MetaLife

Privacy Policy

Effective date: April 2026 · Last updated: April 2026

MetaLife (“we”, “us”, “our”), operated by AdaptiveMind OÜ (Estonia), provides the MetaLife application at metalife-app.com. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our service.

01Data We Collect

We collect the following categories of personal data:

Account information
Email address, name, and authentication credentials (hashed passwords or Google OAuth tokens).
Journal entries
Text content, mood scores, sleep scores, and any structured data you provide.
Habits and goals
Habit definitions, tracking logs, goal descriptions, milestones, and progress data.
Voice messages
Audio sent via Telegram or the web app is transcribed to text using OpenAI Whisper, then the audio file is immediately deleted. We do not retain audio recordings.
Images
Photos attached to entries are stored server-side and served through an authenticated proxy. Only you can access your images.
Location data
If you enable weather features, we use your configured location (city or coordinates) to fetch weather data. We do not track your real-time location.
Usage data
Timestamps of actions, feature usage patterns, and error logs necessary for service operation.

03How We Use Your Data

  • To provide and maintain the MetaLife service.
  • To classify journal entries and generate AI coaching insights using the OpenAI API (see Section 3).
  • To process subscription payments via Stripe.
  • To send transactional emails (account verification, password resets, subscription updates).
  • To improve the service and fix bugs.

04AI Processing

MetaLife uses the OpenAI API to power AI features including entry classification, mood analysis, and Jarvis (our AI coaching assistant). When you create an entry or interact with Jarvis, relevant content is sent to OpenAI for processing.

Important: OpenAI does not use data submitted through its API to train its models. Your data is processed in accordance with OpenAI’s API data usage policies.

05Payment Processing

Subscription payments are processed by Stripe. We do not store your credit card number, CVC, or billing address on our servers. Stripe handles all payment data in compliance with PCI DSS. We retain only your Stripe customer ID and subscription status.

06Telegram Integration

If you connect a Telegram bot, messages you send to the bot are forwarded to MetaLife via a secure webhook. Message content is processed identically to entries created through the web app. We store the resulting entry data—the original Telegram message is not stored separately.

07Cookies

MetaLife uses cookies solely for session authentication. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No cookie consent banner is required because we only use strictly necessary cookies.

08Data Storage & Security

EU-hosted

All data stored in PostgreSQL on Hetzner Cloud in the European Union (Germany).

Encrypted at rest

Sensitive values such as API keys are encrypted using AES-256-GCM.

Encrypted in transit

All connections are secured via TLS/HTTPS.

Strict isolation

User data is strictly isolated — you can only access your own data.

09Your Rights (GDPR)

If you are in the European Economic Area, you have the following rights under the General Data Protection Regulation:

Right of accessRequest a copy of all data we hold about you.
Right to rectificationCorrect inaccurate data via the app or by contacting us.
Right to erasureDelete your account and all associated data.
Right to data portabilityExport your data in a machine-readable format using the built-in export feature.
Right to restriction of processingRequest that we limit how we process your data.
Right to objectObject to processing based on legitimate interests.
Right to withdraw consentWhere processing is based on consent, you may withdraw it at any time via your account settings or by contacting us. Withdrawal does not affect the lawfulness of processing performed before withdrawal.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

10Data Retention

Your data is retained for as long as your account is active. You may delete individual entries or your entire account at any time.

When you delete your account, all data enters a 30-day soft-delete period during which it can be recovered. After 30 days, all data is permanently and irreversibly purged from our systems.

11Third-Party Processors

We share data with the following third-party processors:

ProcessorLocationPurpose
OpenAISan Francisco, USAI classification & coaching
StripeSan Francisco, USPayment processing
HetznerNuremberg, EUInfrastructure hosting

12Children’s Privacy

MetaLife is not intended for users under 16 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

13Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email at least 14 daysbefore the changes take effect. The “effective date” at the top of this page indicates when this policy was last revised.

14Data Controller

The data controller responsible for your personal data is:

AdaptiveMind OÜ
Registry code: [to be added]
Registered address: Estonia
Email: [email protected]

15Contact Us

For privacy-related inquiries, contact us at [email protected].

Terms of Service →Back to home