Last Updated on August, 2025
Moovd B.V. (“Moovd,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and safeguard personal data when you use WeMind EMDR, PracticeEMDR, and our websites, apps, or related services (“Services”). By using our Services, you confirm that you have read and agree to this Privacy Policy and our Terms of Service.
1. Data We Collect
Moovd collects only the minimum data necessary to deliver and improve our products. We intentionally avoid collecting any sensitive therapy or client information.
1.1 Therapist Account Information
When you create or use an account, we collect:
First and last name
Email address
Password
Organizational or professional details (optional)
Billing information (processed by external providers)
1.2 Non-Identifying Client Reference (Optional)
To help therapists manage sessions:
Users may optionally enter a client’s first name or initials
We strongly recommend using first name or initials only, never a last name
Moovd does not require or encourage entering full client names
If a therapist enters identifying client information, this becomes the therapist’s responsibility. Moovd does not process or link this information to any client data or health records.
1.3 Session Metadata (Non-Sensitive)
We store limited, non-identifying session information:
Session date
Session duration
SUD score change (numeric only)
Task settings and usage
Device/browser information
1.4 Technical Data
Standard technical information is collected for performance and security:
IP address
Browser and device type
Operating system
Timezone and language
Log activity
Approximate location (city/region, never precise GPS)
1.5 Communication Data
If you contact us voluntarily, we process:
Support messages
Emails
Feedback or survey responses
2. What We Do NOT Collect
Moovd is designed with strict privacy principles.
We do not collect or store:
Therapy notes
Client trauma details
Diagnoses or health information
AI-generated transcripts
Chat/voice/video content
Photos or videos used in exposure
Clinical documentation
Full client names or any client identifiers
Any patient health information (PHI)
All session-related data is non-identifiable, and no data from clients is stored.
3. Purpose and Legal Basis for Processing
We collect data only for essential and lawful purposes.
3.1 Service Delivery
Account functionality
EMDR session tools
AI-assisted features
Video call and messaging capabilities (where applicable)
3.2 Service Improvement
Troubleshooting
Analytics
Enhancing user experience
Feature development
3.3 Communication
Account notifications
Updates to the Service
Onboarding information
Customer support
3.4 Billing
Subscription processing
Fraud prevention
3.5 Legal Obligations
Tax and accounting requirements
Regulatory compliance
Legal bases include contract necessity, legitimate interest, consent, and legal obligation.
4. Third-Party Services and Processors
We use carefully selected third-party service providers who comply with GDPR, CCPA, and industry best practices.
Infrastructure & Hosting
Amazon Web Services (AWS) – secure hosting and cloud services (EU & US regions)
Google Cloud / Google Services – infrastructure, authentication, internal tools (EU & US)
Analytics & Product Insights
Google Analytics
Mixpanel
Analytics is used strictly to understand app usage patterns and to improve the Service. We do not use advertising cookies.
Customer Experience and Sharing
Dub.co – Referrals
Rewardful – affiliate and referral tracking
Billing (if applicable)
Stripe (or other payment processors added later)
ChartMogul
Each third-party service operates under a Data Processing Agreement (DPA), including Standard Contractual Clauses (SCCs) where relevant.
We do not sell or rent personal data.
We only share data with providers essential to delivering our Services.
5. Cookies and Tracking Technologies
We use limited cookies to:
Authenticate users
Maintain secure sessions
Improve service performance
Conduct basic analytics
Where required, cookie consent is requested.
We do not use advertising or profiling cookies.
6. Data Residency & International Transfers
Users
Data fo users is primarily processed and stored in the EU (AWS Europe region).
US & International Users
7. Data Security
Moovd employs security measures to protect your data, including:
Encryption in transit and at rest
Secure cloud infrastructure
Access control and authentication
Monitoring and logging
Regular security evaluations
While no system is perfectly secure, we continually improve our security practices.
8. Data Retention
We retain:
Therapist account data as long as the account is active
Billing data as required by law
Session metadata only as long as needed for app functionality
Upon request, all account data can be fully deleted. Therapists may also request deletion of mistakenly entered client names.
9. Your Rights
Depending on your jurisdiction, you may have rights to:
Access your data
Correct inaccurate information
Delete your data
Withdraw consent
Object to processing
Request data portability
Contact: info@moovd.nl
We will respond within 30 days.
10. Children’s Privacy
Our Services are for professionals aged 18 or older. We do not knowingly collect any data from minors or therapy clients.
If you believe data about a minor was entered, contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy to reflect changes in regulations or our Services.
When updated, we will:
Modify the “Last Updated” date
Notify users when material changes occur