Ekorythm LogoEkorythm

Privacy Policy

Your privacy and data security are our highest priorities

Last updated: January 2025

Our Commitment to Your Privacy

At Ekorythm, we believe your personal health and wellness data belongs to you. We are committed to protecting your privacy and ensuring you have complete control over your information. This Privacy Policy explains how we collect, use, protect, and share your information when you use our services.

  • Our Core Promise: We never sell your personal data. Your health information is encrypted and used solely to provide you with personalized insights and support.

Information We Collect

Information You Provide

  • Account Information: Name, email address, password, date of birth, and basic profile information
  • Daily Check-ins: Self-reported metrics like energy levels, mood, stress, focus, and sleep quality
  • Goals and Preferences: Personal goals, coaching style preferences, and focus areas
  • AI Conversations: Messages and interactions with our AI coaching system
  • Journal Entries: Optional reflections and notes you choose to share

Health Data from Connected Services

With your explicit consent, we may collect health and wellness data from:

  • Wearable Devices: Oura Ring, Fitbit, Apple Watch, Garmin devices
  • Health Platforms: Apple Health, Google Fit, Samsung Health
  • Fitness Apps: Strava, MyFitnessPal, and other connected services
  • Productivity Tools: Calendar data for scheduling insights (with permission)

Technical Information

  • Device information, IP address, and browser type
  • Usage patterns and interaction data with our services
  • Location data (only if you grant permission for location-based features)

How We Use Your Information

  • Primary Purpose: All data collection serves one goal - to provide you with personalized insights and support to help you gain control and peace in your daily life.

Core Services

  • Personalized AI Coaching: Provide contextual guidance based on your patterns and preferences
  • Pattern Recognition: Identify correlations between your health data, mood, and productivity
  • Goal Tracking: Monitor progress and provide motivation for your personal objectives
  • Health Insights: Generate meaningful insights from your integrated health data
  • Dashboard and Analytics: Present your data in useful, actionable formats

Service Improvement

  • Improve AI coaching accuracy and personalization
  • Enhance user experience and interface design
  • Develop new features based on user needs
  • Ensure service security and prevent abuse

Data Protection and Security

  • Zero-Knowledge Architecture: Your sensitive health data is encrypted in such a way that even our team cannot access your personal information.

Encryption and Security Measures

  • End-to-End Encryption: All sensitive data is encrypted using industry-standard AES-256 encryption
  • Secure Data Transmission: All data transfers use TLS 1.3 encryption
  • Access Controls: Strict access controls ensure only authorized systems can process your data
  • Regular Security Audits: We conduct regular security assessments and penetration testing
  • Data Minimization: We only collect data that directly benefits your experience

Data Storage and Retention

  • Health data is stored in secure, HIPAA-compliant infrastructure
  • Data is retained only as long as necessary to provide services
  • You can delete your data at any time through your account settings
  • Account deletion results in complete data removal within 30 days

Data Sharing and Disclosure

  • We Never Sell Your Data: Your personal information is never sold, rented, or shared for commercial purposes.

Limited Sharing Scenarios

We only share your information in these specific circumstances:

  • With Your Consent: When you explicitly authorize sharing with healthcare providers or other services
  • Service Providers: Trusted partners who help us operate our services (under strict confidentiality agreements)
  • Legal Requirements: When required by law or to protect user safety (with advance notice when legally permitted)
  • Anonymized Data: Aggregated, non-identifiable data for research and service improvement

Third-Party Integrations

When you connect third-party services (like Oura Ring or Fitbit), we only access the data you explicitly authorize. You can revoke these permissions at any time through your account settings.

Your Rights and Controls

Data Ownership and Control

  • Access: View and download all your personal data at any time
  • Correction: Update or correct your information through account settings
  • Deletion: Delete specific data points or your entire account
  • Portability: Export your data in standard formats
  • Consent Management: Control which data sources we can access

Privacy Controls

  • Granular privacy settings for each data source
  • Control over AI coaching frequency and style
  • Notification preferences and communication controls
  • Ability to pause or limit data collection at any time

Compliance and Regulations

Regulatory Compliance

  • HIPAA: We follow HIPAA guidelines for health information protection
  • GDPR: Full compliance with European data protection regulations
  • CCPA: California Consumer Privacy Act compliance for California residents
  • SOC 2: We maintain SOC 2 Type II certification for data security

International Data Transfers

If you are located outside the United States, we ensure that any international data transfers are protected by appropriate safeguards, including Standard Contractual Clauses and adequacy decisions.

Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email and through our service. Your continued use of our services after such modifications constitutes your acknowledgment of the modified Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: privacy@ekorythm.com
  • Data Protection Officer: dpo@ekorythm.com

For API Partners and Health Data Providers

This Privacy Policy demonstrates our commitment to protecting user data in accordance with the highest industry standards. We implement the same level of data protection as leading health platforms including:

  • Zero-knowledge architecture ensuring even our team cannot access sensitive user data
  • End-to-end encryption for all health and personal information
  • Strict data minimization - we only collect data that directly benefits the user
  • Complete user control over data sharing and deletion
  • No selling or unauthorized sharing of personal information
  • HIPAA, GDPR, and CCPA compliance

We are committed to being a trusted partner in the health data ecosystem and maintaining the highest standards of user privacy and data protection.