top of page

Privacy Policy

Last Updated: March 22, 2026  —  Version 2.0

 

This Privacy Policy explains how DearCocoa AI LLC (“Dear Cocoa,” “we,” “our,” or “us”) collects, uses, discloses, and protects your information when you use:

  • the Dear Cocoa mobile application (the “App”)

  • the Dear Cocoa website at dearcocoa.com (the “Site”)

  • any products, digital services, pop-up experiences, events, or features offered by Dear Cocoa (collectively, the “Services”)

 

By using our Services you agree to the practices described in this Privacy Policy. If you do not agree, please stop using the Services.

 

Before you read further, here is the most important thing we want you to know: your data is sacred to us. We will never sell it, never use it for advertising, and never share it without your explicit consent. These are not just words in a policy — they are founding commitments that DearCocoa AI LLC is legally bound to uphold permanently.

 

1. OUR FOUNDING DATA COMMITMENTS

These four commitments are the foundation of everything else in this policy. They are non-negotiable and permanent.

 

Commitment 1 — Your data is never sold

Not to advertisers. Not to data brokers. Not to any third party for any amount of money. Ever. This is not a policy clause that can be quietly updated. It is a founding principle that is legally embedded in the operating structure of DearCocoa AI LLC.

 

Commitment 2 — Your data is never used for advertising

Dear Cocoa products are ad-free and will remain that way. We will never use what you share with Cocoa — your journal entries, emotional check-ins, or conversation history — to target you with advertisements or to sell behavioral insights to any brand or third party. Your healing is not a marketing opportunity.

 

Commitment 3 — Your data is used only to improve your care

Your data is used for two purposes only: to improve Dear Cocoa’s in-house AI and make Cocoa more culturally intelligent and clinically effective for every woman who uses her, and in anonymized aggregate form in partnership with mental health organizations and clinical research — and only with your explicit informed consent at the point of collection. Nothing else.

 

Commitment 4 — Cocoa is a bridge to healing, not a replacement for it

Cocoa holds you between therapy sessions and helps make the work you do with your therapist more effective. She is not a licensed therapist and will never claim to be. We will never position her as a substitute for professional clinical care.

 

2. INFORMATION WE COLLECT

We collect information in the following ways.

 

A. Information You Provide

 

Account Information

  • Name

  • Email address

  • Username

  • Phone number (optional)

  • Profile photo (optional)

 

Emotional Check-Ins and Journal Content

  • Written journal entries and reflections

  • Mood entries and emotional check-ins

  • Responses to journaling prompts

  • Creative uploads in The Sanctuary

  • Cocoa conversation logs (used for functionality and pattern recognition only)

  • Mood Board entries and personal tracking data

 

We never sell your emotional, mental health, or journal data. This information is the most sensitive data you share with us and we treat it with the highest level of care and protection.

 

Communications

If you contact us we may collect messages, support tickets, or email correspondence.

 

Payment Information

If you purchase a Pro subscription, event tickets, or merchandise we may collect billing address and partial payment information. Payments are processed through secure third-party processors. We do not store full payment card numbers.

 

B. Information Automatically Collected

 

Device and Usage Information

  • IP address

  • Device type and operating system

  • Browser type

  • App activity and feature usage

  • Session length and frequency

 

Cookies and Tracking Technologies (Website Only)

We use cookies to save login state, personalize the website, analyze site traffic, and improve functionality. We do not use cookies for advertising targeting. You can disable cookies in your browser settings.

 

C. Information From Third Parties

  • Social media logins (if enabled by you)

  • Payment processors

  • Event registration platforms

This data is governed by the respective privacy policies of those third parties.

 

3. HOW WE USE YOUR INFORMATION

 

A. To Provide and Improve the Services

  • Deliver app features including Cocoa, The Sanctuary, The Circle, and the Mood Board

  • Run emotional wellness and metacognitive journaling tools

  • Personalize your experience based on your usage

  • Maintain your account and subscription

  • Build and improve Cocoa’s pattern recognition and cultural intelligence

  • Conduct anonymized research to improve the platform (with your consent where required)

 

B. To Communicate With You

  • Account updates and important service notices

  • Customer support responses

  • App feature announcements

  • Event invitations and community updates (opt-in)

  • Newsletter and marketing communications (opt-in only, unsubscribe anytime)

 

C. For Security and Compliance

  • Detect and prevent fraud and unauthorized access

  • Maintain safety within community spaces including The Circle

  • Comply with applicable legal obligations

 

D. For Analytics and Performance

We use de-identified aggregated data to understand usage trends and improve the platform. This data cannot be used to identify individual users.

 

We do not use emotional data, journal content, or mental health information for advertising purposes. Ever.

 

4. HOW YOUR INFORMATION IS SHARED

We never sell your data.

 

We may share information only in the following limited circumstances.

 

A. Service Providers

Trusted partners who help us operate the Services including:

  • Payment processors

  • Cloud hosting providers (selected in part for their water conservation practices)

  • Customer support systems

  • Email delivery services

All service providers are contractually required to protect your privacy and may not use your data for their own purposes.

 

B. Clinical Research Partners (Anonymized Only)

We may share anonymized aggregated data with mental health organizations and clinical research institutions for the purpose of advancing culturally competent mental health research. This sharing happens only under two conditions: the data is fully anonymized and cannot identify any individual user, and you have provided explicit informed consent at the point of collection. You can withdraw consent at any time.

