Privacy Policy

1. Who we are

PulseWave is a personal wellness app developed and operated by HighRoad Software, a company registered in Belgium. In this policy, "we," "us," and "our" refer to HighRoad Software. "You" and "your" refer to anyone who downloads or uses PulseWave.

This policy explains what data PulseWave collects, how it's used, who it's shared with, and what rights you have over it. It applies to the PulseWave iOS app and this website.

If you have questions, our privacy contact is privacy@highroadsoftware.com.

2. Data that stays on your device

These features process data exclusively on your iPhone. Nothing in the list below is transmitted to HighRoad Software or any third party.

• Journal entries and mood check-ins. Everything you write in the PulseWave journal is stored locally in your app's private storage. If you create an account and enable sync, your journal is stored in your personal Firebase document — it is not accessible to us and is not used for any purpose other than syncing it back to your devices.
• AI coaching and thought reframes. PulseWave's coaching engine runs a language model locally on your device using llama.rn. Your journal text and mood entries are analyzed entirely on-device. No data is sent to an external AI service or API.
• Heart rate and camera data. The camera-based heart rate estimation (PPG) uses your rear camera and flash to detect blood volume changes. Video frames are processed in memory and immediately discarded — they are never stored on disk or transmitted anywhere.
• Health data. If you grant HealthKit access, PulseWave can read heart rate variability data from Apple Health to enhance coaching suggestions. This data is read locally and is not sent to our servers.
• Session history and breathing logs. Your practice history is stored locally on your device. If you have an account, it syncs to your private Firestore document (see section 5).

3. Data we do collect

3a. Anonymous analytics

We use Firebase Analytics to understand how PulseWave is used in aggregate. Events include things like "session started," "breathing protocol selected," or "premium screen viewed." These events contain no personal identifiers — no name, email, journal content, or health data. If you decline App Tracking Transparency (ATT) consent, advertising identifiers are not collected.

3b. Crash reports

Firebase Crashlytics collects crash logs when the app fails unexpectedly. Logs include the stack trace, device model, iOS version, and app version. They do not include your name, journal, or any wellness data.

3c. Account data (optional)

PulseWave works without an account. If you choose to sign in with Apple or Google:

• We receive a unique user ID from the identity provider. For Sign in with Apple, Apple may relay a private email address; for Google Sign-In, we receive the email associated with your Google account.
• Your user ID links your Firestore document (session history, program progress, preferences) so you can restore your data on a new device.
• We do not use your email to send marketing communications without your explicit opt-in.

3d. Subscription data

In-app purchases and subscriptions are managed by RevenueCat. When you purchase a subscription, RevenueCat receives your Apple App Store receipt and provides us with your subscription status (active, expired, trial). We do not receive your payment details. RevenueCat's privacy policy is available at revenuecat.com/privacy.

3e. App Tracking Transparency (ATT)

PulseWave requests ATT permission on iOS 14.5 and later. If you grant permission, an advertising identifier (IDFA) may be collected for attribution purposes (to understand which channels drive app installs). If you decline, no advertising identifier is collected. You can change your choice at any time in iPhone Settings → Privacy → Tracking.

4. Legal basis for processing (EU/EEA users)

For users in the European Economic Area, we process data on the following legal bases:

• Legitimate interests — crash reporting and aggregate analytics, which help us maintain and improve the app without identifying individual users.
• Contract performance — processing your account and subscription data to deliver the service you've paid for.
• Consent — App Tracking Transparency (IDFA collection). You can withdraw consent at any time in iPhone Settings.

5. Firebase and cloud storage

HighRoad Software uses Google Firebase (Firebase Auth, Firestore, Analytics, Crashlytics, Remote Config) to support account management, data sync, and app operations.

If you use PulseWave without creating an account, an anonymous Firebase Auth token is created to maintain your session. This token is not linked to any personal identifier.

If you create an account, your Firestore document stores: session history, program progress, breathing protocol favourites, and app preferences. Journal entries are stored in a sub-collection that is only accessible via your authenticated session — HighRoad Software cannot read your journal.

Firebase data is stored on servers in the United States (Google Cloud). For EU users, this represents a transfer outside the EEA covered by Google's standard contractual clauses. You can find Google's data processing terms at firebase.google.com/terms/data-processing-terms.

6. Third-party processors summary

We do not sell your data to any third party. None of the above processors use your data for their own advertising purposes.

7. Children's privacy

PulseWave is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal data through the app, please contact us at privacy@highroadsoftware.com and we will delete it promptly.

8. Data retention

• On-device data (journal, session history, AI coaching): retained until you delete the app or your account.
• Firestore data: retained as long as your account exists. Deleted within 30 days of an account deletion request.
• Analytics events: retained for 14 months in Firebase Analytics (Google's default). No personal data is attached.
• Crash logs: retained for 90 days.
• Subscription records: retained by RevenueCat for as long as needed to manage your subscription and comply with financial regulations.

9. Your rights

Depending on where you live, you may have rights including:

• The right to access the personal data we hold about you.
• The right to correct inaccurate data.
• The right to delete your data (see below).
• The right to restrict or object to certain processing.
• The right to data portability (receiving your data in a machine-readable format).
• For EU/EEA users: the right to lodge a complaint with your national data protection authority.

To exercise any of these rights, contact us at privacy@highroadsoftware.com. We will respond within 30 days.

10. Deleting your account and data

You can request full deletion of your account from within the app: Settings → Account → Delete Account. This action:

• Deletes your Firebase Auth account.
• Deletes your entire Firestore document, including session history, program progress, and journal entries.
• Clears all locally cached app data.

If you cannot access the app, send a deletion request to privacy@highroadsoftware.com with the subject "Account Deletion Request." We will process it within 30 days.

11. Security

We use industry-standard measures to protect your data: HTTPS for all network communications, Firebase security rules that restrict Firestore access to authenticated users only, and no plaintext storage of sensitive data. On-device data benefits from iOS's built-in encryption and app sandbox isolation.

No system is completely secure. If you have a security concern, please email privacy@highroadsoftware.com.

12. Changes to this policy

If we make material changes to this policy, we'll notify you through the app or by email (if we have your address). The "last updated" date at the top of this page reflects the most recent revision. Continuing to use PulseWave after a change takes effect means you accept the updated policy.