Yudemon HRV App Privacy Policy

Last Updated: July 6, 2025

Overview

Yudemon is designed with privacy at its core. We believe your health and practice data belongs to you, and we've built our app to work entirely on your device without requiring any account or data sharing.

Data Collection by Usage Type

Local-Only Usage (No Account)

When you use Yudemon without creating an account:

  • No personal information is collected or transmitted

  • All data (practice sessions, settings, progress) stays entirely on your device

  • No network communication occurs except for subscription processing

  • We cannot access, view, or recover your data

Account-Based Usage (Optional)

When you choose to create an account:

Required Information

  • Email address only - used for account authentication, recovery, and occasional product updates (you can unsubscribe anytime)

Optional Data (Only if you enable cloud sync)

  • Practice statistics (session counts, duration, streaks)

  • App preferences (breathing rates, session settings, audio levels)

  • Heart rate variability data and session averages

  • Journey mode progress and personal resonance frequency discoveries

Important: Cloud sync is entirely optional. You control exactly what data gets backed up through individual category toggles in your account settings.

How We Use Your Information

Email Addresses

  • Account authentication and password recovery

  • Occasional product updates and feature announcements (unsubscribe anytime)

  • Never shared with third parties

Health and Practice Data

  • Stored securely in your personal, private cloud storage

  • Used primarily to sync your data across your devices

  • May be analyzed in anonymized, aggregated form to improve the app and understand usage patterns

  • Individual data is never shared, sold, or used to identify you personally

  • You can export or delete all data at any time

  • Optional participation in research studies (with separate explicit consent)

Third-Party Services

Firebase (Google)

  • Handles secure account authentication and cloud data storage

  • Your data is stored in your individual, private database

  • Complies with HIPAA and GDPR requirements

  • Google cannot access your personal health data

RevenueCat

  • Processes subscription management across platforms

  • Only receives subscription status, not personal or health data

  • Enables sharing Yudemon Pro across iOS, Android, and other platforms

Apple App Store / Google Play Store

  • Processes subscription payments

  • Shares only necessary transaction information with RevenueCat

  • We do not receive your payment information

Your Data Rights

Access and Control

  • View all your data anytime in the app

  • Export all your data in standard JSON format

  • Choose exactly what data to sync to the cloud

  • Disable cloud sync at any time

Data Deletion

  • Delete your account and all cloud data instantly from within the app

  • Local data remains on your device unless you manually delete the app

  • Automatic deletion of cloud data after account deletion

Data Portability

  • Export your complete practice history, settings, and progress

  • Data provided in machine-readable format for use with other apps

Data Security

Local Storage

  • All data encrypted using iOS/Android system-level security

  • Protected by your device's security (passcode, biometrics)

Cloud Storage

  • Secure encryption during transmission and storage

  • Hosted on Google Cloud (Firebase) with enterprise-grade security

  • Access controls ensure only you can access your data

  • Security managed by Google's infrastructure and monitoring

Geographic Considerations

International Users

  • Data may be stored in Google Cloud facilities worldwide

  • All storage locations comply with applicable privacy laws

  • EU users' data handled in compliance with GDPR

California Residents (CCPA)

  • Right to know what personal information we collect

  • Right to delete personal information

  • Right to opt-out of sale (we never sell data)

  • Right to non-discrimination for exercising these rights

Children's Privacy

  • Yudemon is not intended for children under 13

  • We do not knowingly collect information from children under 13

  • If we learn we have collected such information, we will delete it immediately

Health Data Considerations

  • Heart rate variability data is considered sensitive health information

  • We treat all practice and health data with the highest level of protection

  • Never used for research, marketing, or any purpose beyond your personal use

  • You maintain complete ownership and control of your health data

Changes to This Policy

  • Continued use after changes constitutes acceptance

  • Previous versions available upon request

Data Retention

  • Account data: Retained until you delete your account

  • Local data: Under your complete control on your device

  • Backups: Automatically deleted when you delete your account

  • Anonymized usage statistics: May be retained for app improvement

Contact Information

For privacy questions or to exercise your data rights:

  • Email: privacy@yudemon.com

  • Website: www.yudemon.com

  • Response time: Within 30 days as required by law

Legal Basis for Processing (GDPR)

  • Account creation: Contract performance

  • Cloud sync: Your explicit consent (you can withdraw anytime)

  • App functionality: Legitimate interest in providing the service

  • Communication: Your consent (easily withdrawn)

Key Principle: Yudemon works completely offline and locally by default. All cloud features are optional enhancements that you explicitly choose to enable. Your privacy and data ownership are never compromised.