Privacy Policy

Effective Date: April 6, 2026

Breath Hero ("we," "us," or "our") operates the Breath Hero mobile application ("App"). This policy explains what we collect, how we use it, and what rights you have.

We collect only what's necessary to run the App. We don't sell your data.

What We Collect

Account info: When you sign in with Apple or Google, we receive your email and display name. If you use Apple's "Hide My Email," we only see the relay address.

Your practice data: Breathing sessions, daily progress, CO2 tests, preferences, and stats. This is the data you create by using the App.

Purchase status: Whether you're on the free or Pro plan. We don't store payment details — that's handled by Apple or Google.

Analytics and crash reports: Anonymized usage events and crash data to help us improve the App and fix bugs. No personal identifiers are attached.

What we don't collect: Location, contacts, photos, microphone, advertising IDs, or browsing history.

How We Use It

• Provide and run the App
• Track your practice and progress
• Verify your purchase status
• Send push notifications (if you opt in)
• Improve the App based on anonymized usage data
• Fix crashes and bugs

We don't use your data for advertising, marketing profiles, or training AI models.

Third Parties

We use a small number of third-party services for authentication, cloud storage, analytics, crash reporting, and purchase verification. Each receives only the minimum data needed for its function.

We don't use any third-party advertising or tracking services.

Data Retention

Your account and practice data are kept until you delete your account. Analytics data is retained per our analytics provider's default settings. Crash reports are retained for 90 days.

Deleting Your Account

You can delete your account at any time: Settings > Delete Account.

There's a 30-day recovery window. After that, your account and all associated data are permanently deleted. Anonymized analytics events that were already collected can't be linked back to you after deletion.

Data Security

All data is encrypted in transit (TLS) and at rest. Access controls ensure you can only read and write your own data. We use OAuth for authentication — we never store passwords.

No system is completely secure, but we take reasonable measures to protect your information.

Children's Privacy

Breath Hero is not directed at children under 13. We don't knowingly collect personal information from children under 13. Users between 13 and 18 need parental or guardian consent.

Your Rights

All users can access their data in the App, delete their account, and opt out of push notifications via device settings.

EEA/UK/Swiss residents have additional rights under GDPR, including access, rectification, erasure, data portability, and the right to object to processing. We respond to requests within 30 days. Your data is stored in the United States on cloud infrastructure with Standard Contractual Clauses in place.

California residents have rights under CCPA/CPRA, including the right to know, delete, and correct. We don't sell or share personal information for advertising.

To exercise any of these rights, email us at the address below.

Push Notifications

We may send reminders about sessions, streaks, and new features. You can opt out any time through your device settings.

Changes to This Policy

When we make material changes, we'll update the effective date and notify you in the App. Continued use after changes constitutes acceptance.