Condri

Condri App LLC Privacy Policy

Last Updated: November 2025

Welcome to Condri. We’re a health & wellness company focused on providing support for health anxiety through practical, accessible tools. Our goal is to help people navigate health anxiety by giving them tools that help them manage their health anxiety. Condri is not intended as a substitute for professional care, but rather as a toolkit that can be used alongside any such care.

Condri App LLC from this point on “Condri,” “we,” “our,” or “us” operates the Condri app, associated websites, and all related services and support materials (collectively, the “Services”). We can be reached for support, legal notices, regulatory issues or questions at:

hello@condri.app

We care about transparency, responsibility, and building something that makes a meaningful difference in people’s lives. That begins here, by helping you understand exactly how we handle your personal information.

Our website is here, https://condri.app.

1. Information We Collect

1.1 Information You Provide

When you create an account or use our Services, we collect information that you provide directly to us, including:

  • Account Information: Name, email address, date of birth, and password
  • Health Information: Symptoms, feelings, check-ins, exercise responses, and journal entries you choose to record
  • Subscription Information: Payment details processed through RevenueCat and payment platforms (we do not store full payment card information)
  • Support Communications: Information you provide when contacting us for support

1.2 Information We Collect Automatically

When you use our Services, we automatically collect certain information, including:

  • Device Information: Device type, operating system, unique device identifiers
  • Usage Information: How you interact with the app, features used, time spent, and navigation patterns
  • Technical Information: IP address, browser type, app version, and crash reports
  • Location Information: General location data (country/region level) based on IP address, if applicable
  • Ad Attribution: To help us understand which marketing efforts are effective, we may use anonymised ad attribution data from AppsFlyer and other attribution providers.

1.3 Information from Third-Party Services

We may receive information from third-party services you connect to our app:

  • RevenueCat: Subscription status, purchase history, and subscription management
  • Payment Processors: Transaction information and payment status
  • Postmark: Email delivery status and engagement metrics
  • AppsFlyer: Ad attribution data, app install attribution, and in-app event tracking to help us understand which marketing efforts are effective. With your consent, AppsFlyer may also receive your user ID for attribution purposes.
  • Meta: Anonymised ad attribution data to help us understand which marketing efforts are effective.

2. How We Use Your Information

We use the information we collect to:

  • Provide and Improve Services: Deliver personalized content, exercises, and features tailored to your needs
  • Process Subscriptions: Manage your subscription, process payments, and handle renewals
  • Communicate with You: Send service updates, security alerts, support responses, important account information, and emails about the app, including feature updates, tips, and relevant information. By creating an account, you agree to receive these communications. You can unsubscribe from marketing emails at any time using the unsubscribe link in any email or by contacting us at hello@condri.app
  • Ensure Security: Detect and prevent fraud, abuse, and security threats
  • Comply with Legal Obligations: Meet legal requirements and respond to legal processes
  • Analytics and Improvement: Analyze usage patterns to improve our Services and develop new features

3. Data Storage and Location

Your data is primarily stored in Europe:

  • Primary Storage: Railway infrastructure with primary storage in Amsterdam, Netherlands
  • Backup and Redundancy: Data may be replicated to other European data centers for reliability
  • Third-Party Services: Some data may be processed by services with global infrastructure, but we ensure they comply with applicable data protection laws

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

4.1 Service Providers

We share information with trusted service providers who assist us in operating our Services:

  • RevenueCat: Subscription management and payment processing
  • Railway: Cloud infrastructure and data hosting
  • Postmark: Email delivery services
  • AppsFlyer: We share ad attribution data and in-app event information with AppsFlyer to help us understand which marketing efforts are effective. With your consent, we may also share your user ID with AppsFlyer for attribution purposes. This information helps us measure the effectiveness of our marketing campaigns and improve our services.
  • Meta: We share anonymous ad conversion data with Meta in order to understand which marketing efforts are effective. This information is provided in a privacy-preserving format and cannot be used to personally identify you
  • These providers are contractually obligated to protect your information and use it only for the purposes we specify

We may disclose your information if required by law, court order, or government regulation, or to:

  • Comply with legal processes or respond to government requests
  • Protect our rights, privacy, safety, or property
  • Enforce our Terms of Service
  • Prevent or investigate fraud or security issues

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control and give you the opportunity to export your data and exclude yourself from the transfer.

We may share your information in other ways with your explicit consent.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: Data at rest is encrypted using AES-256, and all network traffic containing private information is protected by TLS/SSL.
  • Access Controls: Limited access to personal information on a need-to-know basis.
  • Regular Security Assessments: Ongoing monitoring and assessment of our security practices.
  • Secure Infrastructure: Hosting on secure, compliant cloud infrastructure.

