This document serves as the definitive reference for completing both Apple's App Privacy “nutrition labels” (App Store Connect) and Google's Data Safety section (Google Play Console). It maps every data type to its collection, usage, and sharing practices as required by both platforms.
1.Apple App Store — App Privacy Labels
Use these responses when completing the App Privacy section in App Store Connect.
Do you or your third-party partners collect data from this app? Yes
Do you or your third-party partners link collected data to the user's identity? Yes (account data is linked; argument text is processed by AI without identity linkage)
Do you or your third-party partners use collected data for tracking? No — We do not track users across other companies' apps or websites for advertising or ad measurement.
Data Types Collected
Contact Info
| Data Type | Collected | Linked to Identity | Used for Tracking | Purpose |
|---|---|---|---|---|
| Email Address | Yes | Yes | No | Account creation, transactional emails, support |
| Name (Display Name) | Yes | Yes | No | In-app display, partner identification |
| Phone Number | No | — | — | — |
| Physical Address | No | — | — | — |
User Content
| Data Type | Collected | Linked to Identity | Used for Tracking | Purpose |
|---|---|---|---|---|
| Other User Content (argument text, follow-up responses) | Yes | Yes (stored in user's account) | No | App functionality — AI processing for follow-ups and resolutions |
| Audio Data | No (voice is transcribed on-device; only text is collected) | — | — | — |
| Photos or Videos | No | — | — | — |
| Emails or Text Messages | No | — | — | — |
Identifiers
| Data Type | Collected | Linked to Identity | Used for Tracking | Purpose |
|---|---|---|---|---|
| User ID | Yes | Yes | No | Account management, data association |
| Device ID | No | — | — | — |
| Advertising Identifier | No | — | — | — |
Purchases
| Data Type | Collected | Linked to Identity | Used for Tracking | Purpose |
|---|---|---|---|---|
| Purchase History | Yes (subscription status only; no payment credentials) | Yes | No | Subscription management, feature entitlement |
Usage Data
| Data Type | Collected | Linked to Identity | Used for Tracking | Purpose |
|---|---|---|---|---|
| Product Interaction | Yes (screens viewed, features used — aggregated) | No (anonymized) | No | Analytics to improve product |
| Crash Data | Yes | No (no argument text in crash logs) | No | Bug fixing |
Diagnostics
| Data Type | Collected | Linked to Identity | Used for Tracking | Purpose |
|---|---|---|---|---|
| Performance Data | Yes (app load times, API latency — aggregated) | No | No | Performance optimization |
Data NOT Collected
- Location (Fine or Coarse)
- Health & Fitness
- Financial Info (payment credentials)
- Sensitive Info
- Contacts
- Browsing History
- Search History
- Advertising Data
2.Google Play Store — Data Safety Section
Use these responses when completing the Data Safety section in Google Play Console.
Does your app collect or share any of the required user data types? Yes
Is all of the user data collected by your app encrypted in transit? Yes — All data is transmitted over TLS 1.3.
Do you provide a way for users to request that their data is deleted? Yes — Users can delete individual arguments in-app, delete their entire account in Settings > Data & Privacy, or email privacy@heardapp.co.
Data Types — Collected and Shared
Personal Info
| Data Type | Collected | Shared | Purpose | Optional |
|---|---|---|---|---|
| Name (display name) | Yes | No | Account functionality | Required |
| Email address | Yes | Yes (with Stripe for payment processing) | Account management, billing | Required |
| User IDs | Yes | No | Internal account management | Required |
Financial Info
| Data Type | Collected | Shared | Purpose | Optional |
|---|---|---|---|---|
| Purchase history | Yes (subscription status) | Yes (with RevenueCat for subscription management) | Subscription management | Required for paid users |
| Payment info (cards, bank) | No — handled entirely by Google Play, Apple, or Stripe | — | — | — |
Messages
| Data Type | Collected | Shared | Purpose | Optional |
|---|---|---|---|---|
| Other in-app messages (argument text, follow-up responses) | Yes | Yes (text only, no identity, sent to Anthropic for AI processing) | Core app functionality | Required |
App Activity
| Data Type | Collected | Shared | Purpose | Optional |
|---|---|---|---|---|
| App interactions (screens, features) | Yes | No | Analytics and optimization | Optional (can disable in settings) |
| In-app search history | No | — | — | — |
App Info and Performance
| Data Type | Collected | Shared | Purpose | Optional |
|---|---|---|---|---|
| Crash logs | Yes | Yes (with Sentry for error monitoring) | Stability and bug fixes | Required |
| Diagnostics | Yes | No | Performance optimization | Required |
Device or Other IDs
| Data Type | Collected | Shared | Purpose | Optional |
|---|---|---|---|---|
| Device or other IDs | No | — | — | — |
Data NOT Collected or Shared
- Location (none)
- Photos and Videos (none)
- Audio (none — voice is processed on-device)
- Files and Docs (none)
- Calendar (none)
- Contacts (none)
- Health and Fitness (none)
- Web Browsing (none)
3.Data Processing Specifics for AI
This section clarifies how argument data flows to and from the AI provider, as both Apple and Google reviewers may ask about AI data handling.
