Privacy is not our policy.
It's our architecture. We built TRUE YOU so we cannot see, sell, or lose your therapy data — even if we wanted to.
Mental health tech has a trust crisis
Mental health is the most sensitive data there is. Your deepest fears, your relationship struggles, your trauma — this information requires absolute protection.
Yet the mental health technology industry has repeatedly failed to protect it:
Major telehealth platform fined by FTC for sharing mental health data with advertising platforms
Therapy visit data, questionnaire responses, and treatment information shared with Facebook and other advertisers
Leading online psychiatry company leaked patient data through tracking pixels
Meta Pixel installed on pages where patients entered sensitive mental health information
Popular AI companion app banned in major markets for privacy violations
Massive fines for processing sensitive data without consent and failing to implement age verification
These aren't isolated incidents. They're the predictable result of business models that treat user data as the product.
We built TRUE YOU differently.
Privacy by design, not afterthought
We didn't add privacy features to a surveillance-based system. We designed the system from day one to protect your data.
On-Device AI Processing
Sensitive analysis happens on your phone using the Neural Engine (iOS), Hexagon (Android), or Tensor processors. Your deepest reflections never leave your device.
Encrypted Vault (CUBE)
Your therapy data lives in an encrypted container with keys stored in the Secure Enclave. Not even TRUE YOU can decrypt it.
User-Owned Data
Your data belongs to you. Built on decentralized identity standards, giving you true ownership and portability.
Zero-Knowledge Architecture
We designed the system so we cannot see your data even if we wanted to. This isn't policy — it's mathematics.
No Third-Party Sharing
No advertisers. No data brokers. No "anonymized" datasets. Your therapy stays between you and your therapist.
Audit Trail
Every access to your data is logged and visible to you. Complete transparency about who sees what and when.
The technical details
On-Device Processing
Modern smartphones have powerful AI processors designed for exactly this purpose:
- iOS: Neural Engine processes your conversations locally
- Android: Hexagon DSP and Tensor chips handle on-device analysis
This means ALLI can understand your patterns, track your moods, and provide insights without sending your raw data to any server.
The CUBE: Your Encrypted Vault
Your therapy data is stored in what we call the CUBE — an encrypted container on your device:
- AES-256 encryption (the same standard protecting government secrets)
- Keys stored in the Secure Enclave / TEE — physically isolated from the rest of the device
- Biometric unlock only — your face or fingerprint is required to access
Even if someone stole your phone, they couldn't access your therapy data without your biometrics.
User-Owned Data
We're building on decentralized identity standards that give you true ownership of your data:
- You control who can access your data
- You can export your data at any time
- You can delete your data permanently
- Your data is portable — it goes with you
What We Can and Cannot See
We can see:
- Aggregate, anonymized usage statistics (how many people use which features)
- Technical error reports (with no personal content)
- Account information you provide (email, subscription status)
We cannot see:
- Your conversations with ALLI
- Your journal entries or voice notes
- Your therapy session notes
- Your CORE scores or personal insights
- Any content you create in the app
"We designed TRUE YOU so that even if we were subpoenaed, hacked, or acquired by a company with different values — your therapy data would remain protected. That's the promise of architectural privacy."
Built for therapist peace of mind
Therapists have professional and legal obligations to protect client data. We built TRUE YOU to exceed those requirements:
HIPAA Compliance
Full compliance with the Health Insurance Portability and Accountability Act. This includes:
- Business Associate Agreements (BAA) available for all therapist accounts
- Administrative, physical, and technical safeguards
- Breach notification protocols
- Regular security audits and assessments
Data Minimization
We only collect what's necessary for the service to function. If we don't need it, we don't store it.
Audit Trails
Every access to patient data is logged. Therapists can see who accessed what and when — complete transparency for clinical compliance.
Secure Communication
All data in transit is encrypted with TLS 1.3. The connection between patient app, therapist dashboard, and any synced data is secured end-to-end.
Privacy FAQ
Can my therapist see everything I tell ALLI?
You control what your therapist sees. By default, they receive session briefs and pattern summaries. You can choose to share more or less, and you can always see exactly what they have access to.
What happens to my data if I stop using TRUE YOU?
You can export all your data at any time in a standard format. When you delete your account, your data is permanently deleted — we keep nothing.
Could TRUE YOU be forced to hand over my data to law enforcement?
We cannot provide what we cannot access. Your therapy content is encrypted with keys only you control. Even if we received a legal demand, we could not decrypt your conversations, journals, or personal insights.
How do you make money if you're not selling data?
We charge for the service. Therapists pay for the clinical dashboard. Patients (or their therapists) pay for premium ALLI features. Our business model is aligned with your privacy — not against it.
Is my data used to train AI models?
No. Your personal therapy data is never used to train our AI models. Our models are trained on anonymized, consented clinical data from our research practice — not from the production app.
Privacy questions?
We're happy to discuss our privacy architecture in detail. Whether you're a therapist, patient, or security researcher — we welcome the conversation.
Contact Our Privacy Team