Legal · Privacy Policy

Your data.
Our responsibility.

We wrote this so you'd actually read it. Plain English, short paragraphs, no dark patterns. Here is exactly what we collect, why we have it, and what you can do about it. This policy covers users in Canada, the United States, the EU, the UK, and everywhere else.

Last updated: April 24, 2026

TL;DR — The short version

We collect only what we need to run the tools. Your session content stays yours.
Because you describe mental health-adjacent states, your data qualifies as sensitive health data under Canadian law (PIPEDA, Quebec Law 25), multiple US state privacy laws (Virginia, Colorado, Texas, and others), and EU/UK law (GDPR). All of them require explicit consent before we process it. You give that consent the first time you use an AI tool — and you can withdraw it any time.
AI tools are powered by Anthropic's Claude API. Your prompts do not train Anthropic's models. Anthropic retains API data for a limited period for abuse monitoring, then deletes it.
We do not sell your data. We do not share it for advertising. Full stop.
You can download a copy of all your data instantly from your Account page. No need to email us.
This platform is not HIPAA-covered. But we apply equivalent care anyway because it's the right thing to do.

01 Who We Are

DopamineDriven.io is operated by Kernel Media Inc., a Canadian company. For the purposes of data protection law, we are the data controller — meaning we decide why and how your personal data is processed.

For data-related requests, questions, or complaints: privacy@dopaminedriven.io

We do not have a formal Data Protection Officer, but the same inbox handles all data subject requests personally and promptly.

02 What We Collect

We collect data in three ways: things you give us directly, things generated when you use our tools, and limited technical data that any web server records.

Data	How we get it	Why	Legal basis / purpose
Email address & display name	Account registration	Account management, sign-in	Contract performance
Session records from Steady, Spark, and Thread tools	Saved automatically when you complete a session	Dashboard history, streak tracking, Neural Missions	Contract performance; explicit consent
ADHD Tax Audit entries (amounts, categories, descriptions)	You enter them manually	Running your personal financial ledger	Contract performance
Dopamine Menu activity selections	You choose and save them	Building your personal reset toolkit	Contract performance
WordPress account metadata (registration date, verification status)	Generated automatically	WordPress user management	Contract performance
IP address, browser/device type	Server logs	Security, fraud prevention	Legitimate interests

Legal basis terminology: "Contract performance" maps to PIPEDA's "necessary to fulfil a contract" and US state laws' "performance of a contract." "Explicit consent" maps to PIPEDA Principle 3, Law 25 explicit consent, GDPR Art. 9, and US state opt-in consent for sensitive data. "Legitimate interests" is a GDPR concept; under PIPEDA the equivalent is "legitimate business purpose with appropriate safeguards."

We do not collect: precise geolocation, biometric data, government ID numbers, payment card data (we do not currently charge for the platform), or any data from third-party social profiles.

03 What Each Tool Stores

Each of our AI tools stores a structured record on our servers when you complete a session. Here is exactly what is in each record — not described in vague terms, but the actual fields saved to your account.

Steady (emotional regulation)

Steady does not store the raw text you type. Instead, when the AI analyses your input, a structured session record is saved:

state — the AI's inferred emotional label (e.g. "Flood", "Static")
severity — a numeric score 1–5 representing intensity
pulse — the somatic sensations you selected from a preset list (e.g. "chest tightness", "racing thoughts")
escalated — a boolean indicating whether the session escalated to a higher-intensity state
timestamp — when the session ended

Your raw input to Steady is sent to the Anthropic API to generate the response, then discarded. Only the structured record above is saved to your account.

Spark (focus and task activation)

Spark stores:

task — the task description text you entered
taskType — the AI's classification of the task type
energy — your self-reported energy level
completed — whether you marked the task complete
parked — the number of micro-tasks you chose to park
timestamp — when the session ended

Your task text is stored as part of the session record.

Thread (commitment and follow-through)

Thread stores:

commitment — the commitment text you wrote
deadline — the deadline you set
letter — the AI-generated future letter sent back to you
outcome — whether you marked the commitment kept or missed
created / closedAt — session open and close timestamps

Both your commitment text and the AI-generated letter are stored. Active Thread sessions are also temporarily held in your browser's localStorage until the session closes.

