Privacy Policy
Arul Health – Privacy Policy
Last updated: September 15, 2025
At Arul Health, your privacy matters. This Privacy Policy explains what data we collect, how we use it, and the choices you have when using the Arul Health mobile app, website, and clinical therapy services (together, the “Services”). By using the Services, you agree to this Policy.
Clinical note: When you receive therapy from a licensed clinician via Arul Health’s affiliated professional entities (“Arul Health Therapy”), some of your information is Protected Health Information (PHI). For PHI, Arul Health Therapy’s Notice of Privacy Practices (NPP) governs how PHI is used and disclosed under U.S. law (e.g., HIPAA). This Policy works alongside the NPP. Where there is a conflict, the NPP controls for PHI.
1) Scope & Who We Are
Arul Health, Inc. provides the platform, app, and non-clinical operations.
Arul Health Therapy refers to affiliated professional entities and licensed clinicians who deliver clinical care. Clinicians control your clinical record and comply with applicable health‑privacy and telehealth laws.
This Policy applies to app wellness features (AI check‑ins, meditations, community wall) and to administrative/operational data for therapy. PHI created in therapy is covered by the NPP.
2) Information We Collect
We collect information in three main ways:
a) Information You Provide
Account: Name, email, password, age confirmation (18+ or verified guardian consent for minors where permitted), state/country, and preferences.
Messages & AI Check‑ins (App): Content shared with the AI companion via SMS/iMessage or in‑app chat. (Limit sensitive details in SMS/iMessage.)
Community Prompt Wall (App): Reflections and responses you choose to share with the community.
Therapy Intake & Sessions (Clinical): Information you provide during intake forms, screening tools, treatment planning, and sessions (may include medical/mental health history, symptoms, goals). This is PHI and governed by the NPP.
Insurance & Payments (Therapy): Insurance member info, eligibility responses, copays/coinsurance, and limited billing details necessary to submit/bill claims. Payment card data is processed by our third‑party processors (e.g., App Store, Google Play, Stripe); we do not store full card numbers.
Support & Feedback: Information you submit when contacting us.
b) Information We Collect Automatically (App Use)
Usage Data: App activity (e.g., meditations played, feature interactions), dates/times.
Device & Diagnostics: Device type, OS version, IP address, crash logs, performance metrics.
Cookies/Analytics (Website & App): Limited first‑party/authorized third‑party analytics to understand usage and improve the experience.
c) Information from SMS/iMessage (AI Companion)
If you use the AI companion through iMessage or SMS, we collect the content of those messages to personalize responses. This content is processed securely and never sold. SMS/iMessage are not end‑to‑end encrypted by us; avoid sharing highly sensitive details there.
3) How We Use Your Information
We use information to:
Deliver and personalize app wellness features (meditations, check‑ins).
Operate, secure, and improve the app and platform; debug and troubleshoot.
Provide therapy, including scheduling, eligibility, billing, clinical coordination, and quality assurance (PHI uses/disclosures for Treatment, Payment, and Healthcare Operations are detailed in the NPP).
Support you, including responding to messages and support requests.
Moderate community safety on the prompt wall.
Send important notices (e.g., appointment reminders, policy updates). Some messages are required to deliver services.
Training & Supervision (Clinical): Consistent with law and ethics, some session notes may be reviewed by a supervising clinician for training/quality purposes. Supervisors are bound by confidentiality. (See NPP.)
We do not sell your data and do not use your PHI for advertising.
4) How We Share Information
We share limited information with trusted service providers who help us operate Arul Health. Examples include:
Cloud & Hosting: e.g., secure databases, file storage.
Video/Telehealth & Communications: platforms that enable secure sessions, e‑fax, email/SMS (administrative notices), and portal messaging.
Analytics & Crash Reporting: to understand feature performance and stability.
Payments & Insurance: processors (e.g., Stripe) and, where applicable, insurance clearinghouses or payors to process claims.
