Sensitive content stays on device by default
Journal entries, check-ins, assessments, plans, and similar self-help content are designed to stay primarily in local app storage during ordinary use rather than in a provider-facing cloud record.
Security and Privacy Summary
Privacy-first design for sensitive mental health and habit-change support
Neurture is designed so employers, universities, treatment centers, and other programs do not need participant journals, reflections, or private notes to make the product useful. The model prioritizes on-device storage, minimal data exposure, and clear product boundaries.
What Makes This Different
Neurture is intentionally designed so a partner organization does not need to become the custodian of a participant's private day-to-day mental health content.
Practical Implication
The product can complement existing care and support structures without requiring a new patient-monitoring workflow for most implementations.
Organizations do not need employee or student content
The model is designed around aggregate-only program visibility rather than participant-level behavioral surveillance.
Minimal vendor surface for limited external processing
External processing is limited to product operations such as account access, subscriptions, gifts, attribution, analytics, diagnostics, support, and transactional email.
Clear product boundaries reduce unnecessary exposure
No anonymous forums, no public social feed, and no open-ended AI therapy chat as the primary support model.
What Organizations Receive
- Aggregate activation and program-level signals when a rollout is configured that way
- A privacy-first product model that does not depend on participant journals or reflections being visible to staff
- A tool that can complement existing care without adding a provider-monitoring dashboard
What Organizations Do Not Receive
- Participant journals, personal reflections, assessment responses, or check-in content
- A patient-level monitoring feed for routine day-to-day use
- A public social surface where users are exposed to each other's disclosures
Limited External Processing
Current vendors referenced in the privacy policy
Supabase
Used for account authentication, entitlement lookups, storage delivery used by the app, gift/access records, partner portal records, and internal operational records such as referral or payout reconciliation.
RevenueCat
Used for subscriptions, purchase history, entitlements, gift access, and premium access management.
Stripe
Used for website gift checkout, partner billing, payments, refunds, and related payment metadata.
PostHog
Used for product analytics. Neurture does not intentionally send journal text, assessment responses or scores, named check-in content, or raw motivation statements to PostHog analytics.
Sentry
Used for crash reporting and diagnostics. The app disables default PII collection and applies redaction helpers for known sensitive fields where practical.
Airbridge
Used for deep linking, referral attribution, and partner/access attribution.
Email providers
Brevo and/or SendGrid are used for transactional, support, newsletter, gift, and partner-related email.
Operating Notes
- Privacy, support, and deletion requests can be made via support@neurtureapp.com.
- The privacy policy is dated May 10, 2026 and remains the governing source for legal detail.
- The in-app analytics opt-out applies to PostHog usage analytics; necessary account, subscription, gift, security, support, and diagnostic processing may still occur.