AI triage (tool selector)

The triage system receives your description of your current state and recommends a tool. Your input is sent to the Anthropic API to generate the recommendation. The triage input is not stored on our servers. Only the final tool recommendation influences which session record (if any) gets created.

Your data export

You can download a complete copy of every session record stored under your account — including the exact fields listed above — directly from your Account page. No email required. The file is a human-readable JSON that you can open in any text editor.

04 Sensitive Health Data

Multiple laws apply — not just GDPR

When you describe your emotional or cognitive state to our AI tools, that data is classified as sensitive health-adjacent information under every major privacy framework we operate within:

Canada — PIPEDA (federal): requires express consent for sensitive personal information, including health-related data. Applies to us as a Canadian company handling any user's data.
Canada — Quebec Law 25: requires explicit, free, and informed consent for sensitive personal information. Applies to all Quebec residents regardless of where they access the site.
US state laws — Virginia (CDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), Montana, Oregon, Delaware, and others: all require opt-in consent before processing sensitive data, which explicitly includes mental and physical health information.
California — CPRA: classifies ADHD-related session data and financial logs as sensitive personal information. Does not require pre-consent but grants the right to limit use to what is strictly necessary for the service — which is already our policy.
EU/UK — GDPR Article 9 / UK GDPR: classifies health-adjacent inferences as special category data requiring explicit consent.

We process this data only with your explicit, separate consent — not bundled into your general Terms acceptance. You gave that consent the first time you used an AI tool, via a dedicated consent modal that explains exactly what is processed and by whom. You can withdraw it at any time from your Account page; doing so stops future AI processing. Your existing session records are not auto-deleted on withdrawal — contact us to request targeted deletion.

We do not use this data to build profiles for advertising, insurance, employment, or any purpose other than operating the tools you're using.

This platform is not a HIPAA-covered entity (we are not a healthcare provider, health plan, or clearinghouse, and we have no business associate agreements with any covered entity). However, given the sensitivity of what you share, we apply equivalent care in how we store, process, and protect it.

05 AI & Your Data

The intelligence behind Steady, Spark, Thread, and the triage system is powered by Anthropic's Claude API. Here is exactly what that means for your data:

What gets sent to Anthropic

When you interact with an AI tool, the text you enter is transmitted to Anthropic's servers to generate the AI response. This is structurally identical to how every AI-powered product works. Only your input for that tool interaction is sent — we do not send your account history or personal details to Anthropic.

What Anthropic does with it

API data is not used to train Anthropic's models. Anthropic's API terms explicitly state this. Your session content does not improve or influence Claude or any other model.
Anthropic may retain API inputs and outputs for a limited period for trust, safety, and abuse monitoring purposes, after which they are deleted. See Anthropic's current retention terms for specifics.
A limited number of authorised Anthropic employees and vetted contractors may access this data for trust and safety purposes.
Anthropic is a US-based company. As a Canadian data controller sending personal data to a US processor, this constitutes a cross-border transfer under PIPEDA and Quebec Law 25. We take reasonable steps to ensure Anthropic provides comparable protection — including reviewing Anthropic's published Data Processing Addendum and privacy commitments. EU/UK users: this transfer is also subject to GDPR cross-border transfer rules, which Anthropic addresses through applicable transfer mechanisms.

Automated recommendations

The AI triage system makes an automated recommendation about which tool may help you. Under GDPR Article 22, US state privacy laws (Virginia CDPA, Colorado CPA, and others), and Quebec Law 25, you have rights regarding automated processing that affects you. In practice: you are never locked into the recommendation — it is always a suggestion, not a binding decision. You can always override it, ignore it, or contact us to disable the triage feature for your account entirely. No legal or similarly significant decisions about you are ever made by our AI.

For full details of Anthropic's data practices: Anthropic Privacy Policy

06 Cookies & Local Storage

We use browser localStorage (not just cookies) to maintain your session and preferences. Privacy laws across multiple jurisdictions — including Canada's PIPEDA, EU/UK GDPR and the ePrivacy Directive, and US state transparency requirements — require us to disclose what is stored in your browser and why. Here is the complete list.