For PHI, we enter into required Business Associate Agreements (BAAs) with vendors where applicable. All partners must protect your information and use it only to support Arul Health.
We may disclose information if required by law, court order, or to prevent harm. See the NPP for PHI‑specific disclosures.
5) Coaching vs. Therapy (What Changed)
Arul Health now offers licensed therapy. Coaching language in prior policies has been updated. If you still use legacy coaching resources, note: coaching records remain confidential but are separate from clinical records. For therapy, your information is PHI and governed by the NPP.
6) Data Retention
Clinical Records (Therapy): Retained in accordance with applicable laws and professional standards (often 6–10 years from last service date, longer for minors). Exact periods may vary by state/province.
App Data: Retained as long as needed to provide and improve the Services or as required by law.
Deletion Requests: You can request deletion of your app account. Clinical records may be retained as required by law even after account deletion. See Your Choices & Rights below.
7) Your Choices & Rights
Your rights depend on where you live and what type of data is involved.
For PHI (Therapy) – HIPAA/NPP Rights
Subject to legal exceptions, you may have the right to:
Access and receive a copy of your clinical record.
Request amendments to your record.
Request an accounting of certain disclosures.
Request restrictions on certain uses/disclosures.
Request confidential communications (e.g., alternate address/phone).
Receive a paper or electronic copy of the NPP.
How to exercise: Follow instructions in the NPP or contact privacy@arulhealth.com.
For App/Website Data – Consumer Privacy (e.g., CCPA/CPRA, VCDPA, etc.)
Depending on your jurisdiction, you may request to:
Know/Access the categories and specific pieces of personal information we hold.
Delete personal information (subject to legal exceptions, including clinical record retention laws).
Correct inaccuracies.
Opt out of certain data sharing/processing where applicable.
How to exercise: Email privacy@arulhealth.com. We will verify your request and respond within required timeframes.
8) Security
We use administrative, technical, and physical safeguards to protect information (e.g., encryption in transit and at rest where applicable, role‑based access, logging). No system is 100% secure; please use the Services responsibly and report concerns to security@arulhealth.com.
9) Communications Preferences
Reminders and Notices: You may receive emails/SMS/phone reminders and administrative messages. Delivery is not guaranteed; do not rely on these for urgent needs.
Marketing Messages: We do not use PHI for marketing without your written authorization. You can opt out of non‑essential emails within those messages.
SMS/iMessage: These are not controlled by us end‑to‑end; limit sensitive content when using them.
10) International Users & Data Transfers
If you access the Services from outside the U.S., your information may be transferred to and processed in the U.S. or other countries with different data‑protection laws. Where required, we use appropriate safeguards for such transfers.
11) Children & Minors
The Services are designed for adults 18+. Therapy for minors may be available only with verified parental/guardian consent and as permitted by law. We do not knowingly collect information from children without required consent.
12) Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will notify you in the app or by email and update the “Last updated” date. Your continued use of the Services after changes take effect constitutes acceptance.
13) Contact Us
General & Privacy: privacy@arulhealth.com
Clinical Records/PHI requests: Follow your NPP instructions or contact privacy@arulhealth.com
Support: support@arulhealth.com
In an emergency, call 911 (U.S.) or your local emergency number.
At Arul Health, your privacy matters. This Privacy Policy explains what data we collect, how we use it, and what choices you have. By using Arul Health’s services, you agree to the terms described below.
1. What Information We Collect
We collect information in three main ways:
a. Information You Provide
Account Information: Name, email, password, age (18+ only)
Messages & AI Check-ins: Content shared with the AI companion via SMS or iMessage
Prompt Wall Posts: Reflections and responses shared publicly on the community wall
Feedback & Support Requests: Any information you voluntarily submit when contacting us
b. Information We Collect Automatically
Usage Data: App activity, meditation sessions played, interaction with features
Device Info: Device type, OS version, IP address, crash logs, and diagnostics
Cookies & Analytics: We use limited tracking (e.g., to understand app usage and improve the experience).
c. Information from SMS/iMessage
If you use the AI companion through iMessage or SMS, we collect the content of those messages to personalize responses and provide support. This content is securely processed and never sold.
