Your therapy data is deeply personal. We built SeshReview with privacy at the core — we will never sell, share, or use your data for advertising or AI model training.
1. Overview
SeshReview ("we", "our", "us") is a mobile application that helps users record, transcribe, and reflect on therapy sessions using artificial intelligence. This Privacy Policy explains how we collect, use, store, and protect your information when you use SeshReview.
By using SeshReview, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the app.
2. Information We Collect
Account Information
When you create an account, we collect:
- Email address — used for authentication, password resets, and essential account communications
- Password — stored securely by our authentication provider (Supabase) using industry-standard hashing; we never have access to your plaintext password
Session Data
When you use SeshReview's core features, the following data is generated:
- Audio recordings — recorded locally on your device and uploaded to our server solely for transcription processing
- Transcripts — generated from your audio by OpenAI's Whisper speech recognition service
- AI-generated insights — summaries, reflection prompts, cognitive pattern analysis, and follow-up questions generated by OpenAI's language models
- Chat conversations — messages you send to the AI assistant and the responses generated
Self-Reported Data
- Mood check-ins — mood ratings, emotion tags, and optional notes you enter
- Journal entries — text you write in the journaling feature
- Therapy goals — goals and milestones you create and track
- Session prep notes — notes you create for upcoming sessions
- Saved quotes — transcript excerpts you choose to highlight
Automatically Collected Data
- Device type and operating system — for compatibility and troubleshooting
- App version — to ensure you have the latest features and security updates
We do not collect location data, contacts, browsing history, or any data from other apps on your device.
3. How We Use Your Information
We use your information solely to provide and improve the SeshReview service:
- Transcription — audio is sent to our server and processed via OpenAI Whisper to generate text transcripts
- AI Insights — transcripts are sent to OpenAI's language models to generate summaries, reflection prompts, cognitive distortion detection, follow-up questions, and chat responses
- Authentication — your email is used to verify your identity and secure your account
- Account communications — we may send password reset emails or critical security notifications
We never use your data for advertising, marketing profiling, or training AI models. Your therapy data exists solely to serve you.
4. Third-Party Services
SeshReview relies on the following third-party services to function:
OpenAI
We use OpenAI's API for transcription (Whisper) and language processing (GPT-4o-mini). Audio and text data is sent to OpenAI for processing. Per OpenAI's API data usage policy, data sent through the API is not used to train their models. See OpenAI's API data usage policy for details.
Supabase
We use Supabase for user authentication and account management. Supabase stores your email address and hashed password. See Supabase's privacy policy for details.
We do not use any analytics, advertising, or tracking services.
5. Data Storage and Security
Where Your Data Lives
- On your device — session data, mood entries, journal entries, goals, and preferences are stored locally on your device using encrypted storage
- In transit — all data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security)
- On our servers — audio files are temporarily stored on our server during transcription processing and are not retained after the transcript is generated and returned to your device
- Authentication data — stored by Supabase in secure, SOC 2 compliant infrastructure
Security Measures
- TLS encryption for all data in transit
- Authenticated API access using JSON Web Tokens (JWT)
- Per-user rate limiting to prevent abuse
- Secure password hashing (bcrypt) via Supabase
- No plaintext storage of passwords or tokens
6. Data Retention
- Session data — stored on your device for as long as you keep it. You can delete individual sessions or all data at any time from within the app.
- Audio files — temporarily processed on our server for transcription, then discarded. We do not maintain a permanent copy of your recordings.
- Account data — retained until you delete your account.
- Waitlist emails — retained until launch or until you request removal.
7. Your Rights
You have the right to:
- Access — view all data stored in the app on your device at any time
- Delete — delete individual sessions, journal entries, mood check-ins, goals, or your entire account
- Export — your data is stored locally and accessible on your device
- Withdraw consent — stop using the app at any time; uninstalling removes all locally stored data
- Contact us — request information about your data or ask for account deletion by emailing support@seshreview.com
8. Children's Privacy
SeshReview is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete that information.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page and, where appropriate, through in-app notification. Your continued use of SeshReview after changes are posted constitutes acceptance of the updated policy.
10. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us: