On the app's dream input page, it specifies a bit more "Your dreams are private and not stored or collected." - would that cover it? Thanks for your feedback and encouragement!

That is a 'pinky promise', it may well be true and let's assume you are well intentioned but it leaves the door open to you not being trustworthy after all or someone intercepting the data while it is being processed (for instance, by compromising your service).

In order for you to process the dream data you have to at least make a temporary copy. One way to get rid of that is to move the interpretation part to the client side if possible. Another thing you could do is if people are really concerned about the content of a particular dream to suggest they use TOR or some other anonymization (not perfect, I know) service to at least hide their internet location from you, the operator of the service.

Does the app itself run entirely within your own infrastructure or does it call out for part of the work?