Privacy Policy (PAL / Hello PAL)
Last updated: January 23, 2026
This Privacy Policy explains how Being Phoenix, LLC (“Being Phoenix,” “we,” “us,” “our”) collects, uses, shares, and protects information when you use the PAL mobile application (also marketed as “Hello PAL”) and the hellopal.app website (together, the “Services”).
If you do not agree with this Privacy Policy, please do not use the Services.
Who this applies to
This Privacy Policy applies to users of the Services. The Services are intended for individuals 18 years and older.
Information we collect
We collect information in three main ways: (a) information you provide, (b) information collected automatically, and (c) information from third parties you use to access the Services.
A. Information you provide
Account information: such as email address and basic account identifiers (and any optional profile fields you choose to add).
User Content: content you enter into the app, including messages, reflections, journal-style entries, mood/emotion inputs, and related notes (“User Content”).
Support communications: information you provide when you contact support (e.g., emails, bug reports, screenshots you choose to send).
B. Information collected automatically
Device and app information: device type, operating system, app version, language, time zone, and similar technical details.
Usage data: interactions with the Services (e.g., screens viewed, feature usage, session duration), performance logs, and crash reports.
Approximate location: we may infer approximate location (e.g., city/region) from IP address for security and basic analytics. We do not need or request precise GPS location to provide the core experience.
C. Purchases
If we offer subscriptions or in-app purchases, Apple processes payments. We do not receive your full payment card details. We may receive purchase-related metadata (e.g., subscription status, product identifier) to provide access to paid features.
How we use information
We use information to:
Provide and operate the Services (including account login, saving your entries, and delivering requested features).
Personalize your experience (for example, reflecting your own inputs back to you or generating summaries/insights based on your usage).
Maintain safety and security (detecting abuse, preventing unauthorized access, and protecting user accounts).
Improve and debug the Services (analyzing performance, fixing crashes, and improving product quality).
Communicate with you (support responses, important service updates, and administrative messages).
Comply with legal obligations and enforce our Terms.
How AI processing works (and model training)
Some features may process your text using machine learning or AI systems to generate responses or insights.
We do not use your User Content to train models deployed to other users.
We may use aggregated and anonymized usage patterns and system-level metrics to improve product performance and reliability (for example, measuring feature adoption or crash rates).
Note: Like most software services, we may retain limited logs for security, troubleshooting, and compliance.
How we share information
We do not sell your personal information.
We may share information in the following circumstances:
A. Service providers (processors)
We use third-party vendors to help operate the Services, such as:
cloud hosting and databases,
authentication,
analytics and crash reporting,
email/support tooling,
AI processing providers.
These providers process information on our behalf under contractual obligations consistent with this Privacy Policy.
For example, we use Firebase (Google) for authentication and database services.
B. Legal and safety
We may disclose information if we believe it is reasonably necessary to:
comply with law, regulation, legal process, or a lawful request,
protect the rights, safety, and security of our users, the public, or our Services,
investigate fraud, security incidents, or violations of our Terms.
C. Business transfers
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction, subject to appropriate safeguards.
Data retention
We retain personal information for as long as necessary to:
provide the Services,
maintain business records,
comply with legal obligations,
resolve disputes, and
enforce agreements.
Retention periods vary depending on the type of data and why we collected it.
Your choices and rights
Depending on where you live, you may have rights to:
access, correct, or delete certain personal information,
object to or restrict certain processing, and
request information about our data practices.
Account deletion
You may request deletion of your account and associated data by contacting us at support@hellopal.app. We may retain limited information where required for legal, security, or operational reasons.
(If you have in-app deletion, replace the above with “You can delete your account in the app at Settings → Delete Account.”)
Security
We use reasonable administrative, technical, and organizational measures designed to protect information. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
International transfers
If you access the Services from outside the United States, your information may be processed and stored in countries where we or our service providers operate. These countries may have different data protection laws than your country.
Children
The Services are not directed to children under 18, and we do not knowingly collect personal information from children.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will update the “Last updated” date above. If changes are material, we may provide additional notice.
Contact us
For questions or requests related to privacy, contact us at:
Email: legal@hellopal.app (privacy/legal) or support@hellopal.app (support)
Mail: Being Phoenix, LLC; 418 Broadway STE N, Albany, ALBANY COUNTY, NY 12207 USA