# Privacy Policy

> myUDDA is designed to help you reflect, understand yourself, improve relationships, and explore your curiosity. Because we deal with your personal thoughts and

*Last updated: 14 July 2026*

**myUDDA** is designed to help you reflect, understand yourself, improve relationships, and explore your curiosity. Because we deal with your personal thoughts and voice, your privacy is our primary concern.

In this policy, we explain what data we collect, where it goes, and how you retain control over your information. We aim for complete EU data sovereignty, and we are working continuously to provide you with a secure and empowering experience.

### 1. The Data Controller

When you use myUDDA, the legal entity responsible for your data under the GDPR is:

Feel the grow AB, Nysätravägen 36, 131 33 Nacka, Sweden

URL: <https://myudda.com>

Email: [hello@myudda.com](mailto:hello@myudda.com)

VAT: SE559409098601 Org Number: 559409-0986 D-U-N-S: 315321834

### 2. Data We Collect and Store

To provide a personalised experience, we collect and store the following data on your account:

- Account Information: Your name, email address, and login credentials.

- Conversations and Chat History: We store the text transcripts of your chats with the myUDDA AI so you can revisit your past reflections.

- Audio Recordings: When you use voice mode, we record your audio and store those recordings in secure storage buckets linked to your account.

- Payment Information: If you subscribe to a paid plan, your payments are securely processed by our third-party provider, Creem ([creem.io](http://creem.io)). We do not store your credit card numbers on our servers.

Note that myUDDA is a self-help and personal growth tool, not a clinical provider. However, because you may share sensitive personal reflections with us, we treat all your conversational data with the highest level of care.

### 3. Data Infrastructure and Processing

We want you to understand exactly how our technical infrastructure handles your data:

- Our EU-First Default: Your user data, chat history, and audio are stored securely on Supabase, which is a managed cloud database hosted on servers in Frankfurt or Stockholm. We also use a Qdrant vector database and a Neo4j graph database, both of which are self-hosted on Upcloud Kubernetes on EU servers.

- Voice and Real-Time Data: For voice calls, we use WebRTC, and for data transfer, we use websockets. Both of these run through our own self-hosted Livekit server.

- The AI Models: By default, we use open-source AI models (such as Mistral, Groq, or Nscale) running on EU infrastructure. However, you have the option to use alternative models like Anthropic or Google Vertex AI. If you choose to switch to these models, you are making an informed decision to route your prompt data through their respective servers.

- Voice Generation (TTS and STT): To process voice interactions, we use providers like Deepgram, Cartesia, our own self-hosted models, or ElevenLabs.

- The "Day 1" Reality Check: Our ultimate goal is 100% EU data sovereignty. Today, some API calls to third-party providers might process data outside the EU to ensure the app functions smoothly. When we use third-party providers outside of the EU, we always configure the API to set data retention to zero and ensure they cannot use or sell your data to train their models, provided the platform allows us to enforce these settings without an enterprise plan.

When you use myUDDA, we use limited tracking, analytics, and cookies or similar technologies to keep the service working, understand how people use the product, and measure the effectiveness of our marketing.

Our approach is as follows:

- **No Google Analytics or Matomo:** We do not use Google Analytics or Matomo on myUDDA.
- **PostHog EU analytics:** We use PostHog for product and website analytics. Our PostHog instance uses PostHog Cloud EU, with data processed in the EU. PostHog helps us understand how users interact with myUDDA so we can improve the product, identify technical issues, and measure usage patterns.
- **Proxy domain:** Analytics traffic may be routed through our proxy subdomain `p.myudda.cloud` before reaching PostHog. This proxy is used for reliable delivery of analytics requests and does not change the purpose of the processing.
- **No cross-site advertising tracking:** We do not use analytics to follow your activity across unrelated websites after you leave myUDDA.
- **Ad attribution:** If you visit myUDDA through an advertisement, the URL may contain a campaign or attribution parameter, such as `gclid`, `fbclid`, `wbraid`, or similar. We may store this parameter in a cookie or similar local storage and associate it with your myUDDA account when you sign up or log in. This helps us understand which marketing campaigns are effective.
- **Data minimisation:** We aim to collect only the information needed for product analytics, service improvement, security, debugging, and marketing attribution. We do not sell your analytics data.

Where required by law, we ask for your consent before placing non-essential cookies or using similar technologies, and you can withdraw or manage your consent through the cookie or privacy controls provided on the website.

### 4. Tracking, Analytics, and Cookies

When you use myUDDA, we use limited tracking, analytics, and cookies or similar technologies to keep the service working, understand how people use the product, and measure the effectiveness of our marketing.

Our approach is as follows:

- **No Google Analytics:** We do not use Google Analytics or myUDDA.
- **PostHog EU analytics:** We use PostHog for product and website analytics. Our PostHog instance uses PostHog Cloud EU, with data processed in the EU. PostHog helps us understand how users interact with myUDDA so we can improve the product, identify technical issues, and measure usage patterns.
- **Proxy domain:** Analytics traffic may be routed through our proxy subdomain `p.myudda.cloud` before reaching PostHog. This proxy is used for reliable delivery of analytics requests and does not change the purpose of the processing.
- **No cross-site advertising tracking:** We do not use analytics to follow your activity across unrelated websites after you leave myUDDA.
- **Ad attribution:** If you visit myUDDA through an advertisement, the URL may contain a campaign or attribution parameter, such as `gclid`, `fbclid`, `wbraid`, or similar. We may store this parameter in a cookie or similar local storage and associate it with your myUDDA account when you sign up or log in. This helps us understand which marketing campaigns are effective.
- **Data minimisation:** We aim to collect only the information needed for product analytics, service improvement, security, debugging, and marketing attribution. We do not sell your analytics data.

Where required by law, we ask for your consent before placing non-essential cookies or using similar technologies, and you can withdraw or manage your consent through the cookie or privacy controls provided on the website.

### 5. Your Rights Under GDPR

Under the General Data Protection Regulation, you have the right to:

- Access and Export: Request a copy of all the data, chat history, and audio recordings associated with your account.

- Rectification: Request corrections to any inaccurate information.

- Erasure: Request the permanent deletion of your profile, account, chat history, and audio recordings.

To exercise any of these rights, please email us at [hello@myudda.com](mailto:hello@myudda.com) from the email address associated with your account.

### 6. Security and Safety

We secure your data using industry-standard encryption, self-hosted environments, and secure cloud storage. However, no digital platform is completely immune to risk. By using myUDDA, you understand that you are sharing information on the internet. We commit to acting quickly, transparently, and responsibly in the event of any security issues.

### 7. Changes to this Policy

As we update our AI models, technical infrastructure, or EU server capacity, we may update this policy. We will notify you of any major changes within the app or via email.

If you have any questions or require further clarification, please contact us at [hello@myudda.com](mailto:hello@myudda.com).

---

**Canonical HTML:** <https://myudda.com/legal/privacy-policy>

**Markdown URL:** <https://myudda.com/legal/privacy-policy.md>

---

**Canonical HTML:** https://myudda.com/legal/privacy-policy
**Markdown URL:** https://myudda.com/legal/privacy-policy.md
