Clarion Privacy Policy

Effective date: June 11, 2026 Last updated: June 11, 2026 Operating entity (current): Clarissa Murra, doing business as Clarion. Utopia Haus LLC formation is in progress as of 2026-05-20; once the LLC is formed and Apple Developer Account / vendor / billing accounts are transferred, the operating entity will become Utopia Haus LLC d/b/a Clarion. References below to "Clarion," "we," "us," or "our" refer to whichever of the foregoing entities is currently operating the Services. Contact for privacy questions: privacy@myclarion.co Postal: [Registered agent or P.O. box address once established — personal address omitted by design]

Welcome

We're glad you're here. We've done our best to write this Privacy Policy in plain English. Where we use a defined legal term we try to explain what it means. If anything in this Policy is unclear, please email privacy@myclarion.co.

This Privacy Policy describes how Clarion collects, uses, shares, and protects information in connection with the Clarion iOS application and related services (collectively, the "Services"). It also explains the rights you have under applicable privacy and consumer-health-data laws and how to exercise them.

If you are visually impaired, have another disability, or need this Policy in another language or format, email privacy@myclarion.co.

Our principles

We hold ourselves to four principles:

  1. Keep your information safe. We store only what we need to deliver the Services and follow industry-standard practices to protect it.
  2. Be honest about what we do with it. This Policy describes our practices in detail. Where we send your information to a third party, we say who and why.
  3. Give you real choice. Where applicable law gives you rights to access, correct, delete, port, or restrict your information, we honor them.
  4. Earn your trust through what we don't do. We do not sell your personal information. We do not share your information for cross-context behavioral advertising. We do not train AI models on your data. We do not use your wellness reflections for advertising.

Why we collect what we collect

You may reasonably ask: if Clarion cares about privacy, why collect any information at all?

For two reasons. First, some features only work with stored data — for example, signing into your account on a new device requires that your account exist on our servers. Second, understanding which features users find useful is how we improve Clarion responsibly. We make those analyses in pseudonymized and aggregated form whenever possible, and you can opt out of analytics collection (see Section 8.4).

We have built Clarion as a wellness companion, not as a clinical service. Clarion is not a healthcare provider. We have no care providers. We do not offer therapy, coaching, psychiatry, or any clinical service. We are not covered by the Health Insurance Portability and Accountability Act (HIPAA), and we are not a HIPAA business associate. Some of the information you provide to us is nonetheless sensitive under various state and international laws (see Section 1.4). We treat it with care.

Table of contents

  1. Information we collect
  2. How we use information
  3. Who we share information with
  4. International data transfers
  5. Children's privacy
  6. Data security and retention
  7. Your privacy rights
  8. Cookies and similar technologies (n/a for iOS app; included for completeness as our marketing website does use cookies)
  9. Changes to this Policy
  10. Contact us
  11. Supplemental notices (state-by-state and country-by-country)

1. Information we collect

1.1 Information you provide directly

Account identifiers - Email address, used to authenticate your account and contact you about the Services - Display name and, if you provide them, first / last / middle name - Year of birth (used solely to confirm you are at least 18 years old at signup) - Profile photo, if you upload one

Wellness reflections and Service-specific input - Free-text journal entries you write in the Daily Check-In "noticed today" reflection field - Self-reported emotional state when you tap a feeling chip in the Compass surface - Mood, energy, sleep-quality, and clarity-band selections in the Daily Check-In flow - Filter selections (e.g., Stress, Sleep, Relationships, Fog) when you complete the onboarding assessment or update your profile - Soul Goals you set and step-by-step plans you save - Photos you add to the Light Up List feature, with any captions you choose - Quest interactions: which quests you started, completed, paused, or replayed; reflection prompts you answer inside quests - Pre- and post-quest clarity scores you self-report - Self-reported health context (contraindications) you optionally enter to filter quests not appropriate for your profile: active or recovered eating disorder, post-traumatic stress disorder or complex PTSD, cardiovascular conditions, pregnancy, seizure disorders, recent surgery or injury

Communications - Messages you send to support@myclarion.co or other support channels, and any other communications you choose to send us, including survey responses, feedback, beta-feature comments, and bug reports - AI conversations you have with the Compass chat / reflection feature (where present)

Subscription and billing - Subscription tier (Pro Monthly, Pro Annual, etc.), billing cadence, and subscription status - Purchase events (initiation, completion, failure, renewal, cancellation, restoration) communicated to us by Apple via RevenueCat - We do NOT collect your payment card information directly. Apple handles all billing.

1.2 Information collected automatically

Device and technical information - iOS device identifier (IDFV) - Device model, operating system version, app version, language, region, time zone - IP address (used for fraud prevention, troubleshooting, and country-aware feature delivery — for example, to surface the country-appropriate crisis hotline in our crisis-resources screen) - Crash and performance reports

Service usage events - Screens viewed, features used, buttons tapped, taps per session, session duration - Quest completion and effectiveness signals - Subscription-related events (paywall views, paywall conversions, cancellations) - These events are sent to Firebase Analytics in pseudonymized form. You can opt out (Section 8.4).

1.3 What we do NOT collect

1.4 Sensitive personal information / consumer health data

Several categories of information we collect qualify as "sensitive personal information" under the California Privacy Rights Act (Cal. Civ. Code § 1798.140(ae)); "consumer health data" under Washington's My Health My Data Act (RCW 19.373.020) and similar laws in Connecticut, Nevada, and other states; "medical information" under California's Confidentiality of Medical Information Act (Cal. Civ. Code § 56.05(j)); and "special category data" under GDPR Article 9.

These categories include: - Self-reported emotional state, mood, and mental clarity data - Wellness reflections and journal entries - Self-reported contraindications and health context - Inferences we draw from the above to personalize content

We process this information only with your explicit consent, obtained at account creation. You may withdraw consent at any time by deleting your account in Settings or by contacting privacy@myclarion.co. Withdrawal does not affect the lawfulness of processing before withdrawal.

We do not share this information with advertisers, data brokers, or any party that would use it for purposes other than providing the Services to you.


2. How we use information

2.1 To operate the Services

We use your information to authenticate your account, present your check-in history, deliver and personalize quest recommendations, generate AI-assisted reflections in the Compass surface, track your streak, manage your subscription entitlement, and communicate with you about the Services (e.g., transactional notifications, important Service announcements).

2.2 To generate AI-assisted personalized content

Several Service features use AI (currently the Claude language model provided by Anthropic, accessed via a server-side proxy we operate on Firebase / Google Cloud) to generate responses based on your input:

We rely on Anthropic's contractual commitment that Anthropic does not use customer API inputs to train its models. See Section 3 for vendor details.

Important: AI-generated content is for educational and reflective purposes only. It is not medical advice, mental-health advice, or any kind of professional advice. See our Terms of Use for the full medical disclaimer.

2.3 To improve the Services

We use pseudonymized and aggregated usage event data to understand which features are useful, where users encounter difficulty, and how the Services should evolve. We do not use your wellness reflections, journal entries, or self-reported emotional state for product analytics. Aggregated insights inform product development, content prioritization, and bug fixes.

2.4 To protect users in distress

Several Service surfaces (Daily Check-In free-text reflection, Chat / Compass conversation, journal-style inputs) include automated keyword screening for explicit crisis-language patterns indicating suicidal ideation, self-harm intent, or eating-disorder-crisis language. When such language is detected, the Services surface a country-appropriate crisis-resources screen — referencing the U.S. 988 Suicide & Crisis Lifeline, the U.K. Samaritans (116 123), the Australian Lifeline (13 11 14), New Zealand's Lifeline Aotearoa (0800 543 354), Crisis Text Line (text HELLO to 741741 in the U.S.), and Befrienders for other countries — and logs an internal safety event for our review.

This monitoring is a safety feature only. It is not used for advertising, marketing, profiling for purposes other than safety, or sale. You may request a copy of any safety-event log relating to you by contacting privacy@myclarion.co.

2.5 To communicate with you

2.6 To comply with legal obligations and protect rights


3. Who we share information with

We do not sell your personal information. We do not share your personal information with third parties for cross-context behavioral advertising. We do not allow our vendors to use your personal information to train AI models.