5.1 Railway Infrastructure Security

Our primary data storage and hosting infrastructure is provided by Railway, which implements comprehensive security measures:

  • Data at Rest Encryption: All data at rest within Railway’s systems, including our database, is encrypted using AES-256, providing robust protection against unauthorized access and ensuring data confidentiality.

  • Data in Transit Protection: All data transmitted between Railway and us is protected using Transport Layer Security (TLS). If encrypted communication is interrupted, the Railway application remains inaccessible to ensure data security.

6. Your Rights and Choices

We support your privacy rights regardless of where you are located. All users of our Services have the following rights regarding their personal information:

6.1 Right to Access

You can access and download your personal data through the app settings or by contacting us at hello@condri.app. You have the right to know what personal information we collect, use, and disclose about you. For more information about how to access and manage your data, see our Data Policy.

6.2 Right to Correction

You can update your account information directly in the app or by contacting us. You have the right to request correction of inaccurate or incomplete personal information.

6.3 Right to Deletion

You can request deletion of your account and associated data by contacting us at hello@condri.app. We will delete your information subject to legal retention requirements (such as obligations to retain certain data for legal, tax, or regulatory purposes).

6.4 Right to Data Portability

You can request a copy of your data in a structured, machine-readable format. We will provide your data in a commonly used format that allows you to transfer it to another service.

6.5 Right to Object and Restriction

You can object to certain processing activities or request restriction of processing where applicable. We will respect your preferences and work with you to find a solution that meets your needs while allowing us to provide our Services.

Where processing is based on consent, you can withdraw consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

6.7 Email Communication Preferences

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link included in any email we send, or by contacting us at hello@condri.app. Please note that even if you unsubscribe from marketing emails, we may still send you essential service-related communications, such as security alerts, account notifications, and important updates about your subscription.

6.8 Right to Opt-Out of Sale or Sharing

We do not sell your personal information. We also do not share your personal information for cross-context behavioral advertising. If our practices change in the future, we will notify you and provide you with the ability to opt-out.

6.9 Right to Non-Discrimination

We will not discriminate against you for exercising your privacy rights. We will not deny you services, charge you different prices, or provide you with a different level or quality of services because you exercised your privacy rights.

6.10 How to Exercise Your Rights

To exercise any of these rights, please contact us at hello@condri.app. We will verify your identity before processing your request to protect your privacy and security. We will respond to your request within a reasonable timeframe, typically within 30 days, though some jurisdictions may require faster responses.

While we support these rights for all users, certain jurisdictions have specific legal frameworks that provide additional protections:

  • European Economic Area (EEA): If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

  • United States: If you are a resident of the United States, you may have additional rights under state privacy laws such as the California Consumer Privacy Act (CCPA) and other applicable state and federal privacy laws. These laws may provide additional protections or different procedures for exercising your rights.

Regardless of your location, we are committed to protecting your privacy and will work with you to address any concerns you may have.

7. Children’s Privacy

Condri is intended for individuals who are 18 years of age or older.

  • If you are 13 to 17 years old, you may only use Condri with the supervision of a parent, legal guardian, or licensed mental health professional
  • Children under 13 years old are not permitted to use Condri under any circumstances

If we learn that an account has been created by someone under 13, or without appropriate consent in the 13–17 range, we will terminate the account and remove any related data.

8. International Data Transfers

Your data is primarily stored and processed in Europe. If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

9. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our Services to you
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements
  • Maintain security and prevent fraud

When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it for legal purposes.

10. Cookies and Tracking Technologies

Our website and app may use cookies and similar tracking technologies:

  • Functional Cookies: Essential for the app to function properly
  • Analytics Cookies: Help us understand how users interact with our Services (with your consent)
  • Preferences: Remember your settings and preferences

You can control cookies through your browser or device settings. Note that disabling certain cookies may affect app functionality.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending an email to the address associated with your account
  • Displaying a notice in the app

Your continued use of our Services after such changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: hello@condri.app

We will respond to your inquiry within a reasonable timeframe.

13. Governing Law

This Privacy Policy is governed by the laws of the jurisdiction in which Condri App LLC operates. We comply with applicable data protection regulations worldwide, including:

  • General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA)
  • California Consumer Privacy Act (CCPA) and other applicable state and federal privacy laws in the United States
  • Other applicable privacy and data protection laws in jurisdictions where we operate

As stated throughout this policy, we support privacy rights for all users regardless of their location, and we comply with the most protective standards applicable to your data.