Note: We do not collect or store any payment information. Payments are handled securely through third-party providers like the App Store or Stripe.
2. How We Use Your Data
We use your data to:
Provide personalized meditations and emotional check-ins
Operate, improve, and troubleshoot the app
Respond to messages and support requests
Monitor community safety on the prompt wall
Send important updates or reminders
Understand usage patterns to improve the experience
We do not sell your data or share it for advertising purposes.
3. Who We Share Your Data With
We may share limited data with trusted service providers that help us run Arul Health, such as:
Cloud storage (e.g., Firebase)
Analytics tools
Customer support platforms
All partners are required to keep your information secure and use it only as necessary to provide services to Arul.
We may disclose information if required by law, court order, or to prevent harm.
4. Data Retention
We keep your information only as long as necessary to provide the Services or as required by law. You can request deletion of your account and data by emailing us at eshan@arulhealth.com.
5. Your Rights
You can:
Access or update your account information
Delete your account
Request that we delete your data
Ask about what data we have and how it’s used
To make any of these requests, email us at eshan@arulhealth.com. We’ll respond within 30 days.
6. Security
We take data security seriously. We use encryption, secure cloud storage, and access controls to protect your information. Still, no system is 100% secure—please use the app responsibly.
7. Children
Arul Health is intended for users age 18 and older. We do not knowingly collect information from anyone under 18.
8. Changes to This Policy
We may update this Privacy Policy from time to time. If we make changes, we’ll notify you in the app or by email. Your continued use of Arul means you accept the updated policy.
9. Contact Us
Questions? Concerns? Email us at eshan@arulhealth.com.
Arul Health – Privacy Policy
Last updated: September 15, 2025
At Arul Health, your privacy matters. This Privacy Policy explains what data we collect, how we use it, and the choices you have when using the Arul Health mobile app, website, and clinical therapy services (together, the “Services”). By using the Services, you agree to this Policy.
Clinical note: When you receive therapy from a licensed clinician via Arul Health’s affiliated professional entities (“Arul Health Therapy”), some of your information is Protected Health Information (PHI). For PHI, Arul Health Therapy’s Notice of Privacy Practices (NPP) governs how PHI is used and disclosed under U.S. law (e.g., HIPAA). This Policy works alongside the NPP. Where there is a conflict, the NPP controls for PHI.
1) Scope & Who We Are
Arul Health, Inc. provides the platform, app, and non-clinical operations.
Arul Health Therapy refers to affiliated professional entities and licensed clinicians who deliver clinical care. Clinicians control your clinical record and comply with applicable health‑privacy and telehealth laws.
This Policy applies to app wellness features (AI check‑ins, meditations, community wall) and to administrative/operational data for therapy. PHI created in therapy is covered by the NPP.
2) Information We Collect
We collect information in three main ways:
a) Information You Provide
Account: Name, email, password, age confirmation (18+ or verified guardian consent for minors where permitted), state/country, and preferences.
Messages & AI Check‑ins (App): Content shared with the AI companion via SMS/iMessage or in‑app chat. (Limit sensitive details in SMS/iMessage.)
Community Prompt Wall (App): Reflections and responses you choose to share with the community.
Therapy Intake & Sessions (Clinical): Information you provide during intake forms, screening tools, treatment planning, and sessions (may include medical/mental health history, symptoms, goals). This is PHI and governed by the NPP.
Insurance & Payments (Therapy): Insurance member info, eligibility responses, copays/coinsurance, and limited billing details necessary to submit/bill claims. Payment card data is processed by our third‑party processors (e.g., App Store, Google Play, Stripe); we do not store full card numbers.
Support & Feedback: Information you submit when contacting us.
b) Information We Collect Automatically (App Use)
Usage Data: App activity (e.g., meditations played, feature interactions), dates/times.
Device & Diagnostics: Device type, OS version, IP address, crash logs, performance metrics.
