Legal
MPF App Oy
Rälssitilankuja 4 O 680, 02200 Espoo, Finland
info@moodiempf.com
MoodieFlow is a workplace well-being application operated by MPF App Oy, a company registered in Finland. MoodieFlow enables employees to track their mood and chat privately with an AI companion, and provides HR leaders with anonymous, aggregated team well-being data.
MPF App Oy is the data controller responsible for your personal data. If you have any questions about this policy or wish to exercise your rights, contact us at info@moodiempf.com.
This policy explains what personal data MoodieFlow collects, why we collect it, how long we keep it, who we share it with, and what rights you have under the EU General Data Protection Regulation (GDPR).
When you register, we collect your email address, password (stored as a one-way cryptographic hash — we cannot read it), your role (employee or HR leader), and the timestamp of your consent. We also record which company account you belong to.
When you log a mood, we store the emoji and label you selected, and the timestamp. This data is encrypted at rest with a key unique to your account.
When you chat with Moodie, we store the messages you send and the AI responses you receive. All messages are encrypted at rest with a key unique to your account. Your messages are transmitted to Anthropic's Claude AI to generate responses — see Section 6.
After each conversation, Moodie maintains a short encrypted summary of recurring themes and personal context from your past conversations. These notes are never visible to your HR leader or employer. You can delete them at any time by telling Moodie "forget everything about me" — in any language.
If you choose to save a chat session to your journal, we store a reference to that session and your mood at the time. Journal entries are encrypted at rest and private to you.
If you submit feedback through the app, we store the text of your feedback linked only to your company — never to your personal account or identity.
We collect minimal server-side logs for security and abuse prevention purposes. We do not use third-party analytics SDKs, advertising technology, or tracking pixels in the app.
Mood data and the content of your conversations may reveal information about your mental health or emotional state. Under GDPR Article 9, this is classified as special category data and carries the highest level of protection.
We process this data only on the basis of your explicit consent (Article 9(2)(a) GDPR), given at the time of registration. You may withdraw this consent at any time by deleting your account. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
Your HR leader cannot see:
Your HR leader can see:
We share data with the following third-party service providers. All are bound by data processing agreements and are required to protect your data in accordance with GDPR.
| Sub-processor | Purpose | Location | Safeguard |
|---|---|---|---|
| Anthropic PBCanthropic.com | AI processing — your chat messages are sent to Claude AI to generate responses | United States | Standard Contractual Clauses (SCCs) — Art. 46 GDPR |
| Railway Inc.railway.app | Application hosting and PostgreSQL database storage | EU — Amsterdam, Netherlands | Data stored within the EU/EEA |
| Resend Inc.resend.com | Transactional email delivery (e.g. account notifications) | United States | Standard Contractual Clauses (SCCs) — Art. 46 GDPR |
⚠️ Note on third-country transfers: Anthropic PBC and Resend Inc. are based in the United States. Transfers to these processors are protected by Standard Contractual Clauses (SCCs) as approved by the European Commission under GDPR Article 46. By consenting to this policy, you explicitly consent to these transfers for the purposes described.
We do not sell your data. We do not share your data with your employer beyond the anonymous aggregates described in Section 5.
| Data type | Retention period |
|---|---|
| Account data (email, role) | Until you delete your account |
| Mood logs | 12 months from date logged |
| Chat sessions and messages | 12 months from date of session |
| Journal entries | 12 months from date saved |
| AI memory notes | Until deleted by you or account deletion |
| Anonymous feedback | 12 months from date submitted |
| Technical / security logs | 30 days |
When the retention period expires, data is deleted automatically. You may also request deletion at any time — see Section 8.
Under GDPR, you have the following rights. Contact us at info@moodiempf.com to exercise any of them. We will respond within 30 days.
Request a copy of all personal data we hold about you.
Export all your data in machine-readable JSON format directly from Account → Export my data.
Permanently delete your account and all data from Account → Delete account. Immediate and irreversible.
Withdraw consent at any time by deleting your account. Does not affect prior processing.
Ask us to correct inaccurate personal data we hold about you.
Ask us to restrict processing of your data in certain circumstances.
All sensitive data (mood labels, chat messages, journal entries, AI memory notes) is encrypted at rest using AES-256-GCM with keys unique to each user account. Keys are never stored — they are derived on demand from a server-side secret. Data is transmitted over HTTPS (TLS 1.2+) at all times.
Access to the platform is protected by JWT authentication, bcrypt-hashed passwords (cost factor 12), and mandatory multi-factor authentication (TOTP) for administrative access.
The MoodieFlow mobile app does not use cookies. The app does not contain advertising SDKs, cross-app tracking, or third-party analytics. The only network requests made by the app are to our own API server and to Anthropic (for AI responses).
This website (moodiempf.com) uses no analytics or tracking cookies. The waitlist form submits your email directly to our email address. No third-party scripts load on this page except Google Fonts.
MoodieFlow is intended for use in a workplace context and is not directed at individuals under the age of 16. We do not knowingly collect data from minors. If you believe a minor has submitted data, contact us at info@moodiempf.com and we will delete it promptly.
If we make material changes to this policy, we will notify you in the app and update the "Last updated" date at the top of this page. Continued use of MoodieFlow after a material change constitutes acceptance of the updated policy.
If you believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the Finnish data protection supervisory authority:
Office of the Data Protection Ombudsman
Tietosuojavaltuutetun toimisto
PO Box 800, FI-00531 Helsinki, Finland
tietosuoja@om.fi ·
tietosuoja.fi