Privacy Policy

Effective Date: March 13, 2026

Socrify ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App") and related services. Socrify is a private, on-device AI thinking partner designed to help you gain clarity through Socratic dialogue, with all core functionality running locally on your device by default. We prioritize privacy, ensuring no accounts are required, and no data leaves your device without your explicit consent.

By downloading, installing, or using the App, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App. This Policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) in the EU/UK, the California Consumer Privacy Act (CCPA/CPRA) as amended, the Nigerian Data Protection Act (NDPA), and other relevant international standards.

1. Information We Collect

Socrify is built with privacy at its core. We do not collect personal information unless you explicitly opt-in to certain premium features. Here's a breakdown:

a. On-Device Data (No Collection by Us)

  • Thoughts and Sessions: All user inputs (text or voice), Socratic dialogues, Clarity Maps, and insights are processed and stored locally on your device using encrypted local storage (AES-256). This includes your Private Thought Vault, which is fully on-device and inaccessible to us.
  • Device Information: For core functionality, the App may access local device capabilities (e.g., microphone for voice input, health data for biometric mood integration in Phase 2 features) only with your permission. This data never leaves your device and is not shared with us.
  • No Accounts: We do not require or collect login credentials, email addresses, or any identifiers for core use.

b. Opt-In Premium Features (Cloud-Enhanced)

If you subscribe to premium features and explicitly opt-in, limited data may be transmitted to secure cloud servers for enhanced processing:

  • Cloud-Powered AI Responses: With your consent, session inputs may be sent to cloud LLMs (e.g., via secure API calls) for deeper insights. Only the necessary text is transmitted; voice data is processed locally first.
  • Cloud Backup: If you toggle on optional backup, sessions may sync to your existing iCloud (iOS) or Google Drive (Android) account. We do not access this data; it remains under your control.
  • Usage Data: Anonymized, aggregated metrics (e.g., session duration, without content) may be collected to improve the App, but only if you opt-in.

c. Automatically Collected Data

  • Diagnostic Data: Non-personal device information (e.g., OS version, device model) may be collected locally for troubleshooting. This is not sent to us unless you report an issue.
  • No Tracking: We do not use cookies, trackers, or third-party analytics in the App. For website interactions (e.g., waitlist signup), we may collect email addresses voluntarily provided, but these are stored securely and used only for launch notifications.

d. Phase 2 Features

Future features like Shared Clarity Sessions or Anonymous Insight Sharing will require explicit consent and involve minimal, anonymized data sharing only among consenting users. No personal identifiers will be involved.

We do not collect sensitive personal data (e.g., racial/ethnic origins, health data beyond optional biometric integration, or biometric identifiers) without your explicit consent and only as necessary for features you enable.

2. How We Use Your Information

We use information solely to provide and improve the App:

  • On-Device Processing: To generate Socratic questions, Clarity Maps, and pattern recognition locally.
  • Premium Enhancements: Opt-in cloud data is used for deeper AI responses, voice modes, and backups.
  • App Improvement: Anonymized data helps us enhance performance, but never for advertising or profiling.
  • Legal Compliance: To respond to legal requests or protect rights.

We do not sell, rent, or share your data for marketing purposes.

3. Sharing of Information

Your data stays private:

  • No Sharing by Default: Core data never leaves your device.
  • Opt-In Sharing: For premium cloud features, data is shared only with secure providers under strict data processing agreements. Transmission is encrypted end-to-end.
  • Service Providers: We may use third-party services that comply with our privacy standards, but only with minimal, anonymized data.
  • Legal Requirements: We may disclose data if required by law, subpoena, or to prevent harm.
  • Business Transfers: In a merger or acquisition, user data would be transferred under equivalent privacy protections.
  • Phase 2 Sharing: Features like Shared Sessions require explicit partner consent; Anonymous Insight Sharing aggregates data without identifiers.

We do not share data with advertisers, social networks, or unrelated third parties.

4. Data Security

We employ industry-standard measures:

  • Encryption: Local storage (AES-256) and transmissions (TLS 1.3+).
  • Access Controls: No remote access to your device data.
  • Vulnerability Management: Regular audits of native code (SwiftUI for iOS, Native for Android).
  • Incident Response: In case of a breach, we will notify affected users promptly as required by law (e.g., within 72 hours under GDPR/NDPA).

Despite these measures, no system is infallible. You are responsible for securing your device.

5. Data Retention

  • On-Device Data: Retained indefinitely on your device until you delete it or uninstall the App.
  • Cloud Data: Opt-in premium data is retained only as long as your subscription is active or necessary for the feature. Anonymized metrics are kept for up to 24 months.
  • Deletion: You can delete all data via App settings; cloud data is purged within 30 days of request.

6. Your Rights and Choices

Depending on your location, you have rights under GDPR, CCPA, NDPA, etc.:

  • Access and Portability: Request a copy of your data.
  • Correction: Update inaccurate data.
  • Deletion: Erase your data (subject to legal obligations).
  • Opt-Out/Withdraw Consent: Disable cloud features or backups at any time; this revokes consent without affecting prior lawful processing.
  • Object/Restrict: Challenge processing for legitimate interests.
  • Non-Discrimination: No penalty for exercising rights.
  • CCPA-Specific: California residents can opt-out of "sales" (we don't sell data) and request disclosures twice per year.

To exercise rights, contact us at hello@novasolutions.ng. We respond within 30 days (or 45 under CCPA). For NDPA compliance, Nigerian users can lodge complaints with the Nigeria Data Protection Commission.

7. Children's Privacy

Socrify is not intended for children under 13 (or 16 in some jurisdictions). We do not knowingly collect data from children. If we learn of such collection, we will delete it immediately. Parents/guardians: Contact us if you believe your child has provided data.

8. International Data Transfers

Socrify is operated from Nigeria, but serves global users. For opt-in cloud features, data may transfer to servers in the EU/US with adequate safeguards (e.g., Standard Contractual Clauses, Privacy Shield equivalents). We ensure equivalent protection levels.

9. Changes to This Privacy Policy

We may update this Policy to reflect changes in features or laws. Material changes will be notified via in-App notice or email (if provided). Continued use constitutes acceptance. Check the "Effective Date" for updates.

10. Contact Us

For questions or concerns:

Thank you for trusting Socrify with your thoughts. Your privacy is our priority.