Cookies/Analytics (Website & App): Limited first‑party/authorized third‑party analytics to understand usage and improve the experience.
c) Information from SMS/iMessage (AI Companion)
If you use the AI companion through iMessage or SMS, we collect the content of those messages to personalize responses. This content is processed securely and never sold. SMS/iMessage are not end‑to‑end encrypted by us; avoid sharing highly sensitive details there.
3) How We Use Your Information
We use information to:
Deliver and personalize app wellness features (meditations, check‑ins).
Operate, secure, and improve the app and platform; debug and troubleshoot.
Provide therapy, including scheduling, eligibility, billing, clinical coordination, and quality assurance (PHI uses/disclosures for Treatment, Payment, and Healthcare Operations are detailed in the NPP).
Support you, including responding to messages and support requests.
Moderate community safety on the prompt wall.
Send important notices (e.g., appointment reminders, policy updates). Some messages are required to deliver services.
Training & Supervision (Clinical): Consistent with law and ethics, some session notes may be reviewed by a supervising clinician for training/quality purposes. Supervisors are bound by confidentiality. (See NPP.)
We do not sell your data and do not use your PHI for advertising.
4) How We Share Information
We share limited information with trusted service providers who help us operate Arul Health. Examples include:
Cloud & Hosting: e.g., secure databases, file storage.
Video/Telehealth & Communications: platforms that enable secure sessions, e‑fax, email/SMS (administrative notices), and portal messaging.
Analytics & Crash Reporting: to understand feature performance and stability.
Payments & Insurance: processors (e.g., Stripe) and, where applicable, insurance clearinghouses or payors to process claims.
For PHI, we enter into required Business Associate Agreements (BAAs) with vendors where applicable. All partners must protect your information and use it only to support Arul Health.
We may disclose information if required by law, court order, or to prevent harm. See the NPP for PHI‑specific disclosures.
5) Coaching vs. Therapy (What Changed)
Arul Health now offers licensed therapy. Coaching language in prior policies has been updated. If you still use legacy coaching resources, note: coaching records remain confidential but are separate from clinical records. For therapy, your information is PHI and governed by the NPP.
6) Data Retention
Clinical Records (Therapy): Retained in accordance with applicable laws and professional standards (often 6–10 years from last service date, longer for minors). Exact periods may vary by state/province.
App Data: Retained as long as needed to provide and improve the Services or as required by law.
Deletion Requests: You can request deletion of your app account. Clinical records may be retained as required by law even after account deletion. See Your Choices & Rights below.
7) Your Choices & Rights
Your rights depend on where you live and what type of data is involved.
For PHI (Therapy) – HIPAA/NPP Rights
Subject to legal exceptions, you may have the right to:
Access and receive a copy of your clinical record.
Request amendments to your record.
Request an accounting of certain disclosures.
Request restrictions on certain uses/disclosures.
Request confidential communications (e.g., alternate address/phone).
Receive a paper or electronic copy of the NPP.
How to exercise: Follow instructions in the NPP or contact privacy@arulhealth.com.
For App/Website Data – Consumer Privacy (e.g., CCPA/CPRA, VCDPA, etc.)
Depending on your jurisdiction, you may request to:
Know/Access the categories and specific pieces of personal information we hold.
Delete personal information (subject to legal exceptions, including clinical record retention laws).
Correct inaccuracies.
Opt out of certain data sharing/processing where applicable.
How to exercise: Email privacy@arulhealth.com. We will verify your request and respond within required timeframes.
8) Security
We use administrative, technical, and physical safeguards to protect information (e.g., encryption in transit and at rest where applicable, role‑based access, logging). No system is 100% secure; please use the Services responsibly and report concerns to security@arulhealth.com.
9) Communications Preferences
Reminders and Notices: You may receive emails/SMS/phone reminders and administrative messages. Delivery is not guaranteed; do not rely on these for urgent needs.
Marketing Messages: We do not use PHI for marketing without your written authorization. You can opt out of non‑essential emails within those messages.
