First-party comparison. Read the public methodology and corrections policy. PulseWave evidence levels and study limits are mapped in the repository-checked research library.

Why this matters more than you'd think
Wellness data deserves deliberate handling. Under GDPR, information is special-category data when it reveals health; not every listening event or journal field is automatically classified the same way. Context, purpose and inference matter.
- Apple’s Store privacy label and each publisher’s policy answer different questions. The label is developer-supplied; the policy gives more context. Check both, then verify the exact feature because account, sync, analytics and AI can follow different data paths inside one app.
Compare architectures, not a made-up privacy score
Wellness data deserves deliberate handling. Under GDPR, information is special-category data when it reveals health; not every listening event or journal field is automatically classified the same way. Context, purpose and inference matter.
Architecture profile · first-party sources checked
PulseWave
Why it appears here. PulseWave uses an on-device coach via the llama.rn runtime: an open-weights model can be downloaded on demand and inference happens locally. Prompts are not transmitted to an external model provider. The current repository separately stores journal, mood and eligible practice records in an authenticated per-user Firestore record under an anonymous or linked user ID. Final shipping behaviour and entitlements must be confirmed at Store launch.
Where it loses. Newest brand here and still in launch phase. It has a smaller content library than established services and no public Android release is announced on this site.
Best for. Anyone who wants on-device AI inference while accepting separately disclosed Firebase-backed journal and practice records.
Architecture profile · first-party sources checked
myNoise
Why it appears here. myNoise is an adjacent-category soundscape service whose first-party material describes a different account and tracking model from subscription meditation platforms. Check the exact web or app product and current policy before use.
Scope. It is primarily a sound generator, not a direct substitute for guided meditation, breathwork, journaling or coaching.
Fit. Listeners who want detailed sound mixing and are comfortable with the data path described by myNoise.
Architecture profile · first-party sources checked
Insight Timer
Why it appears here. Insight Timer is an established teacher marketplace and cloud content service. Its current account, listening-history, analytics and recommendation practices should be checked in its policy and local Store label.
Architecture trade-off. A cloud catalogue can support cross-device history and recommendations, while creating a broader server-side processing boundary than local-only playback.
Fit. Users who prioritize a large teacher catalogue and accept the current account and data path.
Architecture profile · first-party sources checked
Headspace
Why it appears here. Headspace's consumer app uses cloud services for content, accounts and recommendations. Its separate coaching or clinical offerings should not be assumed to share the same data path; check the exact product, plan and current first-party policy.
Architecture trade-off. Public descriptions of Ebb should be checked alongside the current Headspace policy for prompt processing, account association and retention. Separate consumer, coaching and employer offerings may follow different paths.
Fit. Users who value structured courses or employer access and accept the current product-specific disclosures.
Architecture profile · first-party sources checked
Calm
Source-led profile. Calm is an established cloud service with account-based content, personalisation and service operations described in its current policy. Exact collection and sharing depend on the feature, settings and region; verify the policy and local Store label rather than relying on a category-wide assumption.
Architecture trade-off. A remote, account-based service has a wider processing boundary than a local-only workflow. That is an architectural trade-off, not a finding that Calm misuses data.
Fit. Best for users who value Calm’s current content and service experience and are comfortable with the data path described in its live policy.
Privacy posture, side by side
| Dimension | PulseWave | Insight Timer | Headspace | Calm | Breathwrk |
|---|---|---|---|---|---|
| Named account required for core features | No named account; anonymous Firebase user ID is created | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow |
| AI inference location | On-device (llama.rn) | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow |
| Journal / mood / thought records | Local inference; per-user Firestore storage disclosed separately | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow |
| Eligible practice records stored server-side | Yes — per-user Firestore record under anonymous or linked Firebase ID | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow |
| Third-party advertising partners disclosed in policy | None — no third-party ads | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow |
| Account & data deletion in-app | Implemented in the repository; must be verified against the shipping backend | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow |
| Open-source / inspectable runtime | AI runtime is open-source (llama.rn) | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow | Check the current policy, Store label and in-app flow |
All claims about competitor posture are based on publicly available privacy policies and App Store nutrition labels as of 15 July 2026. Always verify directly — privacy policies update.
What "private" actually means in this category
"Privacy" is a slippery word. For a wellness app it breaks into five questions a careful user should ask:
- Can I use it without a named account? Anonymous Firebase mode still creates a persistent user identifier. Distinguish “no email required” from “no backend identifier.”
- Where does AI inference run? On-device inference means the model prompt is not sent to a remote model provider. Other records may still use cloud storage.
- Are sensitive inputs such as journal and mood records processed where I expect? On-device inference and cloud record storage are separate questions; both need clear disclosure and access controls.
- Are service providers involved? Authentication, storage, analytics, purchases, notifications and model downloads can each add a separate processor and data path.
- Can I delete the account and associated data? Check the in-app route, stated retention exceptions and whether the shipping backend completes deletion end to end.
For PulseWave, the repository answer is: no named account required, local AI inference, Firebase-backed per-user records, several disclosed service providers and an in-app deletion flow that still needs release testing. That is more precise than calling the whole app “local” or “private.”
PulseWave's privacy stance, in one paragraph
The repository creates an anonymous Firebase user without requiring a named account. AI inference runs on the phone, so prompts are not transmitted to an external model provider; journal, mood and eligible practice records can still use the authenticated per-user Firestore record. Apple or Google sign-in can link that identity for continuity. No advertising SDK is declared, and account deletion can be initiated in Settings. The Privacy Policy documents each processor path.
FAQ
Check whether an account is required, where each AI feature runs, whether journals or usage history sync, which analytics or advertising relationships are disclosed, how deletion works and whether the Store privacy label matches the policy. This page compares architecture; it does not certify an app as private.
Do not infer that an app sells data from a category label or this comparison. Read the current policy for sale, sharing, advertising, analytics and service-provider disclosures, then compare it with the Store privacy label and the controls in the shipping app. PulseWave’s public Store label is not live yet.
Cloud AI sends a prompt to the server that runs the model. On-device AI runs the model inside the app, so the prompt is not sent to an external model provider. Separate cloud records still need their own disclosure. PulseWave uses llama.rn for local inference and separately discloses its per-user Firestore records.
The current PulseWave repository creates an anonymous Firebase account by default; linking Apple or Google sign-in is optional. Journal, mood and eligible practice records can use the authenticated per-user Firestore record. Its public App Store sheet is not live, so confirm the shipping flow at launch.
Mood logs, journal entries, sleep timing, listening history and biometric measurements can reveal health or other sensitive information depending on context. GDPR Article 9 applies when personal data reveals health. Check what the app actually collects, why, where it is processed, who receives it and how it can be deleted.