Home/Legal

Last updated: April 13, 2026

Privacy Policy

Euthyn (“Euthyn,” “we,” “us,” or “our”) operates a marketplace connecting individuals seeking mental-wellness support (“Seekers”) with listeners, peer supporters, coaches, and licensed professionals (“Providers”). This Privacy Policy explains what information we collect, how we use it, and the choices you have.

1. Information we collect

  • Account data: name, display name, email, password (hashed), role (seeker / provider / admin), profile photo.
  • Provider credentials: licensure, certifications, specializations, bio, rates, availability, and government ID used for background verification.
  • Session data: bookings, session times, participant IDs, and—if you opt in—cloud recordings stored for a limited period through our video provider (Daily.co).
  • Wellness content: journal entries, vent messages, and notes you voluntarily submit. These may qualify as Protected Health Information (PHI) when a licensed clinician is involved (see HIPAA Compliance).
  • Payment data: processed by Stripe. We receive only the last four digits, brand, and billing metadata—never full card numbers.
  • Technical data: IP address, device type, browser, pages viewed, referrers, and diagnostic logs (via Microsoft Clarity and server logs).

2. How we use your information

  • To deliver the service: match Seekers with Providers, schedule sessions, process payments, and host video rooms.
  • To verify Provider credentials and maintain marketplace safety.
  • To send transactional email (booking confirmations, receipts, reminders). We do not send marketing email without your consent.
  • To improve product quality through aggregated, de-identified analytics.
  • To comply with legal obligations, court orders, and subpoenas.

3. How we share your information

We do not sell your personal information. We share it only with:

  • The Provider or Seeker you transact with, limited to what is needed to deliver the session.
  • Sub-processors under contract: Supabase (database & auth), Stripe (payments), Daily.co (video), Vercel (hosting), Microsoft Clarity (analytics).
  • Law enforcement when legally required, or where we believe in good faith there is a risk of imminent harm.

4. Your rights

Depending on your jurisdiction (GDPR, CCPA, PIPEDA, and similar laws), you may have the right to access, correct, export, or delete your data, to object to certain processing, and to withdraw consent. Send requests to privacy@euthyn.com; we respond within 30 days.

5. Data retention

We retain account and transaction records for as long as your account is active and for up to seven years thereafter to meet tax, accounting, and dispute-resolution obligations. Session recordings are retained for 30 days unless required longer by law or the clinician's professional obligations.

6. Security

Data is encrypted in transit (TLS 1.2+) and at rest. Access to production systems is limited, logged, and requires multi-factor authentication. No method of transmission over the internet is perfectly secure; we cannot guarantee absolute security.

7. Children

Euthyn is not directed to children under 16. If you believe a child has provided us information, contact us and we will delete it.

8. International transfers

Euthyn operates globally. Your information may be processed in countries other than your own, including the United States. Where required, we use Standard Contractual Clauses.

9. Changes

We will post material changes on this page and, where appropriate, notify you by email. Your continued use of Euthyn after an update constitutes acceptance.

10. Contact

Privacy questions: privacy@euthyn.com.
Data Protection Officer: dpo@euthyn.com.