What’s stored	Key(s)	Purpose	Duration
WordPress authentication cookies	wordpress_, wp-settings-	Keeping you signed in	Session or up to 14 days
Active Thread session (in-progress commitment)	dd_thread_active, dd_sessions_thread	Preserving your session if you navigate away	Until the session closes or you clear storage
ADHD Tax entries (unsynced)	dd_adhd_tax_v1	Local cache; synced to account on save	Until synced to server
Dopamine Menu selections (unsynced)	dd_dopamine_menu_v1	Local cache; synced to account on save	Until synced to server
Pressure calibration setting	pressure_calm	Remembering your Steady calibration	Duration of browser storage

Important note on data exports

localStorage data lives only in your browser. It is inaccessible to our servers and therefore cannot be included in your data export file. To view it, open your browser's DevTools → Application → Local Storage → dopaminedriven.io. To clear it, use your browser's storage settings — doing so will not delete your account or any server-side data.

We do not use tracking cookies, advertising cookies, or cross-site behavioural tracking of any kind.

07 Data Retention

We keep your data for as long as necessary to provide the service, then delete it automatically. These are the actual policies enforced by our systems — not vague promises.

Data type	Retained for	How deleted
Tool session records (Steady, Spark, Thread)	12 months from each session date	Automatically purged by a daily background job
Most recent 50 sessions per tool (rolling cap)	Until older sessions are pushed out by newer ones	Oldest entry removed when the cap is reached
ADHD Tax Audit entries	Duration of your account	Deleted immediately when account is deleted
Dopamine Menu activities	Duration of your account	Deleted immediately when account is deleted
Account credentials & profile data	Duration of your account	Fully purged when you trigger account deletion
Server access logs (IP addresses)	Governed by our hosting provider's retention policy	Managed by hosting provider
Anthropic API inputs/outputs	Governed by Anthropic's retention policy	Managed by Anthropic

You can delete your account at any time from your Account page. Deletion is immediate and irreversible — every piece of data we hold about you is removed from the database in a single operation. There is no grace period and no backup recovery after deletion.

08 Your Rights

These rights apply to all users regardless of location. Jurisdiction-specific rights follow beneath.

All users — universal rights

Access & portability. Download a machine-readable (JSON) copy of all server-side data we hold about you, instantly, from your Account page. No email required.
Correction. If something we hold is inaccurate, email us and we'll fix it promptly.
Deletion / erasure. Delete your account from the Account page — all data is purged immediately and irreversibly. Or email us to request targeted deletion of specific records without closing your account.
Withdraw consent. Withdraw AI tool consent at any time from your Account page. Takes effect immediately — next tool visit will show the consent modal again. Existing session records are not auto-deleted on withdrawal; email us to request that too.
Opt out of automated recommendations. Contact us to disable the AI triage system for your account. You'll still be able to navigate to tools directly.
Non-discrimination. Exercising any of these rights will not affect your access to DopamineDriven. We will not penalise you for asking.

Canadian residents (PIPEDA / Quebec Law 25)

Right of access. Request a complete account of the personal information we hold about you, how it was collected, and who it has been disclosed to (PIPEDA Principle 9). Our self-serve export satisfies this — or email us for a formatted written response.
Right to challenge accuracy. If information is inaccurate or incomplete, request correction under PIPEDA Principle 9 and Law 25 Article 27.
Right to withdraw consent. You may withdraw consent for the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions (PIPEDA Principle 3.8). Withdrawal stops future processing; it does not erase historical records unless you also request deletion.
Right to complain. Quebec residents may file a complaint with the Commission d’accès à l’information (CAI). Other Canadian residents may contact the Office of the Privacy Commissioner of Canada.
Cross-border transfer notification. Your data is processed by Anthropic's Claude API, a US-based service. Under PIPEDA and Law 25, we are required to inform you of this transfer and to use contractual or other means to ensure comparable protection.

