Deizi Logo

Privacy Policy

Effective Date: January 1, 2025

Welcome to Deizi, your digital mental wellness and therapy platform. Your privacy and the security of your mental health information are our highest priorities. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

1. Information We Collect

We collect the following types of information to provide and improve our mental wellness services:

Personal Information

  • Name, email address, and phone number
  • Gender, age, and country of residence
  • Profile information and user preferences
  • Communication preferences and language settings

Account Data

  • Login credentials (securely hashed and encrypted)
  • Account preferences and personalization settings
  • Usage history and activity logs
  • Session booking and appointment history

Health-Related Information

We may collect sensitive health information with your explicit consent:

  • Information you voluntarily share during therapy sessions
  • Self-assessment responses and mental health questionnaires
  • Mental health goals and progress tracking data
  • Notes and reflections you create within the app
  • Wellness activities and mood tracking information

Note: This information is treated with the highest level of confidentiality and security.

Device and Technical Data

  • Device model, operating system (Android/iOS), and app version
  • IP address, browser type, and time zone settings
  • App usage analytics and performance data
  • Crash reports and error logs for troubleshooting

Payment Information

  • Payment data is processed through secure, PCI-compliant third-party providers (e.g., Stripe, Paystack, Flutterwave)
  • We store only transaction IDs and payment confirmation details
  • We do NOT store your full credit card numbers or CVV codes on our servers
  • Billing address and payment method type (for record-keeping)

Therapist Verification Data

For therapists joining our platform:

  • Professional licenses and credentials
  • Identity verification documents (government-issued ID)
  • Educational qualifications and certifications
  • Professional liability insurance information
  • Work history and specializations

2. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide and maintain mental wellness and therapy services
  • Therapist Matching: To connect you with appropriate, verified therapists based on your needs
  • Communication: To facilitate secure communication between clients and therapists
  • Verification: To verify therapist identity, licenses, and professional qualifications
  • Payment Processing: To process bookings, payments, and manage session billing
  • Personalization: To customize content, recommendations, and self-care resources
  • Progress Tracking: To help you monitor your mental health goals and improvements
  • Notifications: To send important updates, appointment reminders, and platform announcements
  • Security: To protect platform security, prevent fraud, and ensure user safety
  • Improvement: To analyze usage patterns and enhance user experience
  • Compliance: To ensure legal compliance and accountability
  • Support: To provide customer service and respond to your inquiries

3. Legal Bases for Processing (GDPR)

We process your personal data based on the following legal grounds under GDPR:

Consent

For processing sensitive health data, marketing communications, location tracking, and optional features. You can withdraw consent at any time.

Contract Performance

To fulfill therapy services, session bookings, and transactions you request through our platform.

Legitimate Interest

To improve our platform, ensure security, prevent fraud, and provide personalized mental wellness experiences.

Legal Obligation

To comply with applicable laws, regulations, legal processes, and professional licensing requirements.

4. Data Storage and Security

We take the security of your mental health data extremely seriously. Our comprehensive security measures include:

  • End-to-End Encryption: All sensitive data is encrypted both in transit (using TLS/SSL) and at rest (AES-256 encryption)
  • Secure Infrastructure: Data is stored on secure, HIPAA-compliant cloud servers with regular backups
  • Access Controls: Strict role-based access controls limit data access to authorized personnel only
  • Multi-Factor Authentication: Optional MFA available for enhanced account security
  • Regular Audits: Routine security audits, vulnerability assessments, and penetration testing
  • Data Minimization: We collect only the data necessary for service delivery
  • Retention Limits: Data is retained only as long as necessary for service delivery or legal compliance
  • Secure Deletion: Upon account deletion, your data is permanently and securely removed from our active systems within 30 days

While we implement industry-standard security measures, no system is 100% secure. We continuously monitor and improve our security practices to protect your information.

5. Data Sharing and Third Parties

We do NOT sell, rent, or trade your personal information to third parties.

We may share your data only in the following limited circumstances:

✓ With Your Therapist

Information necessary to facilitate your therapy sessions and provide mental health support.

✓ Service Providers

Limited data shared with trusted partners who help us operate the platform:

  • Payment processors (Stripe, Paystack, Flutterwave) - for secure transactions
  • Cloud hosting providers - for secure data storage
  • Email service providers - for communications
  • Analytics tools - for platform improvement (anonymized data only)

All service providers are bound by strict confidentiality agreements and data processing terms.

✓ Legal Requirements

When required by law, court order, subpoena, or government authority, or to protect legal rights.

