Privacy Policy

Data we collect

When you book, we collect your name, email, phone, date/place of birth, and optional spiritual-context fields (religion, marital status) required to personalise your session or program.

How we use your data

• Scheduling sessions and processing payments.
• Generating personalised healing programs via AI processing (Anthropic Claude).
• Sending booking confirmations, session reminders, and program content.

Third-party processors

• Supabase — database and file storage.
• Anthropic (Claude) — generating your healing program from your questionnaire answers.
• Resend — transactional email delivery.
• Twilio — WhatsApp messaging.
• PayPal — payment processing.
• Vercel — hosting.

Your rights

• Access to your data or a copy of it.
• Correct inaccurate data via your profile page.
• Delete your entire account via the client dashboard (removes bookings, answers, and analyses).
• Request a machine-readable data export — contact us via WhatsApp.

Retention

We retain booking and payment data while your account is active, or as required by local tax law. OTP codes and sessions expire automatically.

In addition, the following operational logs are subject to an automated daily purge:

• Email delivery logs (email_logs): 30 days — for delivery verification and troubleshooting.
• Admin audit log (admin_audit_log): 730 days (2 years) — for security monitoring.
• WhatsApp conversations (whatsapp_conversations): 90 days since last update — for operational context.

Caveat: Retention periods are pending legal review under UAE PDPL (Personal Data Protection Law, UAE Federal Decree Law No. 45 of 2021) and may be adjusted.

Security

Data is encrypted in transit (HTTPS) and at rest (Supabase). Access tokens are time-limited. Accounts are protected by OTP.

Contact

For privacy questions, contact us via WhatsApp or read our terms.