PRIVACY AND PERSONAL DATA PROTECTION POLICY OF PSICOTEDDY
Last updated: December 26, 2025
Name: PsicoTeddy
Email: support@psicoteddy.online
Website: www.psicoteddy.online
Privacy Officer: support@psicoteddy.online
1. INTRODUCTION
What is this policy about?
This document explains how PsicoTeddy collects, uses, stores and protects your personal data to achieve the purposes described herein, in compliance with:
General Data Protection Regulation (GDPR - EU)
Law 29733 (Peru)
Law 34/2002 LSSI-CE (Spain)
International privacy standards
Apple App Store and Google Play policies
What is personal data?
Personal data is any information that can be used to identify you, either directly or indirectly. This includes:
Identification data: name, surname, email
Technical data: IP address, device type, operating system
User activity: usage patterns, interactions, searches
Sensitive data: emotional content, responses to assessments, mental health indicators
2. CONTACT INFORMATION
Name: PsicoTeddy
Address (legal headquarters): Republic of Peru
Email: support@psicoteddy.online
Website: www.psicoteddy.online
Privacy Officer: support@psicoteddy.online
3. TYPES OF DATA COLLECTED
Among the types of personal data collected by PsicoTeddy, either directly or through third parties, are:
Identification Data:
First and last name
Email address
Alias or username
Phone (if provided)
Technical Data:
IP address
Browser type and operating system
Device identifier
Country/region of connection
Access time and date
Sensitive Data (Enhanced Protection):
Text content of interactions
Responses to emotional self-assessments
Emotional or mental state indicators
Inferred emotional patterns
Message content if provided
4. DATA PROCESSING MODALITY AND LOCATION
Processing Methods:
PsicoTeddy adopts appropriate technical and organizational security measures to prevent unauthorized access, improper disclosure, alteration or unauthorized destruction.
Processing Location:
Data is processed on servers located in the Republic of Peru, European Union (to comply with GDPR) and internationally certified data centers.
5. DETAILED INFORMATION ON DATA PROCESSING
General Purposes:
Your personal data is collected for PsicoTeddy service provision, guidance analysis of emotional state (not diagnosis), improvement and optimization of the platform, detection and prevention of serious risks, and compliance with legal obligations.
Automated System for Detection of Serious Emotional Risk
To protect the user's vital interests, PsicoTeddy implements automated systems that analyze interaction content to detect potential signs of serious risk.
Personal data processed: text content of interactions, emotional patterns, assessment responses
Legal basis: Protection of vital interests (Article 6.1.d GDPR)
Purpose: Preventive detection of imminent risk
When potential risk is detected, the platform provides emergency numbers and helplines corresponding to the user's country.
6. LEGAL BASIS FOR PROCESSING
PsicoTeddy processes personal data according to the following legal bases:
Consent: When you have given explicit consent for specific treatments
Legal Obligation Compliance: Compliance with legal requirements of the operating country
Contract Execution: Service provision according to Terms and Conditions
Legitimate Interests: Platform improvement and security
Protection of Vital Interests: Detection and referral in case of serious imminent harm risk
7. SPECIFIC PROCESSING PURPOSES
Service Provision: Create and maintain your account, provide access to functionalities
Platform Improvement: Usage and pattern analysis, interface optimization
Security and Prevention: Fraud or abuse detection, security risk analysis
Communication: Response to user inquiries, notifications about changes
Legal Compliance: Internal audits, response to authority requests
8. VITAL SAFETY AND EMERGENCY REFERRAL
Protection of Vital Interests:
To protect the user's physical and mental integrity, PsicoTeddy is authorized to process information, including sensitive data, to detect serious risk situations.
Activation Circumstances:
Signs of suicidal ideation
Risk of serious self-harm
Acute psychiatric crisis
Imminent violence against third parties
Other vital risks
Responsibilities and Limitations:
PsicoTeddy does not automatically contact emergency services
The user is responsible for contacting services
The platform does not provide rescue or intervention services
It is not guaranteed that all risks will be detected
9. RETENTION PERIOD
General Rule:
Unless otherwise indicated, personal data is processed and retained for the time necessary for the purposes for which it was collected.
Specific Periods:
Identification Data: While the account is active, 30 days after deletion request
Sensitive (Emotional) Data: While the account is active, deleted when closing account
Right to be Forgotten: Once the retention period ends, your data is deleted or anonymized
10. DATA SHARING
General Policy:
PsicoTeddy does NOT sell personal data to third parties for commercial purposes.
Permitted Sharing:
With Authorized Processors: Cloud hosting providers, security services
Regulatory Compliance: Judicial authorities (with legal order), data protection authorities
Emergency Services: When vital risk is detected, limited information may be provided
11. YOUR RIGHTS UNDER GDPR
According to the General Data Protection Regulation (GDPR), you have the following rights:
Right to Withdraw Consent: You can withdraw consent at any time
Right to Object: You can object to the processing of your data
Right of Access: You can request access to your data and obtain a copy
Right to Rectification: You can request correction of inaccurate data
Right to Restriction: You can request restriction of processing
Right to Erasure (Right to be Forgotten): You can request deletion of your data
Right to Data Portability: Receive data in a structured, commonly used and machine-readable format
Right to Lodge a Complaint: With the data protection authority of your country
How to Exercise Your Rights:
You can communicate any request to: 📧 support@psicoteddy.online
12. ADDITIONAL INFORMATION BY JURISDICTION
European Union Residents (GDPR): You have all the rights described above
California, USA Residents (CCPA/CPRA): Right to know, access, deletion, opt-out
Peru Residents (Law 29733): Right to information, access, rectification, updating or cancellation
Switzerland Residents: Right of access, rectification, opposition, portability
13. PRIVACY CONTACT
For privacy issues, data protection or to exercise your rights:
📧 support@psicoteddy.online
🌐 www.psicoteddy.online
Response Time:
Acknowledgment: within 5 business days
Complete response: within 30 days (extendable to 60)