LullaWave Privacy Policy

The short version

Your privacy matters. Here’s a plain-English summary of how LullaWave handles your information.

What we collect

When you sign up

We collect your name and email on lullawave.app/begintonight. That’s it — no phone number, no demographics, nothing else at signup.

When you use the app

LullaWave offers two ways to do the ritual — a voice-led ritual where you speak in response to prompts, and Touch Mode where you tap selections on screen instead. You can switch between them at any time in the app.

If you use the voice-led ritual, the microphone listens for what you share after each prompt. Your voice isn’t recorded or stored — it’s transcribed in real time. On iOS, LullaWave uses Apple’s Speech Recognition, which runs on your device; small amounts of audio may briefly route to Apple’s servers to improve recognition accuracy, governed by Apple’s privacy policy. The transcribed text shapes that night’s ritual and is discarded when the session ends.

When you use Touch Mode

In Touch Mode, you complete the ritual by tapping selections on screen rather than speaking. The microphone is not engaged. No voice transcription occurs. No audio of any kind is captured, recorded, or sent to Apple or OpenAI in a Touch Mode session.

What we record from a Touch Mode session is the sequence of tile selections you made. This information shapes that night’s ritual; it does not include any free-text or verbal input, because none is captured. See “How we use it” for more on what we do with it.

Stored on your device

The app keeps a few preferences on your device so it remembers your choices between sessions — your mode preference (Voice or Touch), your voice selection, duration setting, nightly-reminder preferences, and a sign-in token. This data stays on your device and is removed when you sign out or uninstall the app.

How we use it

We use your name and email to send you what you need to begin — the download link, a receipt if you’ve upgraded to Premium, and any updates you’ve opted into. What you share during the ritual — whether you speak it or tap it — helps us shape that night’s soundscape (see Third-party services for the subprocessors involved). We don’t store it for any other purpose, sell it, or share it beyond the providers listed below.

If you use the voice-led ritual, what you say is used only to shape that night’s experience and is not retained after the session ends. We do not store the text of what you said in our systems beyond the duration of the session, and we do not associate the text of what you said with your account.

If you use Touch Mode, your tile selections shape that night’s ritual the same way speech does. The sequence of selections is used only to shape that night’s experience and is not retained after the session ends. We do not associate your tile selections with your account beyond the duration of the session. It never includes any free-text or verbal input, because Touch Mode captures none.

What we don’t collect

We don’t collect biometric or health data. We don’t track your location. We don’t have any advertising or marketing analytics SDKs in the app. We don’t track you across other apps or websites. We don’t sell your information.

Messages from us

Emails. If you opt in, we may send you emails. You can unsubscribe at the bottom of any email.

Nightly reminders. If you turn on nightly reminders in the app, your device schedules them locally — we don’t send them, your phone does. You can turn them off anytime in the app’s settings.

Payment

If you upgrade to Premium, payment is processed by Stripe. We don’t see or store your card details — Stripe handles that directly.

Third-party services

LullaWave relies on a small set of trusted service providers:

