FEATURED IN:
Venture Capital Post - Mental Health Matters: How CoraVC Postfrom Thrive360AI Is Helping Therapists.
Cora Logo

Privacy Policy

At Thrive360ai, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and safeguard your data.

Privacy at Thrive360ai

Safety by design

Thrive360AI LLC. Privacy Policy

Effective as of 7th of March 2025

Policy Contents

Thrive360AI LLC. Privacy Policy

1. Introduction

Welcome to Cora AI. Your privacy is important to us, and we are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our mobile application and services.

Cora is designed to provide supportive conversations and general information about mental health. It is not a substitute for professional medical advice, diagnosis, or treatment. Always seek the advice of a qualified healthcare provider with any questions you may have regarding a medical condition or mental health concerns.

If you are experiencing a mental health crisis, please contact a qualified healthcare professional or emergency services immediately. Cora does not provide crisis intervention or emergency services.

Whenever you interact with our AI chatbot, you are clearly notified that you are engaging with an artificial intelligence system, not a human clinician.

2. Information We Collect

We collect the following types of information:

  • Personal Information: Name, email address, phone number, and other details you provide when registering or using our services.
  • Usage Data: Information about how you interact with the app, including chat interactions, session duration, and preferences.
  • Device and Technical Data: IP address, device type, operating system, and other technical identifiers.

We do not use user data, either anonymized or pseudonymized, to re-train our AI models.

3. How We Use Your Information

We use your information to:

  • Provide and improve our AI companion services.
  • Personalize your experience and enhance engagement.
  • Ensure security, detect fraud, and comply with legal obligations.
  • Conduct research and analytics to enhance our platform.

4. Sharing Your Information

We do not sell your personal data. However, we may share information with:

  • Service Providers: Third parties that help us operate and improve our app.
  • Legal Compliance: Authorities when required by law or to protect our rights.
  • Business Transfers: In case of mergers, acquisitions, or business restructuring.

5. Data Security

We implement appropriate security measures to protect your data. However, no online platform is completely secure, and we encourage you to take precautions when using our app.

  • Data processed by the AI component is stored in secure cloud servers (AWS/Azure) located in the United States.
  • All data, including that processed by AI, is protected using AES-256 encryption at rest and TLS in transit. We comply with NIST and OWASP secure storage standards.
  • Our security program includes regular penetration testing and vulnerability assessments.
  • We maintain SOC 2 Type II and ISO 27001 certifications; summary audit reports are available on request.
  • We strictly adhere to HIPAA and all applicable federal and state laws regarding privacy, data protection, and AI in healthcare in every jurisdiction where Cora operates.

If you submit a request to delete your information, we strive to take steps to delete that information within 72 hours of your request, unless we are required or permitted to retain such information under applicable law or for safety purposes, such as to prevent harm to yourself or others.

By using Cora, you acknowledge that it is not a substitute for professional care and agree to seek appropriate help in emergencies.

6. AI Capabilities, Risks, and Limitations

Our AI component provides supportive conversations and informational resources only. It cannot diagnose, treat, or respond to emergencies and should not be used as a substitute for professional clinical intervention. Limitations and risks—such as potential misunderstanding and the scope of advice—are disclosed to users at onboarding and within the app. We encourage all users to seek human support when clinically necessary.

We have conducted comprehensive risk assessments and robustness testing for our AI features, including evaluation of performance in suboptimal conditions and potential misuse scenarios. Mitigation and regular validation processes are in place to manage identified risks.

The AI component includes technical and procedural filters and restrictions designed to prevent generation of harmful or inappropriate content.

We routinely assess data handling and model performance across diverse demographic, environmental, and technical groups to proactively identify and minimize risk of bias.

Cora's AI models are monitored for drift over time to maintain accuracy, fairness, and safety.

Further details regarding AI training, evaluation, technical specifications, limitations, and responsible parties are available in our published Model Card, which is available upon request.

7. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • Access, correct, or delete your personal information.
  • Opt out of marketing communications.
  • Restrict or object to certain data processing activities.

8. Children's Privacy

Our app is intended for users aged 12 years. We do not knowingly collect data from children under this age without parental consent.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted within the app, and continued use of our services indicates your acceptance of the updated policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Cora AI

Support@thrive360ai.com

Effective as of 10th October 2025