Jenora
Sign InGet Early Access

Legal

Data Consent

Effective date: May 1, 2026  ·  Version 1.0

This document explains exactly what data you are consenting to share when you use Jenora. We are required by the Thailand Personal Data Protection Act (PDPA) to obtain your explicit consent before collecting sensitive personal data — which includes mental health and health-related information. We take that obligation seriously.

This Data Consent document is issued by Neyda Technologies INC. (“we,” “our,” or “us”), the company that operates Jenora. It describes the specific categories of personal data for which we request your consent, the purposes for which that data is processed, and your rights to withdraw consent at any time.

For full details of how your data is handled, please read our Privacy Policy. For details of how AI uses your data, please read our AI Disclosure.

1. Why We Need Your Consent

Under the Thailand Personal Data Protection Act B.E. 2562 (PDPA), Section 26, sensitive personal data — including mental health information, mood data, recovery status, and health metrics — may only be collected and processed with your explicit, informed consent.

Because Jenora is a mental health and wellness application, virtually all of the data you create within the app falls into the sensitive personal data category. This means we must clearly explain what we are collecting, why, and give you a genuine choice before we collect it.

Your consent is freely given. You may refuse any optional category of consent without losing access to the core features of the Services. Refusing required consent categories means we are unable to provide the Services, as the app cannot function without storing your progress and content.

2. What You Are Consenting To

When you create a Jenora account and accept this Data Consent, you are providing explicit consent for the following specific categories of data processing:

Core App Data

Storage and processing of your mental health and wellness content

Required

We store the content you create in Jenora — including journal entries, mood logs, check-ins, zone plans, worksheet responses, and roadmap progress. This content constitutes sensitive personal data under the PDPA and is used exclusively to provide and personalise the Services for you.

Why we need it: Without storing your entries, the app cannot build your personalised roadmap, track your progress, or surface patterns over time.

AI Processing

Use of your personal context to generate AI-powered content

Optional

When you use AI-powered features (companion chat, journal summaries, pattern detection, structured helpers), a contextual summary of your data — including mood, risk level, values, recovery status, and relevant journal content — is sent to our AI processing service via Jenora’s own secure backend server. Your account identity is stripped from the payload before it leaves our server. See our AI Disclosure for full details of the data fields included and the privacy safeguards applied.

Why we need it: AI personalisation requires your context to generate relevant, tailored responses rather than generic content.

What is affected if disabled: AI Processing is optional. However, Jenora’s intelligent features — including companion chat, smart journal summaries, structured helpers, tone-matched paraphrasing, and AI-assisted pattern explanations — depend on AI Processing being enabled. If you disable AI Processing, Jenora’s core structured tools remain fully available, including roadmaps, check-ins, journal tools, zone planning, worksheets, and progress tracking. Smart features powered by AI will not be available.

Health Metrics

Integration with your device's health data

Optional

If you enable health data integration, Jenora may access sleep quality, step count, active minutes, and HRV score from your device’s health platform (Apple Health or equivalent). This data is used to enrich AI-generated insights and is included in the context sent to our AI service when health integration is active.

Why we need it: Health metrics help the AI surface correlations between physical wellbeing and mood patterns, making insights more relevant.

Therapist Data Sharing

Sharing selected data categories with a connected therapist

Optional

If you choose to connect your account to a licensed therapist via the Jenora Therapist Portal, you will be asked to specify which categories of data (check-ins, mood logs, zone scores, roadmap progress) are visible to them. This is a separate, granular consent collected at the time of connection — it is not covered by this document. You may revoke therapist access at any time from within the app.

Why we need it: Therapists need visibility into your progress to provide informed clinical support alongside your use of Jenora.

Analytics and Improvement

Pseudonymous usage data to improve the Services

Optional

We collect pseudonymous usage data — features used, interaction patterns, and app performance metrics — to understand how the Services are being used and to improve them. Analytics events use temporary, non-personal installation tokens and are never linked to your account identity, mental health content, or sensitive health metrics. This data is not shared with third parties for advertising.