SMS/iMessage: These are not controlled by us end‑to‑end; limit sensitive content when using them.
10) International Users & Data Transfers
If you access the Services from outside the U.S., your information may be transferred to and processed in the U.S. or other countries with different data‑protection laws. Where required, we use appropriate safeguards for such transfers.
11) Children & Minors
The Services are designed for adults 18+. Therapy for minors may be available only with verified parental/guardian consent and as permitted by law. We do not knowingly collect information from children without required consent.
12) Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will notify you in the app or by email and update the “Last updated” date. Your continued use of the Services after changes take effect constitutes acceptance.
13) Contact Us
General & Privacy: privacy@arulhealth.com
Clinical Records/PHI requests: Follow your NPP instructions or contact privacy@arulhealth.com
Support: support@arulhealth.com
In an emergency, call 911 (U.S.) or your local emergency number.
Arul Health – Privacy Policy
Last updated: September 15, 2025
At Arul Health, your privacy matters. This Privacy Policy explains what data we collect, how we use it, and the choices you have when using the Arul Health mobile app, website, and clinical therapy services (together, the “Services”). By using the Services, you agree to this Policy.
Clinical note: When you receive therapy from a licensed clinician via Arul Health’s affiliated professional entities (“Arul Health Therapy”), some of your information is Protected Health Information (PHI). For PHI, Arul Health Therapy’s Notice of Privacy Practices (NPP) governs how PHI is used and disclosed under U.S. law (e.g., HIPAA). This Policy works alongside the NPP. Where there is a conflict, the NPP controls for PHI.
1) Scope & Who We Are
Arul Health, Inc. provides the platform, app, and non-clinical operations.
Arul Health Therapy refers to affiliated professional entities and licensed clinicians who deliver clinical care. Clinicians control your clinical record and comply with applicable health‑privacy and telehealth laws.
This Policy applies to app wellness features (AI check‑ins, meditations, community wall) and to administrative/operational data for therapy. PHI created in therapy is covered by the NPP.
2) Information We Collect
We collect information in three main ways:
a) Information You Provide
Account: Name, email, password, age confirmation (18+ or verified guardian consent for minors where permitted), state/country, and preferences.
Messages & AI Check‑ins (App): Content shared with the AI companion via SMS/iMessage or in‑app chat. (Limit sensitive details in SMS/iMessage.)
Community Prompt Wall (App): Reflections and responses you choose to share with the community.
Therapy Intake & Sessions (Clinical): Information you provide during intake forms, screening tools, treatment planning, and sessions (may include medical/mental health history, symptoms, goals). This is PHI and governed by the NPP.
Insurance & Payments (Therapy): Insurance member info, eligibility responses, copays/coinsurance, and limited billing details necessary to submit/bill claims. Payment card data is processed by our third‑party processors (e.g., App Store, Google Play, Stripe); we do not store full card numbers.
Support & Feedback: Information you submit when contacting us.
b) Information We Collect Automatically (App Use)
Usage Data: App activity (e.g., meditations played, feature interactions), dates/times.
Device & Diagnostics: Device type, OS version, IP address, crash logs, performance metrics.
Cookies/Analytics (Website & App): Limited first‑party/authorized third‑party analytics to understand usage and improve the experience.
c) Information from SMS/iMessage (AI Companion)
If you use the AI companion through iMessage or SMS, we collect the content of those messages to personalize responses. This content is processed securely and never sold. SMS/iMessage are not end‑to‑end encrypted by us; avoid sharing highly sensitive details there.
3) How We Use Your Information
We use information to:
Deliver and personalize app wellness features (meditations, check‑ins).
Operate, secure, and improve the app and platform; debug and troubleshoot.
Provide therapy, including scheduling, eligibility, billing, clinical coordination, and quality assurance (PHI uses/disclosures for Treatment, Payment, and Healthcare Operations are detailed in the NPP).
Support you, including responding to messages and support requests.