3.1 Service providers (processors)

Vendor What they do for us What data they receive Where data is processed
Apple Inc. App Store distribution, Apple Sign In, StoreKit subscription billing What Apple needs to provide these services. Subscription status flows back to us via RevenueCat. United States
Google LLC (Firebase / Google Cloud) Authentication, Firestore database, Cloud Functions (server-side logic), Firebase Storage (file storage for Light Up List photos), Firebase Analytics (pseudonymous event data), Firebase Hosting (marketing site) Account identifiers; subscription status; app events; quest activity; clarity scores; streak / XP counters; activeFilters wellness-category labels (stored as plain string arrays); Soul Goal titles and step descriptions; Light Up List photo captions and reflections; real-time chat messages written to our top-level chatMessages log; raw photo files in Firebase Storage. Free-text reflection fields (check-in notes, mood, emotional state, top-of-mind text, joy/bliss moment, "noticed today", per-user conversation archive, weekly narrative, daily AI insight content, assessment responses, 24-hour quest outcome clarity scores) are additionally encrypted client-side with a per-user iOS Keychain key before being written — Google and Clarion administrators cannot read those fields without the user's device key. All data is transmitted over TLS and stored under Google's standard at-rest disk encryption. See Section 6.1 for full detail. United States (primarily us-central1 region)
Anthropic, PBC Claude language model API — used for Compass reflections, Soul Goal step breakdowns, Weekly / Daily Insights The specific user input (emotional state, free-text reflection, goal text) needed to generate the requested response. We do NOT send your name, email, device identifiers, or full account history. Anthropic's standard API terms state that Anthropic does not train its models on customer API inputs. United States
RevenueCat, Inc. Subscription entitlement management across StoreKit Subscription tier, billing cadence, purchase events, pseudonymous user identifier United States
Voyage AI (where used) Embedding generation for semantic quest matching Quest text plus your emotional-state query as input; the resulting embedding vectors are stored in our Firestore. No PII transmitted. United States

We have written agreements with each of these vendors that limit their use of your information to providing services to us. Where required by GDPR Article 28, the agreements include Data Processing Addenda; where required by Schrems II, Standard Contractual Clauses or other appropriate transfer mechanisms apply (see Section 4).

3.2 We do NOT share with

3.3 Limited disclosures we may make

3.4 Information you choose to share with others

If you choose to share content (e.g., share a quest with a friend via the iOS share sheet), the recipient of your share receives whatever you choose to share with them. Information shared via the iOS share sheet is not transmitted through Clarion's servers; it goes directly through iOS to your chosen destination.


4. International data transfers

Clarion is operated from the United States. Our vendors are headquartered in the United States. If you are located outside the United States, your information will be processed in the United States.

For data subjects in the European Economic Area, the United Kingdom, or Switzerland, your information is transferred to the United States under one or more of the following GDPR transfer mechanisms:

You may obtain a copy of the SCCs or other transfer mechanism by contacting privacy@myclarion.co.


5. Children's privacy

Clarion is intended for adult users only. We require all users to confirm they are at least 18 years of age at account creation; this confirmation is a hard gate. The Services and our marketing are not directed to children under 18.

We do not knowingly process personal information of children under 13 in violation of the Children's Online Privacy Protection Act, 15 U.S.C. §§ 6501–6506 (COPPA). If we learn that a person under 18 has provided personal information to Clarion despite the age gate, we will delete the information promptly. Parents who become aware that a child has created an account should contact privacy@myclarion.co for immediate account deletion and data removal.


6. Data security and retention

6.1 Security

In transit

At rest — Firestore-default encryption (applies to everything)

At rest — additional client-side encryption (applies to specific reflection fields)

What is NOT additionally encrypted (Firestore-default encryption only)

AI processing

Authentication

Other safeguards

Clarion is not end-to-end encrypted: AI features require server-side processing of plaintext reflection text. The client-side encryption described above protects stored reflections from administrator browsing of the database; it does not prevent the user's own AI request from being decrypted in transit on the user's behalf.

We work to maintain security, but no security can be guaranteed. If you suspect unauthorized use of your account, contact us immediately at security@myclarion.co.

