Privacy Policy

Get2Therapy Inc. is a technology company based in Canada that operates the Get2Therapy platform — an AI-assisted relationship support service. We are subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.

For questions about this policy: privacy@get2therapy.com

Account information: Your name, email address, and a hashed (never plain-text) version of your password. We also store your partner's first name if you choose to provide it.

Session content: The messages you exchange with Aria during therapy sessions, session titles, topics, mood check-ins, and session summaries generated by the AI.

Technical data: IP address and user-agent string at account creation (for fraud and abuse prevention only). Standard server logs including request timestamps.

Product analytics: Basic first-party event analytics such as landing page visits, signup starts, partner invite acceptance, resource reads, and quiz completion. We use this to understand what is working in the product and to improve conversion flows. We do not use it for cross-site advertising or sell it to third parties.

Payment data: We do not store payment card numbers. If you subscribe to a paid plan, billing is handled by Stripe, who maintains their own privacy practices.

What we do not collect: We do not collect your precise location, biometric data, browsing history outside our platform, or any data from your device beyond what you intentionally submit.

To provide the service: Session content is sent to the AI model provider configured for Get2Therapy so Aria can respond during your session. This data is transmitted over an encrypted connection and used only to generate those responses.

Security and fraud prevention: IP address and account creation timestamps help us detect and prevent abusive signups and protect other users.

Product measurement: We use first-party analytics to understand which pages people read, whether the signup flow is working, and whether features like partner invites and session summaries are useful. This helps us improve the service without relying on advertising trackers.

Service improvement: We may analyse aggregated, anonymised usage patterns (e.g., most common session topics) to improve the platform. Individual conversations are never reviewed by our team.

We never: sell your data to third parties, use your session content to train any AI model, share your personal information with advertisers, or disclose your data to any third party except as required by law or as outlined here.

All data is stored in a private PostgreSQL database hosted on Google Cloud (Canada / US regions). Data is encrypted at rest and in transit using industry-standard TLS. Access to production systems is tightly limited and audited, and we do not routinely access individual session content.

We retain your session data for as long as your account is active. When you delete your account, all associated data — messages, sessions, profile information — is permanently deleted within 30 days.

As a Canadian privacy law, PIPEDA grants you the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Withdraw consent and request deletion of your data
• File a complaint with the Office of the Privacy Commissioner of Canada

For users in the European Economic Area, your rights under the GDPR also apply. For users in California, your rights under the CCPA apply. We honour all such requests regardless of jurisdiction.

To exercise any of these rights, contact us at privacy@get2therapy.com.

Messages: Session text is processed by the AI provider configured for the service to generate Aria's replies. We do not use your conversations to train AI models. See our Privacy & health data notice for how we treat session content.

Sign-in: Account creation and email verification use industry-standard authentication services (operated by Google). Your email is processed only for login and account security.

AI infrastructure: Depending on configuration, we may use OpenAI, Google AI, or Vertex AI as a hosted model provider. Those providers process only what is needed to generate responses.

Stripe: If you subscribe, payment processing is handled by Stripe. We never see or store your full card number.

Google Cloud: Our servers and database are hosted on Google Cloud Platform using managed infrastructure and standard cloud security controls.

Get2Therapy is intended for users aged 18 and older. We do not knowingly collect data from minors. If you believe a minor has created an account, please contact us immediately.

We will notify users of material changes to this policy by email at least 14 days before they take effect. Continued use of the service after that date constitutes acceptance of the updated policy.