What We Collect
Middl collects information you provide directly, information generated through your use of the app, and limited technical information required to operate the service.
| Data Type | What It Includes | Why We Collect It |
|---|---|---|
| Account information | Email address, display name, username, date of birth, password (hashed — never stored in plain text) | To create and manage your account |
| Session content | Text messages exchanged during live mediation sessions with Aria | To generate session summaries and enable Aria to mediate |
| Reflect conversations | Messages between you and Aria during solo Reflect sessions | To provide continuity across sessions and generate insights |
| Commitments | Follow-through commitments you make after sessions | To track follow-through and show commitment history |
| Connection data | Which users you're connected with, space assignments, relationship labels | To enable partner sessions and organize your spaces |
| Usage data | Session dates, durations, feature usage, streak data | To power Insights and improve the product |
| Device token | Expo push notification token | To send session invites and reminders when the app is closed |
| Sign in with Apple | Apple-provided identity token and optional name/email relay | To authenticate your account via Apple |
What we do not collect: Audio recordings, location data, contacts, camera access, browsing history, or any data from other apps on your device.
How AI Processes Your Data
Aria — Middl's AI mediator — is powered by large language models from third-party providers. Here is exactly what happens with your conversation data.
- Live sessions are processed by OpenAI's Realtime API in real time. Session text is sent to OpenAI's servers to generate Aria's responses. OpenAI processes this data under their API terms — they do not use API data to train their models by default.
- Reflect sessions and Help Me Say This use Anthropic's Claude model via OpenRouter. Your messages are sent to Anthropic's servers to generate Aria's responses, under similar data handling terms.
- Session summaries are generated after a session ends. Your transcript is sent to OpenAI's servers to produce observations and agreements. Summaries are then stored in your private account.
- AI providers do not store your conversation content beyond what is required to process the request. They do not use your Middl conversations to train their models.
- No AI provider has persistent access to your data — each API call is stateless. Middl manages all conversation history on our own servers.
Important: Aria is not a licensed therapist, counselor, or mental health provider. Middl is a communication support tool. If you are experiencing a mental health crisis, please contact a qualified professional or call 988 (Suicide & Crisis Lifeline).
Data Retention
We keep your data for as long as your account is active, with specific retention rules for sensitive content:
| Data Type | Retention Period |
|---|---|
| Session transcripts | 90 days — automatically deleted after 90 days from session date. You can also delete individual transcripts at any time from the session detail screen. Deleting your transcript does not affect your partner's copy. |
| Session summaries & history | Retained while your account is active. You can delete individual sessions at any time from the Sessions tab (swipe left or long-press). Deleting a session removes your summary and transcript but does not affect your partner's copies. All data deleted when you delete your account. |
| Reflect conversations | Retained while your account is active. You can delete your account at any time to remove all data. |
| Open Journal content | Never stored — Open Journal sessions are not saved to any database unless you explicitly choose "Save to My Mind." |
| Account data | Retained until you delete your account. Deletion is immediate and permanent. |
| Push tokens | Stored while your account is active. Cleared on account deletion. |
Open Journal — Zero Persistence
Open Journal is Middl's incognito mode. It is designed to be a completely private space with no lasting record.
- Nothing is saved during an Open Journal session. Your messages exist only in device memory while the session is active.
- When you leave, everything disappears. Aria starts completely fresh the next time you open Open Journal.
- If you choose "Save to My Mind" at the end of a session, that content is then saved to your private My Mind space — with your explicit consent.
- We only track a total session count (a number, not content) for streak purposes.
- AI providers process your Open Journal messages in the same way as other sessions — they receive message text to generate responses but do not store it.
Your Rights
You have the following rights regarding your personal data:
To exercise any of these rights, use the in-app account deletion feature or contact us at privacy@joinmiddl.com. We will respond within 30 days.
If you are located in the European Union or California, you may have additional rights under GDPR or CCPA. Please contact us to learn more.
Security
We implement industry-standard security measures to protect your data:
- Row Level Security (RLS) on every database table ensures you can only access your own data — even if our API keys were compromised, data isolation is enforced at the database layer.
- All API routes require authentication. Every server-side request verifies your identity via a signed JWT token before processing.
- AI API keys are server-side only. Your OpenAI and Anthropic credentials never appear in the app bundle or client code.
- Passwords are never stored in plain text. Supabase Auth handles credential storage with bcrypt hashing.
- Session transcripts auto-expire after 90 days, reducing the window of data exposure over time.
- Rate limiting on all AI endpoints prevents abuse and protects against unauthorized bulk data access.
No method of transmission over the internet or electronic storage is 100% secure. We strive to protect your data but cannot guarantee absolute security.
Children
Middl is not intended for users under the age of 18. We verify age during account creation and block accounts for users under 18. We do not knowingly collect personal information from children. If you believe a child has created an account, please contact us at privacy@joinmiddl.com and we will delete the account immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you through the app or by email. The "Last updated" date at the top of this page reflects when the policy was last revised. Continued use of Middl after changes are posted constitutes your acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact us:
Email: privacy@joinmiddl.com
App: Middl — available on the iOS App Store
For account deletion: Profile → Delete Account (in-app)
We are committed to resolving any privacy concerns promptly and transparently.