6.2 Retention

Category Retention
Account identifiers (email, name, year of birth) For the life of your account; deleted within 60 days of account-deletion request
Wellness reflections, journal entries, quest completions For the life of your account; deleted within 60 days of account-deletion request unless you request earlier deletion
Self-reported emotional state, mood, clarity data Same as above
Safety-monitoring event logs (when crisis language is detected) Retained up to 7 years for safety / legal-defense purposes; may be requested for review by contacting privacy@myclarion.co
Subscription / billing data Retained for the period required by applicable tax, accounting, and consumer-protection law (typically 7 years)
AI-generated cached responses (Compass cache) Time-to-live of 30 days; automatically invalidated when underlying content changes
Aggregated and pseudonymized analytics Retained indefinitely in pseudonymized form
Routine backups Retained up to 90 days after account deletion

6.3 Breach notification

If we experience a personal-data breach affecting your information, we will notify you and applicable regulatory authorities consistent with the timelines required by law: GDPR Article 33 (72 hours to authority); New York SHIELD Act (expedient notification); state breach notification statutes (varies — California Civil Code §§ 1798.29 / 1798.82: "in the most expedient time possible and without unreasonable delay"; Washington RCW 19.255: 30 days; Massachusetts: as soon as practicable; etc.).


7. Your privacy rights

This Section summarizes rights that apply depending on where you live. You may have additional rights under your local law not listed here. Contact privacy@myclarion.co to exercise any right.

7.1 Rights provided to all users (regardless of jurisdiction)

To exercise any of these rights, email privacy@myclarion.co with a clear statement of which right you are exercising. We may ask for reasonable verification of your identity.

7.2 California residents — CCPA / CPRA

Under the California Consumer Privacy Act as amended by the California Privacy Rights Act (Cal. Civ. Code § 1798.100 et seq.), California residents have the rights described in Sections 7.1 plus:

CCPA-required categories disclosure. The following table describes the categories of personal information we have collected in the prior 12 months, the categories of sources, the business purposes, and whether we "sold" or "shared" (in the broad CCPA sense). Categories follow Cal. Civ. Code § 1798.140(v).

Category Examples we collect Sources Business purpose Sold or shared (CCPA broad sense)
A. Identifiers Email, name, IDFV, IP address Directly from you; automatic on app use Service delivery, authentication, security No
B. Cal. Customer Records (§ 1798.80(e)) Name, contact info Directly from you Service delivery, support No
C. Protected classification Year of birth (for age gate only) Directly from you Compliance with adult-only policy No
D. Commercial information Subscription tier, purchase history Apple via RevenueCat Subscription delivery, account management No
E. Biometric information None collected N/A N/A No
F. Internet / network activity App usage events, screens viewed, time spent Automatic on app use Service improvement, debugging No
G. Geolocation data Approximate region from IP only Automatic on app use Country-appropriate crisis resources, fraud prevention No
H. Sensory data None (no audio/video uploads by default) N/A N/A No
I. Professional or employment-related None collected N/A N/A No
J. Non-public education information None collected N/A N/A No
K. Inferences Pseudonymous profile of preferred quest categories, mood patterns Derived from your check-ins and quest activity Personalization, recommendations No
L. Sensitive personal information Self-reported emotional state, mental-clarity data, wellness reflections, contraindications (with consent) Directly from you Service delivery, personalization No

To exercise California rights: email privacy@myclarion.co with subject "California Consumer Privacy Request" and reasonable verification of identity (we may ask for the email you signed up with plus a verification code). We respond within 45 days; complex requests may extend to 90 days with notice.

7.3 Washington residents — My Health My Data Act (RCW 19.373)

Effective March 31, 2024, Washington's My Health My Data Act protects "consumer health data." The information described in Section 1.4 of this Policy is consumer health data under that Act. Washington residents have:

To exercise these rights, contact privacy@myclarion.co with subject "Washington MHMDA Request."

