Ahead
Privacy Policy
How we collect, use, and protect your personal data
Effective Date: April 15, 2026
1. Who We Are
Ahead Solutions GmbH
Auguststraße 26, 10117 Berlin, Germany
Email: hi@ahead-app.com
Website: https://www.ahead-app.com
Commercial Register: AG Charlottenburg, HRB 219170 B
We operate the Ahead mobile app (iOS and Android) and website, providing AI-powered emotional intelligence training to users globally. This Privacy Policy applies to all users of our services, regardless of location.
By using our app and services, you confirm that you have read and understood this Privacy Policy and our Terms of Service.
2. Data Protection Contact
For all privacy-related inquiries, requests, or complaints:
Email: hi@ahead-app.com
Mail: Ahead Solutions GmbH, Auguststraße 26, 10117 Berlin, Germany
We respond to all requests within 30 days.
You also have the right to lodge a complaint with your local data protection authority. In Germany, this is the Berliner Beauftragte für Datenschutz und Informationsfreiheit (BlnBDI). In the UK, this is the Information Commissioner's Office (ICO). In Australia, the Office of the Australian Information Commissioner (OAIC). In Canada, the Office of the Privacy Commissioner of Canada (OPC).
3. Your Rights
All Users
• Request access to your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Request restriction of processing
• Withdraw consent at any time (without affecting the lawfulness of prior processing)
EU and UK Users (GDPR / UK GDPR)
• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure / right to be forgotten (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing based on legitimate interest (Art. 21 GDPR)
• Right not to be subject to automated decision-making with legal effects (Art. 22 GDPR)
• Right to lodge a complaint with a supervisory authority
US Users (CCPA/CPRA and State Laws)
• Right to know what personal information is collected, used, disclosed, and sold/shared
• Right to delete personal information
• Right to opt out of the sale or sharing of personal information
• Right to non-discrimination for exercising your privacy rights
• Right to correct inaccurate personal information
• Right to limit use of sensitive personal information
Canadian Users (PIPEDA and Provincial Laws)
• Right to access your personal information
• Right to request correction of inaccurate information
• Right to withdraw consent (subject to legal or contractual restrictions)
Australian Users (Privacy Act 1988)
• Right to access and correct your personal information
• Right to complain about privacy breaches to the OAIC (https://www.oaic.gov.au/)
4. Data We Collect
The following table summarizes the categories of personal data we collect:
| Category | Source | Purpose | Shared With | Retention |
|---|---|---|---|---|
| Name, Email | User input | Account, support | Stripe, Brevo | Until deletion |
| Usage Data (IP, OS, interactions) | Automatic | Product improvement, analytics | Firebase, Mixpanel | 24 months |
| AI Input Data (text, emotional responses) | User input | Personalized content, coaching | Anthropic, Google Gemini | 12 months |
| Marketing Identifiers (cookies, device IDs) | Automatic | Advertising attribution | Meta, LinkedIn, Taboola, Snap | 12 months |
| Payment Info | User input | Purchase processing | Stripe, RevenueCat | Legal duration |
| Survey Data | User input | Research, improvement | Typeform | Until deletion |
We do not collect biometric data, government-issued identifiers, or financial account numbers beyond what is necessary for payment processing (handled by Stripe).
5. How We Use Your Data
• Provide and personalize our services: deliver AI-powered emotional intelligence training, personalized content, and coaching recommendations.
• Process transactions: manage subscriptions, payments, and billing.
• Improve our product: analyze usage patterns to improve features, fix bugs, and develop new content.
• Communicate with you: send transactional emails (purchase confirmations, renewal reminders, cancellation confirmations), and, with your consent, marketing communications.
• Ensure security and prevent fraud: detect unauthorized access, abuse, or violations of our Terms.
• Comply with legal obligations: respond to lawful requests from authorities and comply with applicable law.
• Conduct research: analyze aggregated, anonymized data to advance emotional intelligence science (no individual identification).
6. Legal Bases for Processing (EU/UK Users)
• Contract performance (Art. 6(1)(b) GDPR): Processing necessary to provide you with the Ahead service, including account management, content delivery, and subscription processing.
• Consent (Art. 6(1)(a) GDPR): Processing of emotional input data by AI services (Anthropic, Google Gemini) for personalized content. Marketing communications. Cookies for advertising purposes. You may withdraw consent at any time.
• Legitimate interest (Art. 6(1)(f) GDPR): Product analytics (Mixpanel, Firebase), fraud prevention, and service improvement. Our legitimate interest is to improve and secure our service; we have conducted a balancing assessment to ensure this does not override your rights.
• Legal obligation (Art. 6(1)(c) GDPR): Retention of financial records as required by German tax law (Abgabenordnung).
7. AI Services and Automated Processing
We use artificial intelligence to generate personalized emotional insights, classify emotional patterns, and recommend training content.
AI Providers
• Anthropic Claude (processing region: US)
• Google Gemini / Vertex AI (processing region: US)
What AI Processes
• Text inputs you provide during exercises, reflections, and coaching conversations
• Your emotional response data from app activities
• Onboarding psychometric questionnaire responses
What AI Does NOT Do
• AI does not make automated decisions with legal or similarly significant effects on you (Art. 22 GDPR).
• AI is not used for pricing decisions, credit decisions, or employment decisions.
• AI is not used to deny or limit access to services based on emotional data.
Legal Basis for AI Processing
For EU/UK users: We process emotional input data through AI on the basis of your explicit consent (Art. 6(1)(a) and, where applicable, Art. 9(2)(a) GDPR). You are asked to consent to AI processing during onboarding. You may withdraw this consent at any time by contacting hi@ahead-app.com, though this will limit the personalization features available to you.
