Privacy Policy

1. Who handles your data

For Practitioner accounts, Reverbe is the data controller. For Client data (intake responses, session notes, audio), the Practitioner is the controller and Reverbe is the processor. See our Data Processing Addendum for the processor terms.

2. What we collect

Practitioner data

• Account details: name, email, password (handled by our authentication provider)
• Profile: bio, photo URL, credentials, timezone
• Service catalogue, working agreement template, voice clone metadata
• Voice sample + consent recording
• Stripe Connect account ID (encrypted at rest)
• Audit log: every sensitive action you take (timestamped, with IP and user agent)

Client data (you, the Practitioner, are the controller)

• Contact details and booking history
• Intake form responses (including health information)
• Working Together Agreement signature receipts
• Generated reinforcement audio + listening telemetry (open/play/finish events)

3. How we use it

To provide the service: render your dashboard, generate scripts, synthesise audio, deliver it to Clients, take payments. We use audit logs to detect abuse and meet legal retention requirements. We do not sell your data, ever.

AI and your data

Inputs you provide for script generation are sent to a third-party AI provider for processing under a zero-retention contract, your inputs are not used to train any external model. Voice clone audio is sent to a third-party voice-cloning provider only to create and use the clone; it is not used for training. The specific providers we use are listed in our Data Processing Addendum.

4. Where it lives

• Application data: stored in the EU by default
• Audio files: stored in regional object storage with per-tenant key prefix
• Payments: processed by Stripe (US/EU)

Specific providers and their roles are named in our Data Processing Addendum.

5. Retention

• Practitioner account data: until account deletion + 13 months audit retention
• Client audio: 12 months from generation, then auto-purged
• Magic-link tokens: 60 days from generation, then expire
• Audit log: 13 months (then auto-purged via TTL index)
• Stripe records: kept per Stripe’s own retention (we hold IDs only)

6. Your rights (GDPR / CCPA / UK GDPR)

You can request: a copy of your data, correction of inaccurate data, deletion (with carve-outs for legal records), restriction of processing, or to object to processing. Reach out to hello@reverbe.app and we’ll respond within 30 days.

Practitioners can self-serve account deletion via the dashboard. Deletion anonymises your record (preserving the audit trail) and removes your voice clone from our voice-cloning provider.

7. Security

Sensitive fields (payment provider access tokens, etc.) are encrypted at rest with AES-256-GCM. All traffic is TLS 1.2+. We practise defence-in-depth: per-tenant data isolation, multi-tenant scope enforcement at the database layer, content-hash binding on script approval, and short-lived cryptographically random magic-link tokens.

8. Cookies

We use HttpOnly session cookies for authentication and a short-lived OAuth state cookie for connecting external accounts. No third-party advertising or analytics cookies.

9. Children

Reverbe is not intended for users under 18. Practitioners may not use Reverbe to deliver therapy to minors via this platform.

10. Changes

We’ll notify you by email at least 30 days before any material change. Continued use after the effective date constitutes acceptance.

11. Contact

DPO and privacy questions: hello@reverbe.app.