Legal

Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Catatonica ("we", "us", or "our") collects, uses, and protects your information when you use our Service. We take your privacy seriously — especially given the personal nature of what you share with us.

1. What We Collect

We collect only what is necessary to provide the Service:

• Account information: email address and password (hashed, never stored in plain text)
• Content you create: situation names, intention texts, session records, genesis reflections
• Usage data: session counts, Catatons earned, completion events — used to power your dashboard
• Payment information: processed by Paddle. We never see or store your card details.
• Waitlist email: if you joined the waitlist before creating an account

2. What We Don't Collect

• We do not collect your location
• We do not use tracking pixels or advertising cookies
• We do not sell your data to third parties — ever
• We do not use your content to train AI models

3. How We Use Your Data

Your data is used solely to:

• Provide and maintain the Service
• Authenticate your account
• Display your situations, sessions, and Catatons back to you
• Process subscription payments via Paddle
• Send essential service emails (account confirmation, password reset)

4. Data Storage

Your data is stored securely in Supabase (PostgreSQL), with Row Level Security enabled — meaning your data is only accessible by you. Supabase infrastructure is hosted on AWS in the US East region.

5. Third-Party Services

• Supabase — authentication and database hosting
• Paddle — payment processing and subscription management
• Cloudflare Pages — website hosting and content delivery

Each of these services has their own privacy policies governing their data handling.

6. Your Rights

You have the right to:

• Access all data we hold about you
• Export your content at any time
• Delete your account and all associated data
• Correct inaccurate information

To exercise these rights, contact us at hello@catatonica.app

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently deleted within 30 days.

8. Children's Privacy

The Service is not directed at children under 13. We do not knowingly collect data from children under 13.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email. Continued use after changes constitutes acceptance.

10. Contact

For privacy questions or data requests: hello@catatonica.app