Privacy Policy
Effective Date: 21 April 2026
Operated by: HEAL APP
Contact: healapp.reports@gmail.com
1. Overview
This Privacy Policy explains how HEAL APP ("we", "us", or "our") collects, uses, stores, and discloses information in connection with the heal. mobile application (the "App").
We are committed to protecting your privacy. The App has been designed to minimise data collection. We do not require users to create accounts, provide names, email addresses, or any other personal identifying information to use the App.
While the App is designed to be anonymous, certain technical data may be collected and used to enforce safety measures and moderation. This Policy explains what that data is and how it is handled.
This Privacy Policy should be read together with our Terms of Service and Community Guidelines. By using the App, you consent to the practices described in this Privacy Policy.
2. Who We Are
The App is operated by HEAL APP, an Australian sole trader based in Melbourne, Victoria, Australia.
For any privacy-related enquiries, please contact us at healapp.reports@gmail.com.
3. Information We Collect
We collect only the minimum information necessary to operate the App safely and effectively.
3.1 Device Identifier
Upon first use, a randomly generated device ID (UUID) is created and stored locally on your device. This identifier is not linked to your name, email address, or any other personal information. It is used solely to administer the ban system.
3.2 Firebase Anonymous Authentication UID
The App uses Google Firebase Anonymous Authentication to generate a temporary, anonymous session identifier (UID) each time you use the App. This UID is not linked to any personal identity and is not associated with any Google account. It is used solely to facilitate the technical operation of the App, including matchmaking and chat delivery.
3.3 Queue & Session Data
When you enter the matching queue, we collect and temporarily store the following:
• Your selected role (Feeler or Healer);
• Your randomly assigned session username; and
• The timestamp of your queue entry.
This information is deleted automatically when you are matched with another user or when you exit the queue.
3.4 Chat Message Content
Messages exchanged during a chat session are transmitted and stored temporarily in our Firebase database solely for the purpose of delivering those messages to the other participant in real time. Upon conclusion of a chat session, all message content is permanently and automatically deleted from our systems.
We do not read, analyse, or store chat content beyond what is necessary to deliver messages in real time, except in the circumstances described in Section 3.5 below.
3.5 Report Data
If a user submits a report against another user during or at the conclusion of a chat session, the following information is captured and retained:
• The full conversation from that chat session, transmitted as an attachment to the app operator's secure mailbox;
• The anonymous UID of the reporting user;
• The randomly assigned username of the reported user;
• The timestamp of the report; and
• The chat session identifier.
This information is retained for the purposes of reviewing the report, administering the ban system, and, where necessary, complying with legal obligations. It is accessible only to the app operator.
By submitting a report, you expressly consent to the capture and operator review of the full conversation from that session. By using the App, you acknowledge that if a report is submitted against you, the conversation in which the reported conduct occurred may be reviewed by the app operator.
3.6 Strike & Ban Records
Where a user is found to have breached our Community Guidelines, a strike record associated with their anonymous device ID and Firebase UID is created and maintained in our Firebase database. This record contains the number of strikes recorded against that identifier and, where applicable, the duration and expiry of any ban imposed. No personal identifying information is associated with these records.
4. How We Use Your Information
We use the information collected solely for the following purposes:
• To operate and deliver the core functionality of the App, including matchmaking and real-time chat;
• To administer the ban and strike system to protect users from harmful conduct;
• To review reports submitted by users and take appropriate moderation action;
• To maintain the security and integrity of the App; and
• To comply with applicable legal obligations.
We do not use your information for advertising, profiling, or any commercial purpose beyond the operation of the App.
5. Disclosure of Information
We do not sell, rent, or trade any information collected through the App.
Information may be disclosed in the following limited circumstances:
• To Google Firebase, as our infrastructure and database provider, solely to the extent necessary to operate the App;
• To law enforcement or regulatory authorities where we are required to do so by law, or where we reasonably believe that disclosure is necessary to prevent imminent harm or unlawful conduct; and
• In connection with any sale, merger, or transfer of the App or our business, provided that any successor operator is bound by obligations no less protective of user privacy than those set out in this Privacy Policy.
6. Data Storage & Security
Data collected through the App is stored on Google Firebase servers. Firebase maintains industry-standard security measures including encryption in transit and at rest.
Report data, including full chat transcripts submitted upon a report, is transmitted to and stored in a secure operator-controlled mailbox accessible only to the app operator.
While we take reasonable steps to protect information from unauthorised access, disclosure, or misuse, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security.
7. Data Retention
We retain information only for as long as necessary for the purposes for which it was collected:
• Queue and session data: deleted automatically upon match or queue exit;
• Chat message content: permanently deleted upon conclusion of the chat session, except where a report has been submitted;
• Report data (including full chat transcripts): retained for as long as reasonably necessary to administer the moderation and ban system and to comply with any applicable legal obligations; and
• Device ID and ban/strike records: retained for as long as necessary to administer the ban system.
8. Third-Party Services
The App uses the following third-party services in the course of its operation:
• Google Firebase: authentication, real-time database, and cloud functions. Governed by Google's Privacy Policy: https://policies.google.com/privacy
• Google Play Store / Apple App Store: app distribution platforms. Their respective privacy policies apply to any data collected in connection with app download and installation.
We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies independently.
9. Children’s Privacy
The App is intended solely for users aged 18 years and over. It is not directed at or intended for minors. By using the App, you confirm you are 18 or older. As the App is anonymous by design, we are unable to independently verify the age of users. We do not knowingly collect any information from persons under the age of 18. If you are under 18, you must not use this App.
10. Your Privacy Rights
10.1 Australian Users
The App is operated in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
The App is designed to be anonymous by default. We do not collect your name, email address, phone number, or any other information that directly identifies you. Because of this, we are generally unable to link any data held in our systems to a specific individual. In practice, this means that most access, correction, or erasure requests cannot be actioned, not because we are refusing, but because we genuinely cannot identify you in our data.
If you believe we hold information that can be linked to you and you wish to make a request, please contact us at healapp.reports@gmail.com with as much context as possible. We will make reasonable efforts to locate and action your request where it is technically feasible to do so.
If you believe we have breached the APPs, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
10.2 European Users (GDPR)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, rights under the General Data Protection Regulation (GDPR) or equivalent legislation may apply to you, including rights of access, rectification, erasure, restriction, portability, and objection.
As noted above, the App is anonymous by design. We are generally unable to identify any individual from the data we hold. As a result, it may not be technically possible to action GDPR requests in most cases. This is a function of the App's privacy-first architecture, not a refusal to comply.
Our lawful basis for processing under the GDPR is our legitimate interest in operating a safe and functional anonymous communication platform, and, in respect of report data, compliance with legal obligations and the protection of the vital interests of users.
To exercise your rights or lodge a complaint, please contact us at healapp.reports@gmail.com or contact your local supervisory authority.
11. Cookies & Tracking Technologies
The App does not use cookies. We do not employ tracking technologies, advertising trackers, or analytics tools that collect behavioural data about users across sessions or across third-party platforms.
Firebase may collect certain technical diagnostic data as part of its standard infrastructure operation. This is governed by Google's Privacy Policy.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal obligations. Where we make material changes, we will notify users via the App. The updated Privacy Policy will be effective from the date it is published.
Continued use of the App following publication of an updated Privacy Policy constitutes your acceptance of the changes.
13. Contact & Complaints
For any questions, concerns, or complaints regarding this Privacy Policy or our privacy practices, please contact:
HEAL APP
Melbourne, Victoria, Australia
We will endeavour to respond to all enquiries within a reasonable timeframe. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.