Yondo

HomeFind TherapistFor BusinessInvest

Privacy Policy

Effective date: October 29, 2025

This Privacy Policy explains how Koodivärk OÜ (“we”, “us”, “our”), an Estonian private limited company (registration no. 17172254), processes personal data in connection with the Yondo platform (the “Service”), including therapy matchmaking, session scheduling, and peer-to-peer video calls powered by LiveKit.

We act as a data controller for most processing described here and comply with the EU General Data Protection Regulation (GDPR) and the Estonian Personal Data Protection Act (IKÜS).

1. Controller and Contact

Koodivärk OÜ
Reg. no. 17172254
Address: Vihitaja tn 1-20, Kristiine linnaosa, Tallinn, Estonia
Email: support@yondo.com
Supervisory authority: Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate)

2. Scope

This Policy applies to all visitors, users, therapists, and enterprise clients using Yondo’s services and applications, including LiveKit-based video communication and data hosted on Railway infrastructure.

3. Categories of Data

  • Account data: name, email, password hash, language, time zone.
  • Profile data: professional qualifications (for therapists), areas of focus, languages, pricing preferences.
  • Session & booking data: appointment times, duration, therapist/client IDs, metadata required for scheduling.
  • Payment data: payment references and invoice details (processed by external PCI-compliant provider; we do not store full card data).
  • LiveKit connection data: ephemeral session tokens, device and network information (IP, ICE candidates, latency, jitter), media statistics required for real-time communication quality. These are not recorded or stored by Yondo unless explicitly consented to (e.g., for enterprise audit or supervision).
  • Communication & support: chat messages, feedback forms, and emails you send us.
  • Cookies & analytics: essential cookies for authentication and security; optional analytics with consent.
  • Optional sensitive data: well-being topics or therapy goals you choose to disclose. These constitute special-category data (Art. 9 GDPR) and are processed only with your explicit consent.

4. Lawful Bases (GDPR Art. 6)

  • Contract: processing necessary to provide the Service, create accounts, enable sessions, and deliver therapy.
  • Consent: for processing health-related data, analytics, marketing, or optional recordings.
  • Legitimate interest: ensure platform security, service reliability, prevent abuse, and perform anonymized statistics.
  • Legal obligation: compliance with accounting, taxation, and consumer-protection laws of Estonia and the EU.

5. Special-Category Data

Any health-related or psychological data you optionally provide (for matching, or in-session notes) are processed solely under explicit consent (Art. 9 (2)(a) GDPR). You can withdraw this consent at any time via account settings or by emailing support@yondo.com. Upon withdrawal, data are securely deleted or anonymized.

6. Peer-to-Peer (P2P) Communication via LiveKit

Yondo uses LiveKit to enable secure, encrypted peer-to-peer (WebRTC) video and audio sessions between clients and therapists.

  • Media (audio/video) traffic is transmitted directly between participants where possible (P2P) and end-to-end encrypted (DTLS-SRTP).
  • LiveKit’s servers may relay media traffic temporarily if network topology requires, but no permanent storage or recording occurs unless explicitly enabled with consent.
  • No automatic or background recording of sessions is performed by default.
  • All LiveKit components run on infrastructure hosted by Railway in data centers located in the European Economic Area (EEA) or jurisdictions providing adequate protection under GDPR Art. 45.

7. Data Storage and Hosting

All persistent data (user accounts, bookings, preferences, encrypted backups) are stored in managed databases hosted on Railway. Railway provides GDPR-compliant infrastructure with encryption at rest (AES-256) and in transit (TLS 1.3).

We have a Data Processing Agreement (DPA) with Railway to ensure data protection standards aligned with GDPR Art. 28.

8. Retention

Data typeRetention period
Account and profile dataActive account + 24 months post-closure
Bookings, invoices7 years (Estonian accounting law)
LiveKit session metadataEphemeral – deleted within 24 hours
Support communicationsUp to 24 months after resolution
Special-category dataUntil consent withdrawn or deleted

9. Processors and Recipients

  • Hosting: Railway (EU-based infrastructure, DPA in place).
  • Video calls: LiveKit (EU data centers; no long-term media storage).
  • Email and notifications: transactional email provider (EU or SCC-protected).
  • Payments: PCI-DSS-certified payment processor (EU).
  • Analytics (optional): privacy-respecting tools using pseudonymized data with consent.

Each processor acts under a written DPA ensuring confidentiality, security, and processing only per our instructions.

10. Your Rights under GDPR / IKÜS

  • Access your data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Erase (“right to be forgotten”, Art. 17)
  • Restrict processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing (Art. 21)
  • Withdraw consent at any time (Art. 7 (3))
  • File a complaint with Andmekaitse Inspektsioon (AKI)

11. International Transfers

If any sub-processor operates outside the EEA, we ensure adequate safeguards under GDPR Art. 45–46, including the EU Commission’s Standard Contractual Clauses (SCCs).

12. Security

We implement appropriate technical and organizational measures including encryption, network isolation, access controls, and regular vulnerability assessments. LiveKit streams use DTLS-SRTP; database storage is encrypted with AES-256. Only authorized personnel with confidentiality obligations may access personal data.

13. Cookies

  • Essential: session authentication, CSRF protection.
  • Preference: language, theme.
  • Analytics: optional and anonymized, used only with consent.

14. Automated Decisions

Yondo does not make legal or similarly significant decisions solely based on automated processing. Matching suggestions are assistive only.

15. Updates

We may update this Privacy Policy periodically. The latest version will always be available at/privacy with the effective date shown above. Material changes will be communicated via in-app notification or email.

16. Contact

For privacy inquiries or to exercise your rights:
Koodivärk OÜ
Vihitaja tn 1-20, Kristiine linnaosa, Tallinn, Estonia
Email: support@yondo.com
Supervisory authority: Andmekaitse Inspektsioon

If there is any discrepancy between translations, the English version prevails.

Document ID: yondo-privacy-v1