 

C. Grow Therapy (Clinical Partnership)

If you choose to connect with a therapist through our Grow Therapy partnership, information you share directly within that connection is subject to Grow Therapy’s privacy policy and applicable clinical confidentiality standards. Dear Cocoa does not share your Cocoa journal content with Grow Therapy without your explicit consent.

 

D. Event and Pop-Up Partners

If you register for an in-person Dear Cocoa event we may share your name, email, and RSVP status with event partners only as necessary for event operations. We will always inform you which partners will receive your information at the point of registration.

 

E. Legal Requirements

We may disclose information if required by law, court order, or legal process, or to protect the safety, rights, or security of Dear Cocoa, our users, or the public.

 

F. Business Transfers

If DearCocoa AI LLC merges, sells assets, or undergoes acquisition your information may transfer as part of that transaction. You will receive advance notice of any material changes and the opportunity to delete your account and data before any transfer occurs.

 

In any business transfer scenario our founding data commitments — no data sales, no advertising use, HIPAA-standard security — must be maintained by any successor entity. This is a condition of any transfer.

 

5. MENTAL HEALTH DATA AND HIPAA STANDARDS

Dear Cocoa treats your mental health and emotional wellness data with the highest standard of care. We maintain HIPAA-aligned security practices for all mental health related data including journal entries, emotional check-ins, Cocoa conversation logs, and Mood Board data.

 

This means:

  • End-to-end encryption for all journal entries and Cocoa conversations

  • End-to-end encryption for all Circle community communications

  • At-rest encryption for all stored user data

  • TLS encryption for all data in transit

  • Strict internal access controls — only authorized team members can access user data for specific operational purposes

  • Regular security audits

  • No third-party advertising SDKs embedded in the application

 

While Cocoa is not a licensed clinical provider and this policy does not create a covered entity relationship under HIPAA, we voluntarily apply HIPAA-standard security practices because your mental health data deserves clinical-grade protection regardless of what the law requires of us.

 

6. AI DESIGN AND ENVIRONMENTAL RESPONSIBILITY

Dear Cocoa is built on a human-first AI philosophy. This affects both how Cocoa behaves and how we handle your data.

 

The Cocoa Threshold

After extended use in a single session Cocoa will gently invite you toward The Circle — our community space — where human connection is available. She will also acknowledge that every AI interaction uses water through data center cooling systems. This transparency is intentional. You have the right to know the environmental cost of the technology you use and to choose how much you engage.

 

Water and Environmental Impact

Dear Cocoa’s architecture is designed to minimize water consumption compared to standard generative AI applications. We select infrastructure and hosting partners based in part on their water conservation practices including closed-loop cooling systems and recycled water sourcing. We acknowledge AI’s water footprint publicly because the communities we serve are disproportionately impacted by environmental inequality.

 

7. YOUR PRIVACY RIGHTS

Depending on your location you may have the following rights regarding your information.

 

  • Access — request a copy of the information we hold about you

  • Correction — request corrections to inaccurate or incomplete information

  • Deletion — request deletion of your account and all associated data

  • Portability — request your data in a portable format

  • Restriction — request that we limit certain types of processing

  • Opt-out of marketing — unsubscribe from marketing communications at any time

  • Withdraw consent — withdraw consent for research data sharing at any time

 

To exercise any of these rights contact us at privacy@dearcocoa.com. We will respond within 30 to 45 days.

 

You may delete your account and all associated data at any time through the app settings. Deletion is permanent and irreversible.

 

8. DATA RETENTION

We retain your information only as long as needed for your active account, compliance with applicable laws, and internal operations. When you delete your account we permanently delete all associated personal data within 30 days unless retention is required by law.

 

Anonymized aggregated data used for research may be retained longer as it cannot be used to identify individual users.

 

9. CHILDREN’S PRIVACY

Dear Cocoa is not intended for children under 13. We do not knowingly collect personal information from minors. If we learn that data was collected from a child under 13 we will delete it promptly. If you believe we may have collected information from a minor please contact privacy@dearcocoa.com immediately.

 

10. SECURITY

We use industry-standard and HIPAA-aligned safeguards to protect your information including:

  • End-to-end encryption for journal entries and community communications

  • At-rest encryption for all stored data

  • TLS for all data in transit

  • Strict internal access controls

  • Regular security audits and monitoring

  • No advertising SDKs or third-party tracking tools in the app

 

In the event of a security incident that affects your personal data we will notify you promptly and take immediate corrective action. We will never allow a data breach to go unaddressed or unreported to affected users.

 

No system is 100% secure. If you have concerns about your account security please contact privacy@dearcocoa.com immediately.

 

11. INTERNATIONAL USERS

If you access the Services from outside the United States your data may be processed in the U.S. By using the Services you consent to this processing. We are working toward compliance with international data protection standards including GDPR as Dear Cocoa expands globally.

 

12. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. If changes are significant we will notify you via in-app message, website notice, and email if applicable. We will never make material changes to this policy without advance notice.

 

Our founding data commitments — no data sales, no advertising use, and HIPAA-standard security — are permanent and cannot be changed by a policy update. They are embedded in the operating structure of DearCocoa AI LLC.

 

13. CONTACT US

For questions, requests, or concerns regarding this Privacy Policy:

 

Email: privacy@dearcocoa.com

General: info@dearcocoa.com

 

DearCocoa AI LLC

Atlanta, Georgia

dearcocoa.com

 

 

DearCocoa AI LLC  —  Privacy Policy v2.0  —  March 22, 2026

bottom of page