For US users (CCPA/CPRA): Emotional data may constitute "sensitive personal information" under CPRA. You have the right to limit the use of sensitive personal information. AI-derived inferences are disclosed in this policy and are not used for discriminatory purposes.
Data Protection Impact Assessment
We have conducted a Data Protection Impact Assessment (DPIA) pursuant to Art. 35 GDPR for our AI processing activities, evaluating the risks to your rights and freedoms and implementing appropriate safeguards including encryption, data minimization, retention limits, and contractual protections with our AI providers.
8. Third-Party Processors (Sub-processors)
We share your data only with processors necessary to operate the Platform. Each is bound by a data processing agreement (DPA) and, where data is transferred outside the EU/UK, Standard Contractual Clauses (SCCs) or equivalent safeguards.
Current Sub-processors
• Hosting and infrastructure: Google Cloud Platform, Firebase (US/EU)
• Payments: Stripe (US), RevenueCat (US)
• Analytics: Mixpanel (US), Firebase Analytics (US)
• Email: Brevo (EU)
• Messaging: WhatsApp Business (Meta, US)
• Advertising: Meta Ads, LinkedIn Ads, Taboola, Snapchat, Pinterest (US)
• UX Research: Hotjar (EU)
• Surveys: Typeform (EU)
• AI Processing: Anthropic (US), Google Gemini / Vertex AI (US)
We maintain a current list of sub-processors and will update this policy when processors change. We will notify you of material changes to our sub-processor list.
9. International Data Transfers
We store and process data in the European Union and the United States. For transfers of personal data from the EU/UK to countries outside the EU/EEA that do not have an adequacy decision, we rely on:
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Additional technical and organizational safeguards including encryption in transit (TLS 1.2+) and at rest, pseudonymization, and access controls
For transfers from the EU to the US, we also rely on the EU-US Data Privacy Framework where our processors are certified participants.
10. Children's Data
The Ahead app is not intended for persons under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe a child under 16 has registered or provided personal data, please contact us at hi@ahead-app.com and we will delete the data promptly.
If you are a parent or guardian and discover that your child has used Ahead without your consent, please contact us and we will take immediate steps to remove their data and terminate their account.
11. Data Retention
• Account data (name, email): Retained while your account is active and deleted within 30 days of account deletion request.
• Usage and analytics data: Retained for up to 24 months in pseudonymized form, then deleted or fully anonymized.
• AI input data (emotional responses, text inputs): Retained for up to 12 months for personalization, then deleted.
• Marketing identifiers and cookies: Retained for up to 12 months.
• Payment and transaction records: Retained as required by German tax law (typically 10 years under Abgabenordnung §147).
• Support communications: Retained for up to 24 months after resolution.
You may request deletion of your data at any time by contacting hi@ahead-app.com or by deleting your account through the app's settings. Deletion requests are processed within 30 days, subject to our legal retention obligations.
12. Cookies and Tracking
We use cookies and similar tracking technologies for:
• Essential cookies: Required for core Platform functionality (e.g., session management, authentication). Legal basis: contract performance.
• Analytics cookies: Used to understand how users interact with the Platform (e.g., Mixpanel, Firebase). Legal basis: legitimate interest.
• Advertising cookies: Used for ad attribution and targeting (e.g., Meta Pixel, LinkedIn Insight Tag). Legal basis: consent.
You can manage cookie preferences via your browser settings or our in-app cookie settings. We honor Global Privacy Control (GPC) signals and Do Not Track (DNT) signals where legally required.
13. Do Not Sell or Share My Personal Information
Ahead does not sell personal data in exchange for monetary consideration.
However, under the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), transmitting personal data to advertising partners (such as Meta, LinkedIn, Taboola, and Snap) for targeted advertising may be classified as "sharing" of personal information.
You may opt out of this sharing by:
• Enabling Global Privacy Control (GPC) in your browser. We honor GPC signals as a valid opt-out request.
• Contacting us at hi@ahead-app.com with the subject line: "Do Not Share My Information."
We will process your opt-out request within 15 business days. Opting out of sharing will not affect your access to the Platform.
14. Security
We implement appropriate technical and organizational measures to protect your personal data, including:
• Encryption in transit (TLS 1.2+) and at rest
• Access controls and authentication for internal systems
• Regular security reviews and vulnerability assessments
• Data minimization and pseudonymization where feasible
• Incident response procedures in compliance with GDPR Art. 33/34 notification requirements
No system is 100% secure. In the event of a data breach that poses a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay as required by applicable law.
15. User-Generated Content and Safety
Ahead allows users to submit personal reflections and free-text input through emotional intelligence activities and AI features. This may constitute user-generated content.
• Acceptance of Terms: By using Ahead, you agree to our Terms of Service, which prohibit abusive, harmful, or objectionable content.
• Moderation: We use automated tools to detect and filter potentially harmful content. We reserve the right to remove such content or suspend violating accounts.
• Reporting: You may report objectionable content by contacting hi@ahead-app.com. We will act on reports within 24 hours.
• Safety: You may request to block sensitive topics or content types.
16. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by email or by posting a notice in the app at least 14 days before the changes take effect. The latest version is always available at https://www.ahead-app.com/privacy.
Continued use of the Platform after changes take effect constitutes acceptance of the updated policy. If you do not agree with the changes, you may delete your account.
17. Contact
Ahead Solutions GmbH
Auguststraße 26, 10117 Berlin, Germany
Email: hi@ahead-app.com
Web: https://www.ahead-app.com
