Effective Date: 1 December 2025

At Sibyl, we are committed to protecting your privacy and handling your personal data responsibly and transparently, in accordance with the General Data Protection Regulation (GDPR).

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the Sibyl mobile application (the “App”).

1. Who We Are

The Sibyl App is operated by Percipience B.V., a company registered in the Netherlands.

Under GDPR, Percipience B.V. is the data controller responsible for your personal data.

Contact details: support@sibyl.care

2. What Data We Collect

We may collect the following categories of data:

Personal Information

• Email address

• Account and communication preferences

• Information you provide when contacting support

Health-Related and Sensitive Data (Optional)

• Information you choose to share about your pregnancy loss experience

• Emotional or psychological experiences (e.g., grief, anxiety, mood)

• Physical symptoms you describe as part of journaling or reflections

(See Section 13 for more detail.)

App Usage and Technical Data

• Device type and operating system

• App interactions, session duration, and feature usage

• Anonymized or pseudonymized analytics data

We do not collect precise location data.

3. How We Use Your Data (Legal Basis)

We process personal data only when there is a lawful basis to do so, including:

Consent

• For processing sensitive health-related data you voluntarily provide

• For AI-powered emotional support, journaling, and personalization features

You may withdraw consent at any time by deleting your account or contacting us.

Legitimate Interest

• To operate, secure, and improve the App

• To monitor performance and fix bugs

• To analyze anonymized usage patterns
  You may object to this processing at any time.

Legal Obligation

• Where we are required to retain data by applicable law or regulatory authorities

4. Use of Artificial Intelligence

Sibyl is powered by artificial intelligence (AI) and uses it to provide emotional support, reflective prompts, and personalized content.

When you use AI-powered features:

• You are interacting with an AI system, not a human

• AI responses are supportive and informational only and are not professional medical or psychological advice

• The AI does not have access to your full medical history

AI Infrastructure and Providers

Sibyl delivers AI responses through OpenRouter, an AI infrastructure and routing provider that enables access to multiple third-party large language models (LLMs).

Depending on availability and performance, this may include models operated by providers such as:

• Google (e.g., Gemini Flash)

• Other third-party model providers supported by OpenRouter

Data Handling

• Your inputs may be processed by one or more third-party AI model providers solely to generate responses

• Sibyl will not use your conversations to train its own AI models without your explicit consent

• We do not knowingly provide your data for the purpose of training third-party AI models

Third-party AI providers may temporarily retain data for purposes such as system operation, safety, or abuse prevention, in accordance with their own policies.

We include in-app notices reminding users of the limitations of AI-generated content.

5. Data Security and Storage

We take appropriate technical and organizational measures to protect your data.

• Data is encrypted in transit using industry-standard protocols (HTTPS/TLS)

• Core application data is stored securely on EU-based servers

• Access is restricted to authorized personnel only

Certain data may be temporarily processed by third-party service providers (such as AI model providers) as described in this policy.

6. International Data Transfers

Sibyl is based in the European Union, and our primary systems are hosted on EU-based servers.

However, when you use AI-powered features, your data may be processed by third-party service providers located outside the European Economic Area (EEA), including in the United States.

Where international transfers occur, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission, and/or

• Other lawful transfer mechanisms recognized under GDPR

We take reasonable steps to ensure an equivalent level of data protection.

7. Your Rights Under GDPR

You have the right to:

• Access your personal data

• Correct inaccurate or incomplete data

• Request deletion of your data (“right to be forgotten”)

• Restrict processing

• Receive your data in a portable format

• Object to processing based on legitimate interests

• Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

To exercise your rights, contact: support@sibyl.care

8. Data Retention and Deletion

We retain personal data only for as long as necessary to provide the App or comply with legal obligations.

• Support communications: generally retained for up to 12 months

• Security and system logs: retained for up to 12 months

• Account data: retained until deletion is requested

You may delete your account at any time via the App or by contacting support@sibyl.care. Data will be deleted within 30 days, unless retention is legally required.

9. Children’s Data

Sibyl is intended for use by adults aged 18 and over.

We do not knowingly collect personal data from children.

10. Research and Insights

We may use aggregated and de-identified data (which cannot be linked back to you) for:

• Research

• Statistical analysis

• Improving our services

Aggregated data is not considered personal data under GDPR.

11. Changes to This Policy

We may update this Privacy Policy from time to time.

If changes are material, we will notify you through the App or by email.

12. Contact

Percipience B.V.
Bergweg 265a
3037EM Rotterdam
The Netherlands

support@sibyl.care

13. Health Information We Collect

Sibyl may process sensitive health-related data that you voluntarily choose to share, including:

• Emotional and psychological experiences related to pregnancy loss

• Physical symptoms you describe (e.g., pain, bleeding, recovery experiences)

• Other reproductive health information shared through onboarding, journaling, or AI-guided reflections

This data is classified as special category data under GDPR and is processed only with your explicit consent.

We do not:

• Use this data for advertising

• Sell your data

• Share health data for marketing purposes

Health-related data is:

• Encrypted in transit

• Stored securely on EU-based servers

• Processed only to deliver emotional support and personalization features

• Subject to limited processing by third-party AI service providers where required to generate AI responses, with appropriate safeguards in place

You may withdraw consent at any time by deleting your account or contacting support@sibyl.care. Once deleted, your health data will be permanently removed from our systems within 30 days, unless retention is legally required.

Thank you.