Why we need it: Understanding how the app is used helps us identify bugs, improve features, and prioritise development.

3. Legal Basis for Each Category

  • Core App Data: Explicit consent (PDPA Section 26) for sensitive personal data, and performance of contract (PDPA Section 24(3)) for account and service data.
  • AI Processing: Explicit consent (PDPA Section 26), as this involves processing sensitive personal data by a third-party AI service.
  • Health Metrics: Explicit consent (PDPA Section 26), as health metrics are sensitive personal data.
  • Therapist Data Sharing: Explicit consent collected separately at the time of therapist connection.
  • Analytics: Legitimate interest (PDPA Section 24(5)), as data is anonymised and used solely to improve the Services.

4. How Your Consent Is Recorded

When you accept this Data Consent during onboarding, we record:

  • The version of this consent document you accepted (Version 1.0)
  • The date and time of your acceptance
  • The specific consent categories you accepted or declined
  • Your device type and app version at the time of acceptance

This record is stored securely and is used to demonstrate compliance with the PDPA. If this document is materially updated, you will be asked to re-consent to the updated version before continuing to use affected features.

5. Your Right to Withdraw Consent

You may withdraw any consent category at any time — your right to withdraw is unconditional and will not affect the lawfulness of processing that occurred before the withdrawal.

To manage your consents in the app:

  • Go to Settings → Privacy & Data to view and update your consent selections
  • Toggle off any optional consent category to stop that type of processing immediately
  • Disabling AI Processing will turn off all cloud AI features. The core app experience will continue to work.
  • Disabling Health Metrics will stop Jenora from accessing your device health data. Previously accessed metrics will be removed from your profile.

To withdraw Core App Data consent (account deletion):

Withdrawing consent for Core App Data means we can no longer provide the Services. You may delete your account from Settings → Account → Delete Account, or by contacting us at privacy@jenora.com. Your personal data will be deleted within 30 days.

6. Data Sharing and Third Parties

Data covered by this consent is shared only as follows:

  • Authorised Neyda Technologies personnel — A limited number of administrative personnel may access stored account and app data when necessary for support, troubleshooting, security, fraud prevention, or legal compliance. Such access is role-based, logged, and subject to confidentiality obligations.
  • Google Firebase — Stores all app data (Firestore database). Firebase is SOC 2 Type II and ISO 27001 certified. Your data is processed under a Data Processing Agreement.
  • OpenAI — Receives a contextual data summary when AI features are used (only with AI Processing consent active). OpenAI does not use API-submitted data for model training under our agreement.
  • Your connected therapist — Only with separate, granular therapist-sharing consent collected at connection time.

We do not sell, rent, or trade your personal data to any other parties.

7. Data Retention

Data collected under this consent is retained for as long as your account is active. Upon account deletion, personal data is deleted or anonymised within 30 days, subject to any legal retention obligations. Anonymised analytics data may be retained indefinitely as it cannot be linked back to you.

8. Children and Minors

Jenora is intended strictly for individuals who are at least 20 years old if residing in Thailand, or at least 18 years old in all other jurisdictions. We do not knowingly collect personal data from minors and do not currently provide a parental or guardian consent workflow. By accepting this consent, you confirm that you meet the applicable age requirement. If you believe a minor has created an account, please contact us at privacy@jenora.com and we will take appropriate steps to delete the account and associated personal data.

9. Updates to This Consent

If we make material changes to the data we collect or the purposes for which we process it, we will issue a new version of this consent document and ask you to accept it before the changes take effect. The version number and effective date at the top of this page identify the current version.

Previous consent versions are archived and available upon request at privacy@jenora.com.

10. Contact Us

If you have questions about your consents, wish to exercise your data rights, or would like a copy of your consent record, please contact us:

Neyda Technologies INC.
Operating as Jenora
Email: privacy@jenora.com

Questions about your data? Contact us

← Back to home