• GoHighLevel. Stores your account details — name, email, plan, and your voice and duration preferences. Also hosts our marketing website at lullawave.app. As part of operating the website, GoHighLevel’s platform sets a first-party cookie (msgsndr_id) on lullawave.app and stores small amounts of session, navigation, marketing-attribution, and browser-fingerprint data in your browser’s local storage. These behaviors are configured by GoHighLevel as part of using their hosting service rather than by us, are documented in GoHighLevel’s cookies policy, and are used to operate the website.
• Cloudflare. Hosts our backend services and the audio files the app plays during the ritual. Also operates a Real User Monitoring (RUM) service on lullawave.app that collects aggregate performance telemetry — page load times, browser performance metrics, and similar technical signals — used to help us understand how the site performs for visitors. Cloudflare’s use of this data is governed by Cloudflare’s privacy practices.
• Apple Speech Recognition. Transcribes what you share during the ritual, as described under “When you use the app” above. Used only when you use the voice-led ritual; Touch Mode sessions do not engage Apple Speech Recognition.
• OpenAI. To help us select prompts that fit what you shared tonight, what you say during the ritual is sent to OpenAI’s language model (gpt-4o-mini) for a brief interpretation. The AI runs on a small fraction of sessions and, for safety purposes, only on inputs that match a list of specific phrases we’ve defined. We send only the text of what you said — your name, email, and account identifier are not included in the request to OpenAI. (Internally, our backend associates the text with your account for the duration of the session in order to shape that night’s ritual; this association is not persisted after the session ends.) Under our current contract with OpenAI and OpenAI’s standard API terms, the data we send is not used to train OpenAI’s models, and OpenAI retains it for up to 30 days for security and abuse-monitoring purposes only. We will update this policy if these terms change. Used only when you use the voice-led ritual; Touch Mode sessions do not invoke OpenAI.
• Stripe. Processes Premium subscriptions. LullaWave never sees or stores your card details. When you visit the upgrade page and Stripe’s checkout form loads, Stripe sets two first-party cookies on lullawave.app (__stripe_mid for fraud detection, lasting about a year, and __stripe_sid for session continuity during checkout, lasting about thirty minutes). These cookies are set by Stripe to operate the payment form and are governed by Stripe’s privacy practices.
• GoatCounter. Privacy-respecting website analytics — no cookies, no IP tracking, no individual-user profiling. Helps us understand which pages of lullawave.app are being read, in aggregate. GoatCounter is not active in the iOS app.
• Google reCAPTCHA. Protects the signup form on our website from spam. Google’s use of data through reCAPTCHA is governed by Google’s Privacy Policy and Terms of Service.
• Google Fonts. Serves the typefaces used across LullaWave. Your IP address may be visible to Google’s font servers when fonts are requested from your browser. Google’s use of this data is governed by Google’s privacy practices.

If you are in crisis

LullaWave is a nighttime ritual, not a clinical or medical service. What you share is treated with care, but it isn’t therapy or treatment. If you’re in distress, please reach out for help directly. In the U.S., you can call or text 988 for the Suicide & Crisis Lifeline. The National Domestic Violence Hotline is 1-800-799-7233. International options are listed at findahelpline.com. For postpartum-specific support, Postpartum Support International is reachable at 1-800-944-4773. For immediate physical danger to yourself or others, call 911.

If you say something concerning

In rare cases where you say something that includes explicit language about harming yourself or someone else — or certain other phrasings the system specifically recognizes — the app will pause the wind-down and surface crisis resources. Recognition runs in two steps on our backend: a list of specific phrases we’ve defined, and a brief AI check (using OpenAI’s gpt-4o-mini) to filter false positives where the same phrases appear in non-distress contexts (negation, hyperbole, third-party reporting, recovery framing). The AI step does not search for distress in language that doesn’t match the list. The app does not interpret your wider conversation, monitor for signs of distress over time, or contact anyone on your behalf — not emergency services, not a family member, not a clinician. We log that a recognition occurred — the time, the variant of the message played, your account identifier, and a one-way fingerprint of the input (a short cryptographic hash that lets us detect that something was said in this category, but cannot be reversed to recover what you said) — but we do not log what you said. We retain this safety-system metadata for up to 12 months for service-improvement purposes; it does not include the text of what you said. Where the system recognizes that an input is postpartum-related, we also surface Postpartum Support International alongside the other resources. LullaWave is not a crisis service; this step is a hand-off to one.

This recognition runs only on what you say during the voice-led ritual. Touch Mode tile selections are not routed through the recognition system, and selecting any single tile — even one that names a hard feeling — does not trigger crisis resources by itself. The tile vocabulary draws on research in felt-sense awareness and emotional expression for honest use at bedtime; it isn’t a crisis-detection mechanism. If you are in crisis, the resources above remain accessible from inside Touch Mode.

Your control

Access and deletion. You can request access to, correction of, or deletion of your data at any time by emailing [email protected]. We’ll respond within 30 days.