What data is sent to the AI provider (Anthropic)?
- Argument text (what each partner wrote)
- Mood tags (e.g., "frustrated," "hurt") and mood intensity (1-5)
- Follow-up question responses
- Argument topic and category
What data is NOT sent to the AI provider?
- User name or display name
- Email address
- User ID or any account identifier
- Device information
- IP address
- Subscription status
- Any information that could identify the user as an individual
How is the data sent?
- Via Anthropic's API (HTTPS, TLS 1.3)
- A randomly generated UUID is used as a request correlation ID (not linked to the user account)
- No cookies, session tokens, or user identifiers are transmitted
Does the AI provider retain the data?
- Per Anthropic's API data usage policy, data sent via the API is not used to train models and is not retained beyond the processing window (typically seconds)
- We do not use Anthropic's consumer products (claude.ai) for processing — only the commercial API
Is AI processing optional?
- AI processing is the core function of the app. Without it, the app cannot generate follow-up questions or resolutions.
- Users consent to AI processing by using the service. This is disclosed in the Terms of Service and this Privacy Policy.
4.Data Retention Summary
For App Review reference:
| Data Type | Retention | User Deletable | Auto-Expiry |
|---|---|---|---|
| Account info | Until account deleted | Yes (30-day purge) | No |
| Argument text | Until argument or account deleted | Yes (immediate for argument, 30-day for account) | No |
| Follow-up responses | Until argument or account deleted | Yes | No |
| Resolutions | Until argument or account deleted | Yes | No |
| Reactions | Until argument or account deleted | Yes | No |
| Safety flags | 90 days after review | No (internal only) | Yes (90 days) |
| Subscription records | 7 years (tax compliance) | No | Yes (7 years) |
| Crash logs | 90 days | No | Yes (90 days) |
| Analytics | Indefinite (fully anonymized) | N/A (cannot be linked to user) | No |
5.Children's Privacy (COPPA / GDPR-K)
- Heard is rated 17+ on the App Store and "Mature" on Google Play
- The Service is intended exclusively for users 18 years of age and older
- We do not knowingly collect personal information from anyone under 18
- No features of the app are designed for or directed at children
- If we learn that a user under 18 has created an account, we will delete the account and all associated data promptly
If you believe a minor has provided personal information to Heard, contact privacy@heardapp.co immediately.
6.Permissions Justification
For App Review reference:
| Permission | Platform | Justification |
|---|---|---|
| Face ID / Biometric (NSFaceIDUsageDescription) | iOS | Optional app lock — users can enable biometric authentication to protect private relationship conversations. Biometric data never leaves the device. |
| Notifications | iOS / Android | To notify users when their partner submits their side, when follow-up questions are ready, and when a resolution is delivered. Users can opt out in Settings. |
| Microphone (NSMicrophoneUsageDescription) | iOS | Optional voice input for argument submission. Audio is processed on-device using Apple Speech Recognition; only the text transcript is sent to our servers. Audio is never recorded, stored, or transmitted. |
| USE_BIOMETRIC / USE_FINGERPRINT | Android | Same as iOS Face ID — optional app lock. |
| RECORD_AUDIO | Android | Same as iOS microphone — optional voice input. On-device transcription only. |
| Internet | Both | Required to communicate with our servers for AI processing, data sync, and real-time features. |
No permissions are requested for: Camera, Location, Contacts, Calendar, Phone, SMS, Storage (beyond app sandbox), Bluetooth, or Background Location.
7.Contact for App Review Teams
If Apple or Google review teams have questions about our data practices:
Primary Contact: privacy@heardapp.co
Support: support@heardapp.co
Legal: legal@heardapp.co
We respond to app review inquiries within 24 hours.