signals of distress or crisis. Where such signals are detected, the conversation may be reviewed and escalated, as described in our AI Usage Policy.
Voice (Google). If you use voice features, your audio is processed using Google Speech-to-Text and Text-to-Speech. This audio is not used to train Google's models.
Your stored account and health information is not bulk-shared with these providers; only the content and context needed for each request is sent, at the time of that request. We ask for your permission through an in-app consent screen, which identifies OpenAI, before Nimo processes your messages. If you decline, Nimo's AI features are unavailable. See OpenAI's API/enterprise privacy documentation at https://openai.com/enterprise-privacy/.
5. How We Use Your Information
To provide and personalize the Services and Nimo's responses; to maintain your memory summary; to generate wellness insights; to send communications you have opted into; to provide support; to maintain security and prevent abuse; to support user safety (Section 3 and our AI Usage Policy); to conduct internal research and improve the Services; and to comply with legal obligations.
6. How We Share Information
We do not sell your personal information. We share it only as follows:
- AI/processing providers: OpenAI (responses), Google Cloud Natural Language (safety analysis), and Google Speech services (voice), as described in Section 4.
- Infrastructure / sub-processors: Google Cloud Platform / Firebase (hosting, database, storage, authentication, messaging), and others in our Sub-processor List, including Zoho (email), Apple (iOS in-app purchase billing) and Google Play (Android in-app purchase billing), and Vercel (our admin panel). Payments are handled entirely by the app stores; we do not collect or store your card details.
- With your direction, such as when you share content with another person or in the community.
- For safety or legal reasons, Given the highly sensitive nature of reproductive health data, we take a strict stance on legal requests. We do not voluntarily share your data with law enforcement. If we receive a subpoena, warrant, or court order demanding your information, our policy is to: (1) rigorously review the request to ensure it is legally valid and narrowly tailored; (2) challenge overly broad or legally deficient requests; and (3) provide you with advance written notice before disclosing any data so you have the opportunity to challenge it yourself, unless we are strictly prohibited by law from doing so.
- In a corporate transaction, under confidentiality protections.
Some uses of analytics/advertising cookies may be considered a "sale" or "sharing" under certain state laws; see our Cookie Policy and CCPA Notice for opt-out choices.
7. Data Retention and Account Deletion
We retain your information for the life of your account. We do not automatically delete active-account data after a period of inactivity. You can delete individual items, or delete your entire account, at any time.
Account deletion (14-day grace). When you request account deletion, your account enters a 14-day grace period during which it stays active and you can cancel the request. After 14 days, we permanently and comprehensively erase your data across our authentication system, database (including chat messages, summaries, mood and symptom logs, journals, community content, fertility and cycle data, notifications, and subscription records), and file storage (uploaded images, generated documents, and voice audio).
- Community content you "removed" is hidden but retained until your account is deleted.
- Reports you file (including your name and email) are retained to support moderation and safety.
- Payment records are retained as required by law (typically up to 7 years).
- OpenAI / Google processing: as described in Section 4 (OpenAI retains content briefly for abuse monitoring unless Zero Data Retention is enabled).
- Backups are cleared on their normal cycle following deletion.
Inactivity based Deletion. To comply with data minimization principles and reduce the risk associated with sensitive health data, NinthMoon enforces an inactivity policy. Accounts that have not recorded a login or active interaction for a continuous period of twenty-four (24) months will be flagged for 'Passive Termination.' NinthMoon will provide three (3) email notices to the registered address over a sixty (60) day period. If no action is taken, the account and all associated sensitive health data, chat logs, and 'memory' summaries will be permanently erased in accordance with our standard deletion protocols.
8. Security
Your data is hosted on Google Cloud infrastructure with encryption in transit (TLS 1.2+) and at rest (AES-256 via Google Cloud), IAM-based access controls, Firestore security rules, and regular security reviews. In addition, your chat messages and Nimo's responses are encrypted with a dedicated application-level key before storage. No method of transmission or storage is completely secure; please keep your credentials confidential.
While we utilize robust encryption and security protocols, no system is entirely foolproof. In the event of a data breach that compromises your personal or health information, we will notify you and the relevant regulatory authorities within the timeframes required by applicable law. Our notification will include the nature of the breach, the specific data affected, and the immediate steps we are taking to mitigate any harm and secure your account.
9. Your Rights and Choices
Depending on your location, you may access, correct, delete, or obtain a copy of your information; withdraw consent; and opt out of certain processing. You can manage much of your information in the app. You can request a full export of your data (a readable JSON copy, including your chat history and summary) and delete your account — both self-service in the app; account deletion follows the 14-day process in Section 7. You may also contact us below. We may verify your identity before acting.
We recognize and honor Global Privacy Control (GPC) signals as a valid request to opt out of the "sharing" or "sale" of personal information, where applicable by law. If your browser or extension transmits a GPC signal, our systems will automatically process it.
10. State-Specific Privacy Rights
U.S. Consumer Health Data Rights: If you reside in states with specific consumer health data privacy laws (such as Washington or Nevada), this section applies to your "Consumer Health Data," which includes the reproductive and wellness information you share with Nimo. We do not "sell" or "share" your Consumer Health Data for cross-context behavioral advertising. We collect and use this data strictly to provide the Services you have requested. You have the right to confirm whether we collect your Consumer Health Data, the right to access it, the right to delete it, and the right to withdraw consent. To exercise these rights or appeal a decision we make regarding your request, please contact legal@ninthmoon.ai.
California Privacy Rights (CCPA/CPRA): Under California law, much of the health and reproductive data we collect is classified as "Sensitive Personal Information." We collect and use this Sensitive Personal Information solely to perform the Services reasonably expected by you (e.g., generating Nimo's personalized emotional support) and for no other purpose. We do not use your Sensitive Personal Information to infer characteristics about you for advertising. California residents have the right to know what personal information we collect, the right to request deletion, the right to correct inaccuracies, and the right to non-discrimination for exercising these rights.
11. International Users
NinthMoon operates from the United States, and your information is primarily processed in the United States (Google Cloud, US regions). Certain providers may process limited data in other regions depending on configuration (for example, our email provider's data center). Where required for EU/EEA/UK users, we use appropriate transfer safeguards. See our GDPR Statement and Sub-processor List.
12. Children
The Services are intended only for individuals 18 and older. We do not knowingly collect information from anyone under 18. See our Children's Privacy Statement.
13. Changes
We may update this Policy. Material changes will be notified by email or in-app notice, with an updated effective date.
Contact
Privacy contact: legal@ninthmoon.ai
NinthMoon AI LLC, 8 The Green, Ste A, Dover, DE 19901
