Privacy Policy
Your EPI Score™ is yours. Full stop.
Last updated: June 1, 2026
Your individual EPI Score™ and listening data are private. They are not shared with an employer, coach, organization, or third party without your consent. This is a design principle built into the architecture of CHRP — not a policy setting that can be changed by an administrator.
1. What we collect
Account and contact data. When you create an account, we collect your email address and the information you provide during sign-up.
Music listening data. CHRP reads your listening history and patterns through Apple Music or Spotify via official OAuth APIs. This is read-only — we do not modify your library or playlists without your explicit action. We do not read your contacts, messages, or location.
EPI Score™ and app interaction data. We store your computed EPI Score™ and its five dimensions on a rolling basis to generate weekly updates. We also collect information about how you interact with the app — features used, mindset goals chosen.
Analytics. We may use mobile analytics tools and site analytics to understand app performance and usage patterns. These process data in aggregate and are governed by their own privacy policies.
2. How we use your data
We use your data to generate and update your EPI Score™, build curated playlist recommendations, operate and improve the Service, send account-related communications, prevent fraud, and comply with applicable law. We do not sell your data.
3. Service providers
We work with a limited set of service providers for cloud hosting, payment processing, and analytics. These providers are contractually bound to use your data only to provide their services to us. We do not sell or rent your personal data to third parties for marketing.
4. Your EPI Score™ is private — always
Your individual EPI Score™, its five dimensions, and your listening behavior belong to you. They are never shared with any employer, coach, athletic program, organization, or third party — regardless of how you access CHRP.
When CHRP is deployed in an organizational context, the organization sees only anonymous aggregate trends across their group — never individual scores, listening data, or user identity.
5. Music platform integrations
CHRP connects to Apple Music and Spotify via their official OAuth APIs. These integrations are read-only. We never store your Apple ID credentials, Spotify login, or payment information for those platforms. You can revoke CHRP's access at any time through your Apple or Spotify account settings.
6. Data retention and deletion
We retain your listening data on a rolling basis to compute your EPI Score™ and generate weekly updates. You can request deletion of your account and all associated data at any time by contacting us at hello@chrp.ai. We will process deletion requests within 30 days.
7. Your rights and choices
Depending on where you are located, you may have rights to access, correct, delete, or export your personal data. To exercise any of these rights, contact us at hello@chrp.ai.
8. Children's privacy
CHRP is not directed to children under 13. We do not knowingly collect personal information from children under 13. Contact us at hello@chrp.ai if you believe your child has provided us data.
9. Data security
All data transmitted between your device and CHRP servers is encrypted using TLS. EPI Score™ data and listening behavior stored on our servers is encrypted at rest. Access to user data is restricted to authorized personnel for service operation only.
10. Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the app or website.
11. Contact
Privacy questions or data requests: hello@chrp.ai
Effective date: June 1, 2026 · Journey One LLC