Retention. We keep your account data while your account is active, and for up to 60 days after account closure in case you change your mind. After that, it’s deleted from our systems — except where we’re legally required to retain records, such as Stripe’s retention of payment transaction records for tax compliance.

For California residents

The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you specific rights in your personal information. This section is provided to satisfy those disclosure requirements.

Categories of personal information we collect. In the preceding 12 months, LullaWave has collected the following categories of personal information: identifiers (name, email, account identifier); customer records (the same identifiers, treated as a customer-records category under California law); commercial information (subscription status, billing records held by Stripe); internet or other electronic activity (which mode you selected (Voice or Touch); which voice you selected, which duration you selected, your nightly-reminder preferences; if you use Touch Mode, the sequence of tile selections you made during the session, used only for that night’s experience and not retained after the session ends; and, on our marketing website, session-tracking, navigation-history, marketing-attribution, and browser-fingerprint data collected by our hosting platform (GoHighLevel), along with aggregate performance telemetry collected by our content-delivery provider (Cloudflare)); and audio, electronic, or similar information (the text of what you said during the voice-led ritual, used only for that night’s experience and not retained after the session ends; this category does not apply to Touch Mode sessions, which do not capture audio).

Categories of sources. We collect this information directly from you (when you sign up, when you use the app, when you upgrade to Premium) and from our subprocessors in the limited capacities described in “Third-party services” above (for example, Stripe provides us with subscription status; Apple Speech Recognition provides us with the transcribed text of what you said).

Business and commercial purposes. We use this information to provide the service to you (delivering the ritual, the soundscape, and the safety routing), to communicate with you (sending account emails, receipts, and any updates you’ve opted into), to maintain the security of our systems, to comply with our legal obligations, and to support the proper functioning of the safety system. We do not use it for advertising, profiling, or any other commercial purpose.

Categories of third parties. We disclose information to the subprocessors listed in “Third-party services” above, each in the specific capacity described there. We do not disclose your information to advertisers, data brokers, or any third party for purposes other than the operation of the service.

Sale and sharing. We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We have not sold or shared personal information in the preceding 12 months.

Sensitive personal information. The text of what you say during the ritual may, depending on what you say, contain content that California law treats as sensitive personal information (for example, information that could reveal mental or physical health). We use this information solely to shape that night’s ritual and the safety routing if applicable, and we do not retain it after the session ends. We do not use sensitive personal information for any purpose that would require us to provide a right-to-limit option under California Civil Code § 1798.121.

Retention. We retain your account information for as long as your account is active and for up to 60 days after account closure. The text of what you say during the voice-led ritual is not retained after the session ends. The sequence of tile selections you make during a Touch Mode session is similarly not retained after the session ends. Stripe retains payment-transaction records for the period required by tax law. Safety-system metadata (the timestamp, the variant of the message played, your account identifier, and the one-way fingerprint described above) is retained for up to 12 months for service-improvement purposes; it does not include the text of what you said.

Your rights. As a California resident, you have the right to know what personal information we collect about you, the right to delete your personal information (subject to legal exceptions), the right to correct inaccurate personal information, the right to opt out of any sale or sharing of personal information for cross-context behavioral advertising (LullaWave does not engage in either), the right to limit our use of sensitive personal information for purposes that would otherwise require this option (LullaWave does not engage in any such use), and the right to be free from retaliation for exercising these rights. To exercise any of these rights, contact us at [email protected]. We will respond within 45 days. We may need to verify your identity before responding to certain requests; we will use the email associated with your account for that purpose.

For EU, EEA, and UK residents

We’re available in the United States and Canada for now. If you’re in the European Union, the European Economic Area, the United Kingdom, or elsewhere, we aren’t ready for you yet — but we’re working toward it. When we are, this section will name the rights and disclosures the GDPR and UK GDPR require, and we’ll update this page.

Children

LullaWave is not intended for children under 13, and we don’t knowingly collect personal information from anyone under 13. If you believe a child has used LullaWave, please email [email protected] and we’ll delete their information.

Changes to this policy

If we update this policy, we’ll change the “Last updated” date at the top. If the changes are material, we’ll also let you know by email.