✓ Safety and Protection

To prevent imminent harm, fraud, abuse, or protect the rights, safety, and security of users and the platform.

✓ Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred (with notice provided to you).

Your Control: We never share your data with advertisers or marketing companies without your explicit, opt-in consent.

6. Your Privacy Rights

Under GDPR (European Union)

If you are located in the EU/EEA, you have the following rights:

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Correct inaccurate or incomplete information in your profile.

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data, subject to legal retention requirements.

Right to Data Portability

Receive your data in a structured, commonly used, machine-readable format.

Right to Restrict Processing

Limit how we use your data in certain circumstances.

Right to Object

Object to data processing for direct marketing or legitimate interest purposes.

Right to Withdraw Consent

Withdraw consent for marketing, health data processing, or optional features at any time.

Right to Lodge a Complaint

File a complaint with your local data protection authority if you believe your rights have been violated.

Under CCPA/CPRA (California, USA)

If you are a California resident, you have additional rights:

  • Right to Know: What personal information we collect, use, and share
  • Right to Access: Request access to your personal information
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale or sharing of personal data (we don't sell your data)
  • Right to Correct: Request correction of inaccurate information
  • Right to Limit: Limit use of sensitive personal information
  • Non-Discrimination: You will not be discriminated against for exercising these rights

How to Exercise Your Rights

To exercise any of these privacy rights, please contact us at [email protected]. We will respond to your request within 30 days (or as required by applicable law).

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on Deizi:

Types of Cookies We Use:

  • Essential Cookies: Required for platform functionality (login, security, session management)
  • Performance Cookies: Help us understand how users interact with the platform (anonymized analytics)
  • Functional Cookies: Remember your preferences and settings
  • Targeting Cookies: Used only with your consent for personalized content

Your Cookie Control: You can manage cookie preferences through your browser settings or our cookie consent tool. Note that disabling certain cookies may affect platform functionality.

8. Children's Privacy

Age Requirement: Deizi is intended for users aged 18 years and above. We do not knowingly collect, use, or store personal data from individuals under the age of 18.

If we discover that we have inadvertently collected data from a minor, we will delete it immediately. Parents or guardians who believe their child has provided information to us should contact us at [email protected].

9. International Data Transfers

Your personal information may be transferred to and stored on servers located outside your country of residence, including countries that may have different data protection laws.

We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions recognizing equivalent data protection
  • Binding corporate rules and data processing agreements
  • Encryption and security measures during transfer

10. Therapist Privacy and Professional Obligations

Therapists on Deizi are independent professionals bound by:

  • Professional Ethics: Adhere to their licensing board's code of ethics and conduct
  • Confidentiality Standards: Maintain client confidentiality in accordance with professional and legal requirements
  • Deizi's Privacy Requirements: Comply with our platform's privacy and security policies
  • Data Protection: Protect client information with appropriate technical and organizational measures

Therapists have limited access to client data necessary for providing therapy services. They cannot access other users' data or platform-wide analytics.

11. Data Retention Policy

We retain your personal information based on the following criteria:

Active Accounts

Data is retained for as long as your account remains active and you continue using our services.

Account Deletion

Upon request, we permanently delete your data within 30 days, except where legal retention is required.

Legal Requirements

Some data may be retained longer to comply with legal, tax, audit, or regulatory obligations (typically 7 years for financial records).

Backup Systems

Deleted data may persist in backup systems for up to 90 days before permanent removal.

12. Your Choices and Controls

You have control over your data and privacy settings:

  • Account Settings: Update your profile, preferences, and privacy settings anytime in the app
  • Communication Preferences: Opt-out of marketing emails via unsubscribe links or account settings
  • Data Access: Request a copy of your data at any time
  • Data Deletion: Request account and data deletion (contact support)
  • Cookie Management: Control cookies through browser settings or our cookie banner
  • Consent Withdrawal: Withdraw consent for optional features or health data processing

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or new features. When we make significant changes, we will notify you via:

  • Email notification to your registered email address
  • In-app notification or banner
  • Updated posting on this page with a revised effective date
    • ul>

    Your continued use of Deizi after changes take effect constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, your personal data, or your privacy rights, please contact us:

Company: Deizi

Email: [email protected]

We aim to respond to all privacy-related inquiries within 30 days.

🔒 Your Trust is Our Priority

Your mental health and privacy are paramount to us. We are committed to maintaining the highest standards of data protection and transparency. If you ever have concerns about how your information is handled, please don't hesitate to reach out. We're here to help and ensure you feel safe using Deizi.