California residents (CCPA / CPRA)

Right to know. Categories and specific pieces of personal information we collect, use, disclose, and sell — documented in this policy. We do not sell your data.
Right to delete. Use the Account page, or email us for targeted deletion.
Right to correct. Email us with the specific inaccuracy.
Right to opt out of sale or sharing. We do not sell or share your personal information for cross-context behavioural advertising. We do not sell your data.
Right to limit use of sensitive personal information. Your ADHD-related session data and ADHD Tax financial records are sensitive PI under CPRA. We already limit their use to delivering the service — you can request written confirmation at any time.
California CMIA (AB 2089). We are aware of the California Mental Health Digital Services Act and its application to AI-assisted tools that process mental health data. We do not sell, share, or use your mental health data for advertising. We do not disclose it to third parties other than Anthropic as our AI processor.

Other US state residents (Virginia, Colorado, Connecticut, Texas, Montana, Oregon, Delaware, and others)

Right of access. Request a copy of the personal data we process about you. Our self-serve export satisfies this.
Right to correct. Request correction of inaccurate personal data.
Right to delete. Request deletion of your personal data. Use the Account page or email us.
Right to data portability. Obtain your data in a portable format. Satisfied by the JSON export on your Account page.
Right to opt out of targeted advertising and sale. We do not conduct targeted advertising or sell personal data. There is nothing to opt out of.
Right to opt out of profiling. We do not build profiles for profiling in furtherance of decisions that produce legal or similarly significant effects. The AI triage recommendation is a non-binding suggestion.
Right to appeal. If we decline a rights request, you may appeal by emailing us. We will review and respond within the timeframe required by your state's law.

EU and UK residents (GDPR / UK GDPR)

Rights of access, rectification, erasure, restriction, portability, and objection all apply. Our self-serve tools on the Account page satisfy access and portability. Email us for the rest.
Right to withdraw consent (Art. 7). Withdraw AI tool consent from your Account page at any time, with immediate effect.
Rights regarding automated decision-making (Art. 22). The AI triage recommendation is a non-binding suggestion. Contact us to disable it.
Right to lodge a complaint. UK residents: Information Commissioner’s Office (ICO). EU residents: your national Data Protection Authority.

To exercise any right not already available on the Account page: email privacy@dopaminedriven.io. We respond within 30 days for most requests (45 days for complex CCPA requests; 30 days for GDPR; as soon as feasible for PIPEDA — typically within 30 days). We may verify your identity by confirming the email address associated with your account before fulfilling a request.

09 Security

We take the sensitivity of what you share seriously. Our security measures include:

TLS encryption in transit for all data sent between your browser and our servers
bcrypt-hashed passwords — we cannot see or recover your password in plaintext
CSRF protection on every authenticated action (nonces verified server-side)
Strict access controls — only authorised personnel can access the production database
Regular security updates to WordPress core and server software

No system is perfectly secure. If we discover a data breach that creates a real risk of significant harm, we will notify affected users and the appropriate authorities as required by law. GDPR requires notification within 72 hours; Canada's PIPEDA and Quebec Law 25 require notification "as soon as feasible." In practice we treat 72 hours as our internal target regardless of jurisdiction — it is the most stringent standard and the right one given the sensitivity of what you share.

10 Children

DopamineDriven.io is intended for users aged 18 and over. We do not knowingly collect personal information from anyone under 18. If we discover that we have done so, we will delete it immediately. If you believe a minor's data has been collected, contact us at privacy@dopaminedriven.io.

11 Changes to This Policy

If we make material changes — meaning changes that affect your rights or how we use special category data — we will notify you by email before the change takes effect, giving you the opportunity to review and, where relevant, re-consent or close your account.

Minor clarifications (fixing a typo, restructuring a section without changing substance) will be updated without individual notification. The "Last updated" date at the top always reflects the most recent revision.

12 Contact

For any privacy question, data request, or concern:

DopamineDriven.io / Kernel Media Inc.

Email: privacy@dopaminedriven.io

For data subject requests, please include your account email address so we can locate your records.

We aim to acknowledge every request within 5 business days, and to resolve it within 30.