Moderate community safety on the prompt wall.
Send important notices (e.g., appointment reminders, policy updates). Some messages are required to deliver services.
Training & Supervision (Clinical): Consistent with law and ethics, some session notes may be reviewed by a supervising clinician for training/quality purposes. Supervisors are bound by confidentiality. (See NPP.)
We do not sell your data and do not use your PHI for advertising.
4) How We Share Information
We share limited information with trusted service providers who help us operate Arul Health. Examples include:
Cloud & Hosting: e.g., secure databases, file storage.
Video/Telehealth & Communications: platforms that enable secure sessions, e‑fax, email/SMS (administrative notices), and portal messaging.
Analytics & Crash Reporting: to understand feature performance and stability.
Payments & Insurance: processors (e.g., Stripe) and, where applicable, insurance clearinghouses or payors to process claims.
For PHI, we enter into required Business Associate Agreements (BAAs) with vendors where applicable. All partners must protect your information and use it only to support Arul Health.
We may disclose information if required by law, court order, or to prevent harm. See the NPP for PHI‑specific disclosures.
5) Coaching vs. Therapy (What Changed)
Arul Health now offers licensed therapy. Coaching language in prior policies has been updated. If you still use legacy coaching resources, note: coaching records remain confidential but are separate from clinical records. For therapy, your information is PHI and governed by the NPP.
6) Data Retention
Clinical Records (Therapy): Retained in accordance with applicable laws and professional standards (often 6–10 years from last service date, longer for minors). Exact periods may vary by state/province.
App Data: Retained as long as needed to provide and improve the Services or as required by law.
Deletion Requests: You can request deletion of your app account. Clinical records may be retained as required by law even after account deletion. See Your Choices & Rights below.
7) Your Choices & Rights
Your rights depend on where you live and what type of data is involved.
For PHI (Therapy) – HIPAA/NPP Rights
Subject to legal exceptions, you may have the right to:
Access and receive a copy of your clinical record.
Request amendments to your record.
Request an accounting of certain disclosures.
Request restrictions on certain uses/disclosures.
Request confidential communications (e.g., alternate address/phone).
Receive a paper or electronic copy of the NPP.
How to exercise: Follow instructions in the NPP or contact privacy@arulhealth.com.
For App/Website Data – Consumer Privacy (e.g., CCPA/CPRA, VCDPA, etc.)
Depending on your jurisdiction, you may request to:
Know/Access the categories and specific pieces of personal information we hold.
Delete personal information (subject to legal exceptions, including clinical record retention laws).
Correct inaccuracies.
Opt out of certain data sharing/processing where applicable.
How to exercise: Email privacy@arulhealth.com. We will verify your request and respond within required timeframes.
8) Security
We use administrative, technical, and physical safeguards to protect information (e.g., encryption in transit and at rest where applicable, role‑based access, logging). No system is 100% secure; please use the Services responsibly and report concerns to security@arulhealth.com.
9) Communications Preferences
Reminders and Notices: You may receive emails/SMS/phone reminders and administrative messages. Delivery is not guaranteed; do not rely on these for urgent needs.
Marketing Messages: We do not use PHI for marketing without your written authorization. You can opt out of non‑essential emails within those messages.
SMS/iMessage: These are not controlled by us end‑to‑end; limit sensitive content when using them.
10) International Users & Data Transfers
If you access the Services from outside the U.S., your information may be transferred to and processed in the U.S. or other countries with different data‑protection laws. Where required, we use appropriate safeguards for such transfers.
11) Children & Minors
The Services are designed for adults 18+. Therapy for minors may be available only with verified parental/guardian consent and as permitted by law. We do not knowingly collect information from children without required consent.
12) Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will notify you in the app or by email and update the “Last updated” date. Your continued use of the Services after changes take effect constitutes acceptance.
13) Contact Us
General & Privacy: privacy@arulhealth.com
Clinical Records/PHI requests: Follow your NPP instructions or contact privacy@arulhealth.com
Support: support@arulhealth.com