7.4 EEA / UK / Swiss residents — GDPR / UK GDPR

Under Regulation (EU) 2016/679 (GDPR), the UK GDPR, and Swiss data-protection law, you have:

For data subjects in the EEA, UK, or Switzerland, the data controller is Utopia Haus LLC. We do not currently meet the GDPR Article 27 threshold for appointing an EU representative because our processing of EEA-resident data is not on a large scale of special category data within Article 27(2). If our processing grows to meet that threshold, we will appoint and identify our EU representative here. [COUNSEL REVIEW NOTE: monitor EU user count + DPF-certification decision.]

Legal bases for processing. We rely on the following legal bases under GDPR Article 6 (and Article 9 for special category data): - Article 6(1)(a) and Article 9(2)(a) — explicit consent for processing of sensitive wellness/mental-health data - Article 6(1)(b) — contract performance for delivery of the Services - Article 6(1)(c) — legal obligation for tax, accounting, and regulatory compliance - Article 6(1)(f) — legitimate interest for fraud prevention, security, basic service analytics (balanced against your rights and freedoms)

To exercise EU/UK/Swiss rights, contact privacy@myclarion.co. We respond within one month per Article 12(3); we may extend by two further months for complex requests with notice.

7.5 Other state privacy laws

Residents of the following states have rights substantially similar to California's under their respective state privacy laws. Contact privacy@myclarion.co with the subject line "[State] Consumer Privacy Request."

[COUNSEL REVIEW NOTE: state list current as of 2026-05-20 to the best of the founder's knowledge; counsel should produce a true 50-state matrix at finalization and refresh quarterly.]

7.6 Verification and authorized agents

When you submit a privacy-rights request, we may ask for information reasonably necessary to verify you are the individual whose data is being requested. You may also use an authorized agent if your state's law allows (e.g., Cal. Civ. Code § 1798.140(a)); we will ask the agent for written authorization and may verify with you directly.


8. Cookies and similar technologies

8.1 Mobile app

The Clarion iOS application does not use HTTP cookies in the traditional browser sense. We do use the iOS device identifier (IDFV) for analytics purposes, subject to your Apple App Tracking Transparency (ATT) preference (described in Section 8.4).

8.2 Marketing website

The myclarion.co marketing website may use cookies and similar technologies for analytics, security, and personalization. Where required by law (such as the EU ePrivacy Directive), we obtain your consent before non-essential cookies are deployed.

8.3 Apple App Tracking Transparency

On first launch of the iOS app, Apple's system will present you with the App Tracking Transparency prompt asking whether you allow Clarion to track your activity across other companies' apps and websites. If you decline: - We will not link Clarion's analytics data with data from other sources for advertising purposes - We will continue to collect first-party analytics (within Clarion only) unless you opt out separately

You may change your ATT decision at any time in iOS Settings → Privacy & Security → Tracking → Clarion.

8.4 How to opt out


9. Changes to this Privacy Policy

We may update this Policy as our practices evolve. We will post the updated version in the App and on myclarion.co/privacy with a new "Effective date" at the top. For material changes that expand the categories of information collected, the purposes of processing, or the third parties we share with, we will provide additional in-app notice and obtain renewed consent where required by applicable law.


10. Contact us

If you are not satisfied with our response, you may contact your local data protection authority (in the EEA), the Information Commissioner's Office (in the UK), the California Attorney General, the Washington Attorney General (for WA MHMDA matters), or another applicable regulator.


11. Supplemental notices

11.1 Notice for California users (Cal. Civ. Code § 1789.3)

The Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted (a) via email at dca@dca.ca.gov; (b) in writing at: Department of Consumer Affairs, Consumer Information Division, 1625 North Market Blvd., Suite N 112, Sacramento, CA 95834; or (c) by telephone at (800) 952-5210 or (800) 326-2297 (TDD). Sacramento-area consumers may call (916) 445-1254 or (916) 928-1227 (TDD). You may contact us at Utopia Haus LLC d/b/a Clarion, mailing address available on written request to privacy@myclarion.co, privacy@myclarion.co.

11.2 Notice for international users

Clarion is operated from the United States. If you are located outside the United States and use the Services, your information will be processed in the United States and subject to United States law. Country-specific rights are described in Section 7.

11.3 Acceptance of this Policy

By using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree to this Policy, please do not use the Services.