Privacy Policy

Wyser is an emotionally intelligent AI companion that helps you understand your emotional patterns through reflection. Wyser is not a therapist, counsellor, or medical provider. If you are in crisis, please contact a crisis helpline in your area.

Account Information

When you sign up, we collect your email address, your name, and your age at onboarding. If you use Sign-In with Google, we additionally receive your Google name, email, and profile picture from Google. If you set a password, we store only a hashed version using an industry-standard one-way algorithm; we never have access to the plaintext.

Your profile page also lets you optionally fill in a short bio and a location (e.g. "Mumbai, India"). These fields are stored only if you fill them; they are not tracked or required.

Onboarding Responses

During onboarding we present short scenarios and attachment-style and emotional-weather questions. Your answers shape how Wyser personalises its tone for you. Answers are stored in your account and are covered by the same deletion and export rights as the rest of your data.

Conversations

Your conversations with Wyser are stored so that Wyser can remember your patterns and provide continuity across sessions. Conversations are encrypted at rest and are only accessible to you. We do not read, review, or use your conversations for any purpose other than providing the Wyser experience to you.

Emotional and Pattern Data

Wyser analyses your messages to extract emotional signals (like mood indicators and regulation state) and identify recurring patterns. This data is used solely to personalise your experience: adapting Wyser's tone, tracking your growth, and generating your weekly insights. This data is never shared or used to target you with ads.

Session Quality Data

When you end a session, Wyser may ask how you are feeling. Your response (if you choose to give one) helps us understand whether Wyser is helping. This data is stored with your session and is never shared externally. You can disable this prompt in your profile settings.

Anonymous Usage Analytics

If you opt in, we collect anonymous usage data such as which features you use and how often you visit. This data is aggregated across all users and cannot be traced back to you. Analytics are opt-in only and disabled by default. You can change this at any time in your profile settings.

• We do not track your location (no geolocation, no IP-based geo lookups)
• We do not use device or browser fingerprinting
• We do not read your social media activity or connect to your social graph (Sign-In with Google is used only to verify your identity)
• We do not sell your data, and we do not share it with any party except the third-party services described below, each of which receives only what they need to provide their specific function
• We do not use your conversations to train AI models (see the AI Processing section below)
• We do not show ads or use your data for advertising

• Encryption in transit: all communication uses HTTPS/TLS
• Encryption at rest: sensitive data is encrypted in our database
• Password security: passwords are hashed using an industry-standard one-way algorithm; we never have access to your plaintext password
• Access controls: only you can access your conversations and data
• Brute-force protection: rate limiting and automatic account lockout after repeated failed login attempts

Your messages are processed by AI language models to generate Wyser's responses. Your messages are sent to AI providers only for the purpose of generating the reply you see, and for nothing else.

We work exclusively with AI providers whose published policies commit to not using API traffic to train their models, and we configure our requests to reinforce that wherever a setting is available. We cannot independently audit every provider's internal handling, so our promise is this: we select and configure providers based on that commitment, and we will update this page if we ever change that posture.

To operate Wyser, we work with a small number of third-party services. Each receives only the data strictly necessary to perform its function. We do not sell or share your data with any party outside these categories.

• Application hosting and database: the infrastructure that runs Wyser and stores your data securely.
• Transactional email: used to send sign-in links and account notifications. Only your email address is involved.
• AI model processing: used to generate Wyser's responses. Your messages are sent only for this purpose and are not used to train models.
• Social sign-in: if you choose to sign in with a third-party provider (such as Google), that provider confirms your identity. We receive only your name and email address from them.
• Error monitoring: used to detect and fix bugs. We send only a stable technical identifier alongside error details; no personal content or email is included.
• Newsletter and waitlist: used only if you subscribe to our newsletter or join the waitlist. Not connected to any other data flow in the app.

We review these relationships regularly. If we add a new category of third-party data sharing, we will update this section and notify you through the app.

You have the right to:

• Access: view all data Wyser has about you
• Export: download your data in JSON or Markdown format
• Delete: permanently delete your account and all associated data
• Correct: update your profile information at any time
• Withdraw consent: disable analytics or sign-off prompts in settings
• Delete memories: remove individual memories from your Memory Box

Your data is retained for as long as you have an active account. When you delete your account, all your personal data, including conversations, memories, letters, rituals, and profile information, is permanently deleted. Anonymous aggregate analytics (which cannot be traced to you) may be retained.

We do not use third-party tracking cookies or advertising cookies. We do use your browser's local storage for the following, all strictly first-party and used only to make the app work:

• Authentication state: your sign-in token and a cached copy of your user profile, so you stay signed in between visits.
• Consent preference: whether you've opted in to anonymous usage analytics (the authoritative copy also lives on the server).
• Onboarding progress: events from the short onboarding flow, stored locally so the completion UI can pick up where you left off. These are only sent to our servers if you have opted in to analytics.
• Dismissed UI hints: one-off flags so we don't keep showing you the same "Install Wyser" or "Add to Home Screen" suggestion after you've dismissed it.

You can clear any of this at any time from your browser's settings. Clearing local storage will sign you out and reset dismissals, but it will not delete any data stored on our servers. To delete server-side data, use the delete-account flow in your profile.

We may update this privacy policy from time to time. If we make significant changes, we will notify you through the app. Your continued use of Wyser after changes constitutes acceptance of the updated policy.

If you have questions about this privacy policy or want to exercise your data rights, please contact us at privacy@wyser.me.