SEASONS ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you use our wellness application and related services (the "Service"). This policy complies with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
1. Information We Collect
- Account Information: Email address, name, and authentication identifiers.
- Wellness Preferences: Constitution type, seasonal preferences, wellness goals, and dietary or lifestyle inputs you provide.
- Usage Data: App interactions, feature usage, session duration, and analytics events.
- Device Information: Device type, operating system version, unique device identifiers, and IP address.
- Payment Information: Subscription plan and transaction status (processed by Stripe; we do not store full card numbers).
2. How We Use Your Information
- To provide and personalize your wellness guidance and recommendations.
- To operate, maintain, and improve the Service and its features.
- To communicate with you about your account, updates, and support.
- To analyze usage trends and monitor for fraud or abuse.
- To process payments and manage subscriptions.
- To comply with applicable legal obligations.
3. Lawful Basis for Processing (GDPR Art. 6)
We process your personal data under the following lawful bases:
- Consent (Art. 6(1)(a)): For marketing communications, analytics, and optional features you actively enable.
- Contract (Art. 6(1)(b)): For providing the Service you requested, including account management and wellness recommendations.
- Legal Obligation (Art. 6(1)(c)): For tax records, fraud prevention, and responding to lawful requests.
- Legitimate Interests (Art. 6(1)(f)): For security monitoring, service improvement, and internal analytics.
4. Automated Decision-Making and AI (GDPR Art. 22)
SEASONS uses AI to generate personalized wellness recommendations based on your inputs. This does not produce legal or similarly significant effects on you. You may request human review of any AI-generated recommendation by contacting us. You can opt out of AI personalization in app settings while continuing to use general features.
5. Third-Party Services
We rely on trusted third-party providers to power certain features:
- Stripe — Payment processing and subscription management.
- Google Firebase (FCM) — Push notification delivery and analytics.
- Apple (APNs) — Push notification delivery for iOS.
- OpenRouter / Google Gemini — AI-powered wellness guidance and natural language processing.
- Resend — Transactional and marketing email delivery.
- Sentry — Error monitoring and crash reporting.
Each provider processes data under their own privacy policies. We share only the minimum information necessary to deliver the relevant service.
6. International Data Transfers (GDPR Art. 44-49)
Your data may be processed in the United States and other countries where our service providers operate. We rely on Standard Contractual Clauses (SCCs), adequacy decisions, or other appropriate safeguards to ensure your data receives equivalent protection when transferred outside the European Economic Area (EEA).
7. Data Security
All data in transit is encrypted using HTTPS/TLS (TLS 1.2 or higher). Data at rest is stored on secured servers with access controls. We regularly review our security practices to protect against unauthorized access, alteration, or disclosure.
8. Your Rights
GDPR Rights (EEA/UK residents):
- Access (Art. 15): Request a copy of the personal data we hold about you.
- Rectification (Art. 16): Correct inaccurate or incomplete information.
- Erasure (Art. 17): Request deletion of your account and associated data ("right to be forgotten").
- Restriction (Art. 18): Request we limit processing of your data.
- Data Portability (Art. 20): Receive your data in a structured, machine-readable format.
- Object (Art. 21): Object to processing based on legitimate interests.
- Withdraw Consent (Art. 7(3)): Withdraw consent at any time without affecting prior processing.
- Lodge a Complaint (Art. 77): You may lodge a complaint with your local data protection authority.
CCPA Rights (California residents):
- Right to Know: Request disclosure of the categories and specific pieces of personal information collected.
- Right to Delete: Request deletion of your personal information.
- Right to Opt-Out of Sale: We do not sell your personal information. No "Do Not Sell My Personal Information" link is required because we do not engage in such practices.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise any of these rights, contact us at meridianshunshi@gmail.com. We will respond within 30 days (GDPR) or 45 days (CCPA).
9. Data Retention
We retain personal data only as long as necessary to fulfill the purposes described in this policy or as required by law. Account data is kept for the duration of your active subscription plus a limited period thereafter for legal and accounting purposes (typically 90 days), after which it is permanently deleted.
10. Children's Privacy
The Service is not directed to children under the age of 13 (COPPA) or 16 (GDPR). We do not knowingly collect personal information from children. If you believe we have collected such data, please contact us immediately and we will delete it.
11. Cookies and Tracking
The SEASONS mobile app does not use cookies. Our website uses privacy-friendly analytics (Plausible) that does not track personal data or use cookies. We do not engage in cross-context behavioral advertising.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the app or via email. The "Last Updated" date above reflects the most recent revision.
13. Contact Us
If you have questions or concerns about this Privacy Policy or your personal data, please contact us at:
Email: meridianshunshi@gmail.com
← Back to SEASONS