Privacy Policy
1. Introduction
TheraNode ("the App") is a personal mental wellness companion developed by Eleftherios Kostoulas. This Privacy Policy explains how the App handles your information.
The short version: TheraNode stores all data locally on your device. We do not collect, transmit, or have access to any of your personal information. We have no servers, no accounts, and no analytics.
2. Information We Do NOT Collect
TheraNode does not collect, transmit, or process any of the following:
- Personal identification information (name, email, phone number)
- Device identifiers (IMEI, advertising ID, hardware serial)
- Location data
- Usage analytics or behavioral data
- Crash reports (stored locally only â see Section 5)
- Any data through third-party analytics, advertising, or tracking SDKs
We have no servers. There is no backend infrastructure, no cloud storage, and no network communication of any kind (other than the phone dialer for emergency calls â see Section 6).
3. Information Stored Locally on Your Device
The App stores the following data exclusively on your device, in the application's private storage area:
| Data | Purpose | Encryption |
|---|---|---|
| Daily wellness logs | Core tracking functionality | â AES-256-CBC encrypted |
| Personal notes | User-entered reflections | â AES-256-CBC encrypted |
| User profile | Personalization and crisis nudge | â AES-256-CBC encrypted |
| PIN | App access authentication | â SHA-256 hashed with salt |
| Security question | Account recovery | â Platform secure storage |
We cannot access this data. It exists only on your device and is never transmitted anywhere.
4. Data Security
All wellness data is encrypted at rest using AES-256-CBC with a unique encryption key stored in your device's secure hardware enclave (Android Keystore or iOS Keychain). Your PIN is never stored in plain text â it is hashed using SHA-256 with a unique per-user salt.
The App includes brute-force protection with exponential lockout after failed PIN attempts.
5. Crash Logs
If the App encounters an unexpected error, it writes a crash log to a local file on your device containing a timestamp, OS info, and a technical error description. Crash logs do not contain any of your wellness data, notes, or personal information. They are stored locally and are never sent automatically.
You may choose to voluntarily share crash logs with us via your device's share function (e.g., email) if you wish to report an issue. This is entirely optional.
6. Permissions
The App requests one permission:
| Permission | Purpose |
|---|---|
READ_PHONE_STATE (Android only) | Used exclusively to verify cellular connectivity before offering emergency call buttons. We do not read, store, or transmit your phone number, IMEI, SIM information, or call history. |
7. Crisis Safety Feature
When the App detects elevated distress or self-harm indicators, it may display an emergency dialog offering to dial your therapist or your country's crisis hotline. This feature:
- Uses the standard phone dialer (via
tel:URI) â the App does not place calls directly - Requires you to confirm the call in your device's dialer app
- Does not record or log whether a call was placed
- Works entirely offline â no data is sent to any server
8. Data Export and Backup
The App allows you to:
- Export a PDF report â Generated locally, shared via your device's share sheet
- Export raw JSON data â Generated locally, shared via your device's share sheet
- Create an encrypted backup â Protected with a password you choose
All exports are generated on-device. We never receive copies of your exports.
9. Data Retention and Deletion
Since all data is stored locally on your device:
- To delete all data: Uninstall the App, or clear the App's data through your device's Settings â Apps â TheraNode â Clear Data.
- Data is never retained by us because we never receive it in the first place.
- Backups you create are stored wherever you choose. You are responsible for managing and deleting those copies.
10. Children's Privacy
TheraNode is not directed at children under the age of 13. We do not knowingly collect information from children. Since the App collects no data from any user, this concern is inherently mitigated.
11. Third-Party Services
TheraNode does not integrate with any third-party services, SDKs, or APIs that collect user data. There are no:
- Analytics services (e.g., Google Analytics, Firebase Analytics)
- Advertising networks
- Social media integrations
- Cloud storage services
- Crash reporting services (e.g., Crashlytics, Sentry)
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be reflected by updating the "Last Updated" date at the top. Since we have no way to contact you directly, changes will be published at the URL linked from the Google Play Store listing.
13. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us at:
Email: theranode.info@gmail.com
14. Summary
| Question | Answer |
|---|---|
| Do you collect any personal data? | No |
| Do you transmit data to any server? | No |
| Do you use analytics or tracking? | No |
| Do you share data with third parties? | No |
| Is stored data encrypted? | Yes â AES-256-CBC |
| Can you access my data? | No â we have no servers |
| How do I delete my data? | Uninstall the app or clear app data |