Privacy Policy

Effective Date: May 5, 2026 · Last Updated: May 2026


1. Introduction

TheraNode ("the App") is a personal mental wellness companion developed by Eleftherios Kostoulas. This Privacy Policy explains how the App handles your information.

info

The short version: TheraNode stores all data locally on your device. We do not collect, transmit, or have access to any of your personal information. We have no servers, no accounts, and no analytics.

2. Information We Do NOT Collect

TheraNode does not collect, transmit, or process any of the following:

  • Personal identification information (name, email, phone number)
  • Device identifiers (IMEI, advertising ID, hardware serial)
  • Location data
  • Usage analytics or behavioral data
  • Crash reports (stored locally only — see Section 5)
  • Any data through third-party analytics, advertising, or tracking SDKs

We have no servers. There is no backend infrastructure, no cloud storage, and no network communication of any kind (other than the phone dialer for emergency calls — see Section 6).

3. Information Stored Locally on Your Device

The App stores the following data exclusively on your device, in the application's private storage area:

DataPurposeEncryption
Daily wellness logsCore tracking functionality✅ AES-256-CBC encrypted
Personal notesUser-entered reflections✅ AES-256-CBC encrypted
User profilePersonalization and crisis nudge✅ AES-256-CBC encrypted
PINApp access authentication✅ SHA-256 hashed with salt
Security questionAccount recovery✅ Platform secure storage

We cannot access this data. It exists only on your device and is never transmitted anywhere.

4. Data Security

All wellness data is encrypted at rest using AES-256-CBC with a unique encryption key stored in your device's secure hardware enclave (Android Keystore or iOS Keychain). Your PIN is never stored in plain text — it is hashed using SHA-256 with a unique per-user salt.

The App includes brute-force protection with exponential lockout after failed PIN attempts.

5. Crash Logs

If the App encounters an unexpected error, it writes a crash log to a local file on your device containing a timestamp, OS info, and a technical error description. Crash logs do not contain any of your wellness data, notes, or personal information. They are stored locally and are never sent automatically.

You may choose to voluntarily share crash logs with us via your device's share function (e.g., email) if you wish to report an issue. This is entirely optional.

6. Permissions

The App requests one permission:

PermissionPurpose
READ_PHONE_STATE (Android only) Used exclusively to verify cellular connectivity before offering emergency call buttons. We do not read, store, or transmit your phone number, IMEI, SIM information, or call history.

7. Crisis Safety Feature

When the App detects elevated distress or self-harm indicators, it may display an emergency dialog offering to dial your therapist or your country's crisis hotline. This feature:

  • Uses the standard phone dialer (via tel: URI) — the App does not place calls directly
  • Requires you to confirm the call in your device's dialer app
  • Does not record or log whether a call was placed
  • Works entirely offline — no data is sent to any server

8. Data Export and Backup

The App allows you to:

  • Export a PDF report — Generated locally, shared via your device's share sheet
  • Export raw JSON data — Generated locally, shared via your device's share sheet
  • Create an encrypted backup — Protected with a password you choose

All exports are generated on-device. We never receive copies of your exports.

9. Data Retention and Deletion

Since all data is stored locally on your device:

  • To delete all data: Uninstall the App, or clear the App's data through your device's Settings → Apps → TheraNode → Clear Data.
  • Data is never retained by us because we never receive it in the first place.
  • Backups you create are stored wherever you choose. You are responsible for managing and deleting those copies.

10. Children's Privacy

TheraNode is not directed at children under the age of 13. We do not knowingly collect information from children. Since the App collects no data from any user, this concern is inherently mitigated.

11. Third-Party Services

TheraNode does not integrate with any third-party services, SDKs, or APIs that collect user data. There are no:

  • Analytics services (e.g., Google Analytics, Firebase Analytics)
  • Advertising networks
  • Social media integrations
  • Cloud storage services
  • Crash reporting services (e.g., Crashlytics, Sentry)

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be reflected by updating the "Last Updated" date at the top. Since we have no way to contact you directly, changes will be published at the URL linked from the Google Play Store listing.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

Email: theranode.info@gmail.com

14. Summary

QuestionAnswer
Do you collect any personal data?No
Do you transmit data to any server?No
Do you use analytics or tracking?No
Do you share data with third parties?No
Is stored data encrypted?Yes — AES-256-CBC
Can you access my data?No — we have no servers
How do I delete my data?Uninstall the app or clear app data