Privacy Policy
⚠️ Warning: This document is a template and must be validated by legal counsel before production use.
Last updated: 9/29/2025
1. Introduction
MyCompanion ('we', 'our', 'us') is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, share and protect your information in accordance with the General Data Protection Regulation (GDPR).
2. Data Collected
2.1 User Data
- Account information: Name, email address, password (encrypted)
- Payment data: Billing information processed by Paddle
- Usage data: Login logs, preferences, interactions
2.2 Senior Data
- Personal information: Full name, phone number
- Call recordings: Audio content of conversations
- Transcriptions: Text version of conversations
- Analysis: Sentiment analysis, keyword detection
- Metadata: Call duration, status, timestamp
- Consent data: Date and time of explicit consent
2.3 Technical Data
- IP address, browser type, operating system
- Cookies and similar technologies (with consent)
- Performance data and errors
3. Legal Basis
3.1 Purposes
- Service provision: Monitoring senior well-being
- Alerts: Sending email and push notifications
- Dashboard: Displaying reports and analytics
- AI improvement: Optimizing detection models
- Billing: Managing subscriptions
- Support: Responding to requests
- Legal compliance: Meeting legal obligations
3.2 Legal Bases
- Contract: To provide our services
- Consent: For call recording and marketing
- Legitimate interests: To improve services
- Legal obligations: To comply with laws
4. Sharing and Data Processors
We work with carefully selected processors:
Supabase
Role: Database and authentication
Location: European Union
Data processed: All user and senior data
Dipler / Twilio
Role: Telephony API and conversational AI
Location: United States (with safeguards)
Data processed: Numbers, recordings, transcriptions
Resend
Role: Email sending
Location: United States (with safeguards)
Data processed: Email addresses, alert content
Sentry
Role: Error monitoring
Location: United States (with safeguards)
Data processed: Technical data, error logs
Paddle
Role: Payment processing
Location: United Kingdom
Data processed: Payment information
Vercel
Role: Hosting
Location: Global points of presence
Data processed: Web traffic data
5. Data Retention
6. Your Rights
Under GDPR, you have the following rights:
- Right of access: Get a copy of your data
- Right to rectification: Correct inaccurate data
- Right to erasure: Request deletion of your data
- Right to restriction: Restrict processing
- Right to portability: Receive your data in a structured format
- Right to object: Object to certain processing
- Consent withdrawal: Withdraw your consent at any time
To exercise these rights, go to Settings > Privacy Management.
7. Data Security
We implement appropriate measures:
- Data encryption in transit
- Data encryption at rest
- Strong authentication
- Regular security audits
- Staff training
- Incident management
8. International Transfers
Some processors are outside the EEA:
- Standard contractual clauses
- Privacy Shield certifications
- Data protection impact assessments
9. Cookies
We use cookies for:
- Essential cookies: Required for site operation
- Analytics cookies: To understand usage (with consent)
- Performance cookies: To optimize experience (with consent)
Manage preferences via our banner.
10. Minors
Our services are not for under 18s. We do not knowingly collect data from minors without parental consent.
11. Policy Changes
We may update this policy. We will notify you of significant changes by email or in-app notification.
12. Contact
Data Protection Officer
For questions about this policy or your data:
Email: privacy@mycompanion.com
Address: MyCompanion, [Address to complete]
Supervisory Authority
You have the right to lodge a complaint with your local supervisory authority.
Website: www.cnil.fr
Address: 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07